diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-03-18 07:38:35 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-18 07:38:35 +0900 |
commit | 3c45ad24c2cc179da0c01ac1175f58cac4625f77 (patch) | |
tree | ac23e7a40f5021eb1743b629f50c1871625d0ab8 /src | |
parent | 3e6f89e0138d6649f39494f09dcc289ab9ad3c5b (diff) | |
parent | a1f4fd387603673a79a84ca4e5ce25b439b85fe6 (diff) | |
download | systemd-3c45ad24c2cc179da0c01ac1175f58cac4625f77.tar.gz |
Merge pull request #22752 from yuwata/udev-ctrl-manage-sender-pids
udev: enable Delegate=
Diffstat (limited to 'src')
-rw-r--r-- | src/udev/udev-ctrl.c | 10 | ||||
-rw-r--r-- | src/udev/udev-ctrl.h | 8 | ||||
-rw-r--r-- | src/udev/udevadm-control.c | 5 | ||||
-rw-r--r-- | src/udev/udevd.c | 114 |
4 files changed, 61 insertions, 76 deletions
diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c index 2b697c03b3..8adef47732 100644 --- a/src/udev/udev-ctrl.c +++ b/src/udev/udev-ctrl.c @@ -12,7 +12,6 @@ #include "alloc-util.h" #include "errno-util.h" -#include "event-util.h" #include "fd-util.h" #include "format-util.h" #include "io-util.h" @@ -106,13 +105,6 @@ static void udev_ctrl_disconnect(UdevCtrl *uctrl) { uctrl->sock_connect = safe_close(uctrl->sock_connect); } -int udev_ctrl_is_connected(UdevCtrl *uctrl) { - if (!uctrl) - return false; - - return event_source_is_enabled(uctrl->event_source_connect); -} - static UdevCtrl *udev_ctrl_free(UdevCtrl *uctrl) { assert(uctrl); @@ -314,8 +306,6 @@ int udev_ctrl_send(UdevCtrl *uctrl, UdevCtrlMessageType type, const void *data) strscpy(ctrl_msg_wire.value.buf, sizeof(ctrl_msg_wire.value.buf), data); } else if (IN_SET(type, UDEV_CTRL_SET_LOG_LEVEL, UDEV_CTRL_SET_CHILDREN_MAX)) ctrl_msg_wire.value.intval = PTR_TO_INT(data); - else if (type == UDEV_CTRL_SENDER_PID) - ctrl_msg_wire.value.pid = PTR_TO_PID(data); if (!uctrl->connected) { if (connect(uctrl->sock, &uctrl->saddr.sa, uctrl->addrlen) < 0) diff --git a/src/udev/udev-ctrl.h b/src/udev/udev-ctrl.h index 83ef44391d..11fc0b62de 100644 --- a/src/udev/udev-ctrl.h +++ b/src/udev/udev-ctrl.h @@ -4,7 +4,6 @@ #include "sd-event.h" #include "macro.h" -#include "process-util.h" #include "time-util.h" typedef struct UdevCtrl UdevCtrl; @@ -19,12 +18,10 @@ typedef enum UdevCtrlMessageType { UDEV_CTRL_SET_CHILDREN_MAX, UDEV_CTRL_PING, UDEV_CTRL_EXIT, - UDEV_CTRL_SENDER_PID, } UdevCtrlMessageType; typedef union UdevCtrlMessageValue { int intval; - pid_t pid; char buf[256]; } UdevCtrlMessageValue; @@ -42,7 +39,6 @@ UdevCtrl *udev_ctrl_unref(UdevCtrl *uctrl); int udev_ctrl_attach_event(UdevCtrl *uctrl, sd_event *event); int udev_ctrl_start(UdevCtrl *uctrl, udev_ctrl_handler_t callback, void *userdata); sd_event_source *udev_ctrl_get_event_source(UdevCtrl *uctrl); -int udev_ctrl_is_connected(UdevCtrl *uctrl); int udev_ctrl_wait(UdevCtrl *uctrl, usec_t timeout); @@ -79,8 +75,4 @@ static inline int udev_ctrl_send_exit(UdevCtrl *uctrl) { return udev_ctrl_send(uctrl, UDEV_CTRL_EXIT, NULL); } -static inline int udev_ctrl_send_pid(UdevCtrl *uctrl) { - return udev_ctrl_send(uctrl, UDEV_CTRL_SENDER_PID, PID_TO_PTR(getpid_cached())); -} - DEFINE_TRIVIAL_CLEANUP_FUNC(UdevCtrl*, udev_ctrl_unref); diff --git a/src/udev/udevadm-control.c b/src/udev/udevadm-control.c index 720e09a70f..06c61e5c07 100644 --- a/src/udev/udevadm-control.c +++ b/src/udev/udevadm-control.c @@ -87,11 +87,6 @@ int control_main(int argc, char *argv[], void *userdata) { if (r < 0) return log_error_errno(r, "Failed to initialize udev control: %m"); - /* See comments in on_post() in udevd.c. */ - r = udev_ctrl_send_pid(uctrl); - if (r < 0) - return log_error_errno(r, "Failed to send pid of this process: %m"); - while ((c = getopt_long(argc, argv, "el:sSRp:m:t:Vh", options, NULL)) >= 0) switch (c) { case 'e': diff --git a/src/udev/udevd.c b/src/udev/udevd.c index ccd30eea95..c6f6d945c8 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c @@ -28,6 +28,7 @@ #include "sd-event.h" #include "alloc-util.h" +#include "cgroup-setup.h" #include "cgroup-util.h" #include "cpu-set-util.h" #include "dev-setup.h" @@ -48,6 +49,7 @@ #include "mkdir.h" #include "netlink-util.h" #include "parse-util.h" +#include "path-util.h" #include "pretty-print.h" #include "proc-cmdline.h" #include "process-util.h" @@ -85,7 +87,7 @@ typedef struct Manager { sd_event *event; Hashmap *workers; LIST_HEAD(Event, events); - const char *cgroup; + char *cgroup; pid_t pid; /* the process that originally allocated the manager object */ int log_level; @@ -108,8 +110,6 @@ typedef struct Manager { bool stop_exec_queue; bool exit; - - pid_t pid_udevadm; /* pid of 'udevadm control' */ } Manager; typedef enum EventState { @@ -240,6 +240,7 @@ static Manager* manager_free(Manager *manager) { safe_close(manager->inotify_fd); safe_close_pair(manager->worker_watch); + free(manager->cgroup); return mfree(manager); } @@ -1217,10 +1218,6 @@ static int on_ctrl_msg(UdevCtrl *uctrl, UdevCtrlMessageType type, const UdevCtrl log_debug("Received udev control message (EXIT)"); manager_exit(manager); break; - case UDEV_CTRL_SENDER_PID: - log_debug("Received udev control message (SENDER_PID)"); - manager->pid_udevadm = value->pid; - break; default: log_debug("Received unknown udev control message, ignoring"); } @@ -1496,35 +1493,9 @@ static int on_post(sd_event_source *s, void *userdata) { if (manager->exit) return sd_event_exit(manager->event, 0); - if (!manager->cgroup) - return 1; - - /* Cleanup possible left-over processes in our cgroup. But do not kill udevadm called by - * ExecReload= in systemd-udevd.service. See #16867. To protect it, the following two ways are - * introduced: - * - * 1. After the connection is accepted, but the PID of udevadm is not received, do not call - * cg_kill(). So, in this period, unwanted process or threads may exist in our cgroup. - * But, it is expected that the PID of the udevadm will be received soon. So, this time - * period should be short enough. - * 2. After the PID of udevadm is received, check the process is active or not, and if it is - * still active, set the PID to the deny list for cg_kill(). Why udev_ctrl_is_connected() is - * not enough? Because the udevadm may be still active after the control socket is - * disconnected. If the process is not active, then clear the PID for later connections. - */ - - if (udev_ctrl_is_connected(manager->ctrl) >= 0 && !pid_is_valid(manager->pid_udevadm)) - return 1; - - _cleanup_set_free_ Set *pids = NULL; - if (pid_is_valid(manager->pid_udevadm)) { - if (pid_is_alive(manager->pid_udevadm)) - (void) set_ensure_put(&pids, NULL, PID_TO_PTR(manager->pid_udevadm)); - else - manager->pid_udevadm = 0; - } - - (void) cg_kill(SYSTEMD_CGROUP_CONTROLLER, manager->cgroup, SIGKILL, CGROUP_IGNORE_SELF, pids, NULL, NULL); + if (manager->cgroup) + /* cleanup possible left-over processes in our cgroup */ + (void) cg_kill(SYSTEMD_CGROUP_CONTROLLER, manager->cgroup, SIGKILL, CGROUP_IGNORE_SELF, NULL, NULL, NULL); return 1; } @@ -1754,12 +1725,63 @@ static int parse_argv(int argc, char *argv[]) { return 1; } -static int manager_new(Manager **ret, int fd_ctrl, int fd_uevent, const char *cgroup) { +static int