summaryrefslogtreecommitdiff
path: root/vendor/github.com/opencontainers/runc/libcontainer/cgroups
diff options
context:
space:
mode:
authordependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>2021-05-11 06:19:24 +0000
committerGitHub <noreply@github.com>2021-05-11 06:19:24 +0000
commitd71672c57b5e9e41cb526b290b8b3704232e814a (patch)
tree04e0bbc73670649bee252a785f7844e195191699 /vendor/github.com/opencontainers/runc/libcontainer/cgroups
parent57b642525b674f99835b1abf510d1beef7bc0a23 (diff)
downloadpodman-d71672c57b5e9e41cb526b290b8b3704232e814a.tar.gz
podman-d71672c57b5e9e41cb526b290b8b3704232e814a.tar.bz2
podman-d71672c57b5e9e41cb526b290b8b3704232e814a.zip
Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0-rc93 to 1.0.0-rc94. - [Release notes](https://github.com/opencontainers/runc/releases) - [Commits](https://github.com/opencontainers/runc/compare/v1.0.0-rc93...v1.0.0-rc94) Signed-off-by: dependabot[bot] <support@github.com>
Diffstat (limited to 'vendor/github.com/opencontainers/runc/libcontainer/cgroups')
-rw-r--r--vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go36
-rw-r--r--vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/open.go35
-rw-r--r--vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/utils.go48
-rw-r--r--vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go26
4 files changed, 96 insertions, 49 deletions
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go
index a16a68e97..68a346ca5 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go
@@ -7,37 +7,44 @@ import (
)
type Manager interface {
- // Applies cgroup configuration to the process with the specified pid
+ // Apply creates a cgroup, if not yet created, and adds a process
+ // with the specified pid into that cgroup. A special value of -1
+ // can be used to merely create a cgroup.
Apply(pid int) error
- // Returns the PIDs inside the cgroup set
+ // GetPids returns the PIDs of all processes inside the cgroup.
GetPids() ([]int, error)
- // Returns the PIDs inside the cgroup set & all sub-cgroups
+ // GetAllPids returns the PIDs of all processes inside the cgroup
+ // any all its sub-cgroups.
GetAllPids() ([]int, error)
- // Returns statistics for the cgroup set
+ // GetStats returns cgroups statistics.
GetStats() (*Stats, error)
- // Toggles the freezer cgroup according with specified state
+ // Freeze sets the freezer cgroup to the specified state.
Freeze(state configs.FreezerState) error
- // Destroys the cgroup set
+ // Destroy removes cgroup.
Destroy() error
// Path returns a cgroup path to the specified controller/subsystem.
// For cgroupv2, the argument is unused and can be empty.
Path(string) string
- // Sets the cgroup as configured.
- Set(container *configs.Config) error
+ // Set sets cgroup resources parameters/limits. If the argument is nil,
+ // the resources specified during Manager creation (or the previous call
+ // to Set) are used.
+ Set(r *configs.Resources) error
- // GetPaths returns cgroup path(s) to save in a state file in order to restore later.
+ // GetPaths returns cgroup path(s) to save in a state file in order to
+ // restore later.
//
- // For cgroup v1, a key is cgroup subsystem name, and the value is the path
- // to the cgroup for this subsystem.
+ // For cgroup v1, a key is cgroup subsystem name, and the value is the
+ // path to the cgroup for this subsystem.
//
- // For cgroup v2 unified hierarchy, a key is "", and the value is the unified path.
+ // For cgroup v2 unified hierarchy, a key is "", and the value is the
+ // unified path.
GetPaths() map[string]string
// GetCgroups returns the cgroup data as configured.
@@ -46,6 +53,9 @@ type Manager interface {
// GetFreezerState retrieves the current FreezerState of the cgroup.
GetFreezerState() (configs.FreezerState, error)
- // Whether the cgroup path exists or not
+ // Exists returns whether the cgroup path exists or not.
Exists() bool
+
+ // OOMKillCount reports OOM kill count for the cgroup.
+ OOMKillCount() (uint64, error)
}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/open.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/open.go
index 0a7e3d952..49af83b3c 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/open.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/open.go
@@ -5,7 +5,6 @@ import (
"strings"
"sync"
- securejoin "github.com/cyphar/filepath-securejoin"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
@@ -17,7 +16,7 @@ const (
)
var (
- // Set to true by fs unit tests
+ // TestMode is set to true by unit tests that need "fake" cgroupfs.
TestMode bool
cgroupFd int = -1
@@ -71,12 +70,12 @@ func OpenFile(dir, file string, flags int) (*os.File, error) {
flags |= os.O_TRUNC | os.O_CREATE
mode = 0o600
}
+ if prepareOpenat2() != nil {
+ return openFallback(dir, file, flags, mode)
+ }
reldir := strings.TrimPrefix(dir, cgroupfsPrefix)
if len(reldir) == len(dir) { // non-standard path, old system?
- return openWithSecureJoin(dir, file, flags, mode)
- }
- if prepareOpenat2() != nil {
- return openWithSecureJoin(dir, file, flags, mode)
+ return openFallback(dir, file, flags, mode)
}
relname := reldir + "/" + file
@@ -93,11 +92,29 @@ func OpenFile(dir, file string, flags int) (*os.File, error) {
return os.NewFile(uintptr(fd), cgroupfsPrefix+relname), nil
}
-func openWithSecureJoin(dir, file string, flags int, mode os.FileMode) (*os.File, error) {
- path, err := securejoin.SecureJoin(dir, file)
+var errNotCgroupfs = errors.New("not a cgroup file")
+
+// openFallback is used when openat2(2) is not available. It checks the opened
+// file is on cgroupfs, returning an error otherwise.
