This CL fixes a bug that null names are passed when profiles are set
via android_set_process_profiles. This is because the `profiles_` vector
was initialized with the number of task profiles and then we append the
actual task profile names to the vector. As a result, when {"a", "b"}
was given, the vector ended up having {"", "", "a", "b"}. Fixing this by
correctly using reserve().
Bug: N/A
Test: m
Change-Id: I28d6c2e891b01a2d3a8a88d9d0652fe0dbffac96
The wrapper is to call SetProcessFiles (C++ API) from crosvm via FFI.
Bug: 223790172
Bug: 216788146
Test: m
Change-Id: If342ca0d19deb1cb7ee581bba2cc543385199cbe
Since it is nontrivial which modifies `errno` is modified in
ExecuteForTask(), add a comment that explains this.
Bug: 213617178
Test: Compile-tested only.
Change-Id: I49ce9c8054fdc59e61b2e5f9ffe6f16743a94401
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Revert "Migrate the blkio controller to the cgroup v2 hierarchy"
Revert "Migrate the blkio controller to the cgroup v2 hierarchy"
Revert "Migrate the blkio controller to the cgroup v2 hierarchy"
Revert submission 1962326-blkio-cgroup-v2
Reason for revert: This set of changes is suspected to have caused a redfin boot time regression for the git_tm-dev branch.
Reverted Changes:
Id18d876b6:Migrate the blkio controller to the cgroup v2 hier...
I7dfa52136:Migrate the blkio controller to the v2 cgroup hier...
I5336167be:Migrate the blkio controller to the cgroup v2 hier...
I3f0131d8f:Migrate the blkio controller to the cgroup v2 hier...
Ibb62b2d4d:Migrate the blkio controller to the cgroup v2 hier...
Bug: 227382327
Bug: 227389363
Change-Id: I6c8183ed1c3044c8947c4fca07799deff98101b3
This reverts commit 812d7698d8.
Reason for revert: this patch is suspected to have caused b/227337425.
Bug: 227337425
Bug: 227331047
Change-Id: I4ae26ccf61ad7c63dacc85da878ba0920736951c
This patch preserves the following parameter values:
* Foreground BFQ weight: 100
* Foreground CFQ group_idle: 0
* Foreground CFQ weight: 1000
* Background BFQ weight: 10
* Background CFQ group_idle: 0
* Background CFQ weight: 200
The foreground BFQ weight in task_profiles.json is the default BFQ
weight. From
https://www.kernel.org/doc/Documentation/block/bfq-iosched.txt:
"weight (namely blkio.bfq.weight or io.bfq-weight): the weight of the
group inside its parent. Available values: 1..10000 (default 100). The
linear mapping between ioprio and weights, described at the beginning
of the tunable section, is still valid, but all weights higher than
IOPRIO_BE_NR*10 are mapped to ioprio 0."
Bug: 213617178
Test: Booted Android in Cuttlefish and ran the following test:
Test: adb -e shell cat /sys/fs/cgroup/*/*/io.bfq.weight | sort | uniq -c
Test: 22 default 10
Test: 98 default 100
Change-Id: I7dfa521363a316592852fecce9192708c7a90514
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Make it possible to verify whether the memory cgroup controller has been
mounted in the v2 hierarchy by comparing its path with the cgroup v2
path. This patch changes the path of cgroup controllers mounted in the
v2 hierarchy from /sys/fs/cgroup/. into /sys/fs/cgroup (no trailing /.).
Bug: 213617178
Test: Added debug code that prints the path for the memory cgroup in the
Test: v2 hierarchy.
Change-Id: I8a2764a6daae84caecf360a918eab62778e3f546
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Introduce a local variable for an expression that occurs twice. Use
string append instead of string concatenation because the former is more
efficient.
Bug: 213617178
Test: Compile-tested only.
Change-Id: I6e8b9d63b10accb220216dc484dffd18f5c54ce7
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The Linux kernel returns error code EACCES (Permission denied) if either
a cgroup attribute does not exist or if the process that is trying to
write into a cgroup attribute does not have permission to write. In
other words, it is not possible to tell the difference between these two
scenarios by checking the value of 'errno'. Hence this patch that adds a
stat() call to check whether or not a cgroup attribute exists. This
patch makes lines like the following disappear from logcat for optional
cgroup attributes:
03-22 23:16:04.816 616 649 E libprocessgroup: Failed to write '0' to /sys/fs/cgroup/./uid_10077/p
id_1695/io.group_idle: Permission denied
Bug: 213617178
Test: Booted Android in Cuttlefish and inspected logcat.