create_subcgroup(char **ret) { + _cleanup_free_ char *cgroup = NULL, *subcgroup = NULL; + int r; + + if (getppid() != 1) + return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Not invoked by PID1."); + + r = sd_booted(); + if (r < 0) + return log_debug_errno(r, "Failed to check if systemd is running: %m"); + if (r == 0) + return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "systemd is not running."); + + /* Get our own cgroup, we regularly kill everything udev has left behind. + * We only do this on systemd systems, and only if we are directly spawned + * by PID1. Otherwise we are not guaranteed to have a dedicated cgroup. */ + + r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 0, &cgroup); + if (r < 0) { + if (IN_SET(r, -ENOENT, -ENOMEDIUM)) + return log_debug_errno(r, "Dedicated cgroup not found: %m"); + return log_debug_errno(r, "Failed to get cgroup: %m"); + } + + r = cg_get_xattr_bool(SYSTEMD_CGROUP_CONTROLLER, cgroup, "trusted.delegate"); + if (IN_SET(r, 0, -ENODATA)) + return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "The cgroup %s is not delegated to us.", cgroup); + if (r < 0) + return log_debug_errno(r, "Failed to read trusted.delegate attribute: %m"); + + /* We are invoked with our own delegated cgroup tree, let's move us one level down, so that we + * don't collide with the "no processes in inner nodes" rule of cgroups, when the service + * manager invokes the ExecReload= job in the .control/ subcgroup. */ + + subcgroup = path_join(cgroup, "/udev"); + if (!subcgroup) + return log_oom_debug(); + + r = cg_create_and_attach(SYSTEMD_CGROUP_CONTROLLER, subcgroup, 0); + if (r < 0) + return log_debug_errno(r, "Failed to create %s subcgroup: %m", subcgroup); + + log_debug("Created %s subcgroup.", subcgroup); + if (ret) + *ret = TAKE_PTR(subcgroup); + return 0; +} + +static int manager_new(Manager **ret, int fd_ctrl, int fd_uevent) { _cleanup_(manager_freep) Manager *manager = NULL; + _cleanup_free_ char *cgroup = NULL; int r; assert(ret); + (void) create_subcgroup(&cgroup); + manager = new(Manager, 1); if (!manager) return log_oom(); @@ -1767,7 +1789,7 @@ static int manager_new(Manager **ret, int fd_ctrl, int fd_uevent, const char *cg *manager = (Manager) { .inotify_fd = -1, .worker_watch = { -1, -1 }, - .cgroup = cgroup, + .cgroup = TAKE_PTR(cgroup), }; r = udev_ctrl_new_from_fd(&manager->ctrl, fd_ctrl); @@ -1912,7 +1934,6 @@ static int main_loop(Manager *manager) { } int run_udevd(int argc, char *argv[]) { - _cleanup_free_ char *cgroup = NULL; _cleanup_(manager_freep) Manager *manager = NULL; int fd_ctrl = -1, fd_uevent = -1; int r; @@ -1969,24 +1990,11 @@ int run_udevd(int argc, char *argv[]) { if (r < 0 && r != -EEXIST) return log_error_errno(r, "Failed to create /run/udev: %m"); - if (getppid() == 1 && sd_booted() > 0) { - /* Get our own cgroup, we regularly kill everything udev has left behind. - * We only do this on systemd systems, and only if we are directly spawned - * by PID1. Otherwise we are not guaranteed to have a dedicated cgroup. */ - r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 0, &cgroup); - if (r < 0) { - if (IN_SET(r, -ENOENT, -ENOMEDIUM)) - log_debug_errno(r, "Dedicated cgroup not found: %m"); - else - log_warning_errno(r, "Failed to get cgroup: %m"); - } - } - r = listen_fds(&fd_ctrl, &fd_uevent); if (r < 0) return log_error_errno(r, "Failed to listen on fds: %m"); - r = manager_new(&manager, fd_ctrl, fd_uevent, cgroup); + r = manager_new(&manager, fd_ctrl, fd_uevent); if (r < 0) return log_error_errno(r, "Failed to create manager: %m"); |