+func openFallback(dir, file string, flags int, mode os.FileMode) (*os.File, error) {
+ path := dir + "/" + file
+ fd, err := os.OpenFile(path, flags, mode)
if err != nil {
return nil, err
}
+ if TestMode {
+ return fd, nil
+ }
+ // Check this is a cgroupfs file.
+ var st unix.Statfs_t
+ if err := unix.Fstatfs(int(fd.Fd()), &st); err != nil {
+ _ = fd.Close()
+ return nil, &os.PathError{Op: "statfs", Path: path, Err: err}
+ }
+ if st.Type != unix.CGROUP_SUPER_MAGIC && st.Type != unix.CGROUP2_SUPER_MAGIC {
+ _ = fd.Close()
+ return nil, &os.PathError{Op: "open", Path: path, Err: errNotCgroupfs}
+ }
- return os.OpenFile(path, flags, mode)
+ return fd, nil
}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/utils.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/utils.go
index 2e4e837f2..db0caded1 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/utils.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fscommon/utils.go
@@ -35,22 +35,42 @@ func ParseUint(s string, base, bitSize int) (uint64, error) {
return value, nil
}
-// GetCgroupParamKeyValue parses a space-separated "name value" kind of cgroup
-// parameter and returns its components. For example, "io_service_bytes 1234"
-// will return as "io_service_bytes", 1234.
-func GetCgroupParamKeyValue(t string) (string, uint64, error) {
- parts := strings.Fields(t)
- switch len(parts) {
- case 2:
- value, err := ParseUint(parts[1], 10, 64)
- if err != nil {
- return "", 0, fmt.Errorf("unable to convert to uint64: %v", err)
- }
+// ParseKeyValue parses a space-separated "name value" kind of cgroup
+// parameter and returns its key as a string, and its value as uint64
+// (ParseUint is used to convert the value). For example,
+// "io_service_bytes 1234" will be returned as "io_service_bytes", 1234.
+func ParseKeyValue(t string) (string, uint64, error) {
+ parts := strings.SplitN(t, " ", 3)
+ if len(parts) != 2 {
+ return "", 0, fmt.Errorf("line %q is not in key value format", t)
+ }
- return parts[0], value, nil
- default:
- return "", 0, ErrNotValidFormat
+ value, err := ParseUint(parts[1], 10, 64)
+ if err != nil {
+ return "", 0, fmt.Errorf("unable to convert to uint64: %v", err)
}
+
+ return parts[0], value, nil
+}
+
+// GetValueByKey reads a key-value pairs from the specified cgroup file,
+// and returns a value of the specified key. ParseUint is used for value
+// conversion.
+func GetValueByKey(path, file, key string) (uint64, error) {
+ content, err := ReadFile(path, file)
+ if err != nil {
+ return 0, err
+ }
+
+ lines := strings.Split(string(content), "\n")
+ for _, line := range lines {
+ arr := strings.Split(line, " ")
+ if len(arr) == 2 && arr[0] == key {
+ return ParseUint(arr[1], 10, 64)
+ }
+ }
+
+ return 0, nil
}
// GetCgroupParamUint reads a single uint64 value from the specified cgroup file.
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
index 840817e39..35ce2c1c2 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
@@ -16,7 +16,7 @@ import (
"time"
"github.com/opencontainers/runc/libcontainer/cgroups/fscommon"
- "github.com/opencontainers/runc/libcontainer/system"
+ "github.com/opencontainers/runc/libcontainer/userns"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
)
@@ -37,7 +37,7 @@ func IsCgroup2UnifiedMode() bool {
var st unix.Statfs_t
err := unix.Statfs(unifiedMountpoint, &st)
if err != nil {
- if os.IsNotExist(err) && system.RunningInUserNS() {
+ if os.IsNotExist(err) && userns.RunningInUserNS() {
// ignore the "not found" error if running in userns
logrus.WithError(err).Debugf("%s missing, assuming cgroup v1", unifiedMountpoint)
isUnified = false
@@ -402,17 +402,6 @@ func WriteCgroupProc(dir string, pid int) error {
// Since the OCI spec is designed for cgroup v1, in some cases
// there is need to convert from the cgroup v1 configuration to cgroup v2
-// the formula for BlkIOWeight is y = (1 + (x - 10) * 9999 / 990)
-// convert linearly from [10-1000] to [1-10000]
-func ConvertBlkIOToCgroupV2Value(blkIoWeight uint16) uint64 {
- if blkIoWeight == 0 {
- return 0
- }
- return uint64(1 + (uint64(blkIoWeight)-10)*9999/990)
-}
-
-// Since the OCI spec is designed for cgroup v1, in some cases
-// there is need to convert from the cgroup v1 configuration to cgroup v2
// the formula for cpuShares is y = (1 + ((x - 2) * 9999) / 262142)
// convert from [2-262144] to [1-10000]
// 262144 comes from Linux kernel definition "#define MAX_SHARES (1UL << 18)"
@@ -450,3 +439,14 @@ func ConvertMemorySwapToCgroupV2Value(memorySwap, memory int64) (int64, error) {
return memorySwap - memory, nil
}
+
+// Since the OCI spec is designed for cgroup v1, in some cases
+// there is need to convert from the cgroup v1 configuration to cgroup v2
+// the formula for BlkIOWeight to IOWeight is y = (1 + (x - 10) * 9999 / 990)
+// convert linearly from [10-1000] to [1-10000]
+func ConvertBlkIOToIOWeightValue(blkIoWeight uint16) uint64 {
+ if blkIoWeight == 0 {
+ return 0
+ }
+ return uint64(1 + (uint64(blkIoWeight)-10)*9999/990)
+}