Change-Id: I6e041dfc34a52c9bdb75a8c70d99ad79b06eee06
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Without this patch attempts to modify the blkio cgroup attributes by
/system/bin/mediaserver fail as follows:
03-23 09:27:59.542 517 1811 E libprocessgroup: Failed to write '100' to /sys/fs/cgroup/./uid_1013/pid_517/io.bfq.weight: Permission denied
This is because the mediaserver process is started as user 'media',
because the mediaserver process is not in the system group and hence
does not have permission to write into a directory with the following
owner, group and permissions:
vsoc_x86_64:/ # ls -ld /sys/fs/cgroup/./uid_1013/pid_517/io.bfq.weight
-rwxrwxr-x 1 system system 0 2022-03-23 09:27 /sys/fs/cgroup/./uid_1013/pid_517/io.bfq.weight
Bug: 213617178
Test: Booted Android in Cuttlefish and inspected logcat.
Change-Id: I788acc9a137ae29898177f492cae2f954a9c811c
Signed-off-by: Bart Van Assche <bvanassche@google.com>
From the stat() man page: "RETURN VALUE On success, zero is returned.
On error, -1 is returned, and errno is set appropriately." Hence check
for failure by checking whether the return value is negative instead of
1.
Bug: 213617178
Test: Booted Android in Cuttlefish and inspected logcat.
Fixes: 9e628a6b42 ("libprocessgroup: fix uid/pid hierarchy for recovery mode")
Change-Id: I774d142058b083403d32b3f6aae4a4b3de00192c
Signed-off-by: Bart Van Assche <bvanassche@google.com>
When using the v1 hierarchy per process memcg directories exist under
/dev/memcg/apps. When using the v2 hierarchy per process memcg
directories exist under /sys/fs/cgroup. Hence this patch that selects
the proper top-level directory depending on the memcg version.
Bug: 213617178
Test: Verified Android operation inside the Cuttlefish emulator.
Change-Id: I7373fb407cb6ad2b1181579691ff54886fd36c24
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Enable the memory_recursiveprot mount option for v2 cgroups because the
v2 memcg documentation mentions the following: "Recursively apply
memory.min and memory.low protection to entire subtrees, without
requiring explicit downward propagation into leaf cgroups. This allows
protecting entire subtrees from one another, while retaining free
competition within those subtrees. This should have been the default
behavior but is a mount-option to avoid regressing setups relying on the
original semantics (e.g. specifying bogusly high 'bypass' protection
values at higher tree levels)."
Source: https://www.kernel.org/doc/Documentation/admin-guide/cgroup-v2.rst
Bug: 213617178
Test: Verified this change inside the Cuttlefish emulator.
Change-Id: Iecd86109d9ecb9d3354f9d28577b147edf7c50a8
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Some but not all memcg v1 attributes exist in the v2 hierarchy. The
following information comes from Shakeel Butt and Kamil Yurtsever,
"cgroup v2 migration at Google", Linux Plumbers Conference 2018
( https://lpc.events/event/2/contributions/204/attachments/143/378/LPC2018-cgroup-v2.pdf ):
v1 v2
-------------------------- ----------
memory.limit_in_bytes memory.max
memory.soft_limit_in_bytes memory.low
Add support for cgroup attributes that have different names in the v1
and v2 hierarchies. Also add those memcg attributes that are used in
lmkd.
Bug: 213617178
Test: Tested lmkd with v1 and v2 memcg.
Change-Id: Ia5c5f02974f3b783d5cdaad85b33169ced8db55f
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Cgroup attributes like io.weight or io.bfq.weight only exist if the
corresponding I/O scheduler has been loaded. Hence add support for
ignoring failures to write to a cgroup attribute that does not exist.
Bug: 213617178
Test: This patch has been tested in combination with patch "Migrate the blkio controller to the cgroup v2 hierarchy".
Change-Id: I5debafabc4dd430a1b98ea343bf3740c764edcc3
Signed-off-by: Bart Van Assche <bvanassche@google.com>
This patch makes the intent of the code more clear without changing any
functionality since uid_t and gid_t are both aliases for uint32_t on
Android systems. See also
https://cs.android.com/android/platform/superproject/+/master:bionic/libc/include/sys/types.h
Bug: 213617178
Test: Compile-tested only.
Change-Id: Ib5012456a7357e79368f00e71e9a280fd6f96063
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Cgroup attributes are set from three different contexts:
(1) From the process that creates the cgroup directories. These
processes are /system/bin/init, zygote and zygote64.
(2) From the created process. Some but not all created processes have
user ID and/or group ID 'system'.
(3) The system_server process modifies certain cgroup attributes from
other processes.
Allow all processes from the system group, including system_server, to
modify cgroup attributes from other processes. As one can see in
init.rc, that file includes commands for granting the system group
write permission for blkcg attributes. See also
https://cs.android.com/android/platform/superproject/+/master:system/core/rootdir/init.rc
Bug: 213617178
Test: Verified in the Cuttlefish emulator that this patch makes the
Test: io.bfq.weight write errors disappear from logcat.
Change-Id: Idbfb49c25afec12b21daea7a17db5322bc981ff0
Signed-off-by: Bart Van Assche <bvanassche@google.com>
cgroups.json causes the following changes to be applied twice to
/sys/fs/cgroup: change user ID to system, change group ID to system and
change mode to 0755. Apply these settings once instead of twice.
Bug: 213617178
Test: Ran ls -ld /sys/fs/cgroup in Cuttlefish.
Change-Id: Ieb953c186c027b989599cbbaa70a9c9324678cdf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Currently, there is no distinguish between SetTaskProfiles and
SetProcessProfiles in WriteFileAction because they use the same task
path. Add ProcFilePath attribute so that WriteFileAction could use
a separate path for process in SetProcessProfiles.
Bug: 218684257
Test: function works
Change-Id: I004b8c8799240c54f1ef1fed0566fa5057341cf4
Add support for querying the task profile and action names at runtime.
Log more information with verbose logging enabled. The additional
logging statements make it easier to verify whether changes in
task_profiles.json work as expected.
Bug: 213617178
Test: Booted Android in Cuttlefish.
Change-Id: I175e46d142bb015732b135952fdbeb9986f20ee3
Signed-off-by: Bart Van Assche <bvanassche@google.com>
This patch does not change any functionality but makes it easier to add
unit tests in a later patch.
Bug: 213617178
Test: Compile-tested only.
Change-Id: I6fbbb3297795c9d7ece8fb3263b3a9b0e5115b18
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Provide context information to make it easier to map error messages to
the source code that reported these error messages.
Bug: 213617178
Test: Booted Android in Cuttlefish and verified the error messages in logcat.
Change-Id: I22e6d91476d91dcf32bafe5ead922e5652136584
Signed-off-by: Bart Van Assche <bvanassche@google.com>
This patch implements the following advice from the Google C++ Style
Guide: "Explicitly annotate overrides of virtual functions or virtual
destructors with exactly one of an override or (less frequently) final
specifier. Do not use virtual when declaring an override. Rationale: A
function or destructor marked override or final that is not an override
of a base class virtual function will not compile, and this helps catch
common errors. The specifiers serve as documentation; if no specifier is
present, the reader has to check all ancestors of the class in question
to determine if the function or destructor is virtual or not."
Bug: 213617178
Test: Booted Android in Cuttlefish.
Change-Id: Iabe7ecd91a2c09a77922c60ff4a00314da509d4a
Signed-off-by: Bart Van Assche <bvanassche@google.com>
The C++ string concatenation operator is inefficient because it always
allocates a new string, even in cases where std::string::apppend() does
not allocate a new string. Hence this patch that replaces string
concatenation with a call to std::string::append().
Bug: 213617178
Test: Booted Android in Cuttlefish.
Change-Id: I79bdb89e957d3cfb40e48ef00c3e5576b4f533a5
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Unify the Darwin and Linux class declarations. Move all #ifdefs for this
class into the .cpp file. This patch does not change any functionality.
Bug: 213617178
Test: Booted Android in Cuttlefish.
Change-Id: I6a3cedc75c2dbf8aa062edda76cae9959767a763
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Process profiles operating on paths that do not depend on pid or uid of
the process can cache the fd of the file they are operating on. Add
support for fd caching similar to how SetTaskProfiles caches the fd
of the file it needs to write to.
Bug: 215557553
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ie73ebcbbf1919d90409f40c1f6b08743f4edf97c
Refactor file descriptor caching code and move it into FdCacheHelper
because later on when we introduce fd caching for SetProcessProfiles
the children of CachedFdProfileAction become different enough that
sharing the same parent becomes a hindrance.
Bug: 215557553
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: If3812a0090c81a29e25f0888b0511cfaf48edea3
Since vendor has a way to override the group cpu/schedtune setup, we
cannot assume the group will always return valid data. This CL let
get_sched_policy to fallback to cpuset if no valid data found in
cpu/schedtune cgroup. In longer term, we should find a way to cache the
group or app's process state in framework other than relying on reading
cgroup back.
Test: /data/nativetest64/libcutils_test/libcutils_test
Bug: 210066228
Signed-off-by: Wei Wang <wvw@google.com>
Merged-In: I8b4396365a7fc2d93e3a22746195585c140eef3c
Change-Id: I8b4396365a7fc2d93e3a22746195585c140eef3c
(cherry picked from commit c8c0b5415c14af56277f5e543ebff5fbba7fb7b2)
Using WriteStringToFile will hold kernfs_mutex which is a big lock,
so use WriteStringToFd instead. Besides, also support fd cache for it.
Bug: 206970384
Test: build pass
Change-Id: Id79f9e1095f52079393c58edb9a4d526f4cc6b5e
Add new CgroupGetControllerFromPath function to retrieve the name of the
cgroup using a file path. If the file does not belong to any cgroup, the
function returns false.
Bug: 191283136
Test: build and boot
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ic17a474cb25a80a3339b33ed8bc27b07af053abb
UserLifecycleTests test disables all Little cores in the course of the
test, which causes attempts to add a process into /dev/cpuset/restricted
cpuset cgroup to fail with ENOSPC error code, indicating that a process
is joining a cpuset cgroup with no online cpus. Current libprocessgroup
implementation will log an error on each such occurrence, which spams
the logs and makes it hard to analyze test results. Because this
situation does not happen in production environment (we do not offline
cpus), we can prevent flooding the logs by identifying this case,
logging an appropriate error one time and ignore all later similar errors.
Bug: 158766131
Test: adb shell "echo 0 > /sys/devices/system/cpu/cpu[0-3]/online"
Test: start some apps, observe libprocessgroup errors in the logcat
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ia91d8839d86787569c255481bde077be51c43d93
Create a new group for dex2oat in cpu cgroup, which is dedicated for
dex2oat processes. Also modify task profiles for this change.
Bug: 201223712
Test: dex2oat group created
Change-Id: Ic61f4b8a64d01c03549b680970805e12b9ce4fcc
Since we are adding SCHED_SP_SYSTEM into framework, the policy is needed
on older releases as well.
Bug: 201428466
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I0784820bfec84fd8ef98f2feb2caee084d0a14a2
When creating uid/pid hierarchy, cgroup.subtree_control should be set at
every level of that hierarchy except for the leaf level.
Bug: 195149205
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Iedc2e859715b31db62158c85016708f252db2b70
Since installation time is also critical and sometime we want a finer
control on its behavior for vendor. Instead of set dex2oat to background
group, add a new task profile.
The default policy is to mirror SP_BACKGROUND to be compatible with
legacy devices.
Test: Boot
Bug: 188947181
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I7d5e113d1c368205f712eadad27775de226131ce
(cherry picked from commit 3745ce7aa8)
When a new process is launched it ensures that all files under its uid/
and uid/pid hierarchy are accessible by the user/group of that process.
If the directory already exists that means the access permissions have
been already set before, therefore we do not need to reset them again.
This also avoids a race between two processes in the same uid with one
process being launched and walking the uid/ directory while the other
process is being killed and changing the content of that directory. In
such a race the process walking uid/ might find the uid/pid directory of
the process being killed but by the time it tries to set its permissions
the directory might be removed because the process got killed. The
change eliminates the possibility of this race.
Bug: 192421915
Bug: 192512069
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I182298c36f6b0b4580ab59e440bd3aea16f5fbfe
Merged-In: I182298c36f6b0b4580ab59e440bd3aea16f5fbfe