Simplify cgroup creation

2024-09-21 08:58:04 +03:00 · 2020-05-16 21:21:41 +02:00 · 2020-05-16 21:21:41 +02:00 · 570c443f56
commit 570c443f56
parent 7bdcf43b40
3 changed files with 35 additions and 37 deletions
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@ -2375,30 +2375,17 @@ void DerivationGoal::startBuilder()

 #if __linux__
    if (useChroot) {
-        /* Create a cgroup. */
+        /* Create a systemd cgroup since that's the minimum required
+           by systemd-nspawn. */
        // FIXME: do we want to use the parent cgroup? We should
        // always use the same cgroup regardless of whether we're the
        // daemon or run from a user session via sudo.
-        std::string msg;
-        std::vector<Path> cgroups;
-        for (auto & line : tokenizeString<std::vector<std::string>>(readFile("/proc/self/cgroup"), "\n")) {
-            static std::regex regex("([0-9]+):([^:]*):(.*)");
-            std::smatch match;
-            if (!std::regex_match(line, match, regex))
-                throw Error("invalid line '%s' in '/proc/self/cgroup'", line);
+        auto ourCgroups = getCgroups("/proc/self/cgroup");
+        auto systemdCgroup = ourCgroups["systemd"];
+        if (systemdCgroup == "")
+            throw Error("'systemd' cgroup does not exist");

-            /* We only create a systemd cgroup, since that's enough
-               for running systemd-nspawn. */
-            std::string name;
-            if (match[2] == "name=systemd")
-                name = "systemd";
-            //else if (match[2] == "")
-            //    name = "unified";
-            else continue;
-
-            std::string cgroup = match[3];
-
-            auto hostCgroup = canonPath("/sys/fs/cgroup/" + name + "/" + cgroup);
+        auto hostCgroup = canonPath("/sys/fs/cgroup/systemd/" + systemdCgroup);

        if (!pathExists(hostCgroup))
            throw Error("expected cgroup directory '%s'", hostCgroup);
@ -2412,13 +2399,6 @@ void DerivationGoal::startBuilder()

        chownToBuilder(childCgroup);
        chownToBuilder(childCgroup + "/cgroup.procs");
-            if (name == "unified") {
-                chownToBuilder(childCgroup + "/cgroup.threads");
-                chownToBuilder(childCgroup + "/cgroup.subtree_control");
-            }
-
-            cgroups.push_back(childCgroup);
-        }

        /* Set up private namespaces for the build:

@ -2545,7 +2525,6 @@ void DerivationGoal::startBuilder()
            throw SysError("getting sandbox mount namespace");

        /* Move the child into its own cgroup. */
-        for (auto & childCgroup : cgroups)
        writeFile(childCgroup + "/cgroup.procs", fmt("%d", (pid_t) pid));

        /* Signal the builder that we've updated its user namespace. */
--- a/src/libstore/cgroup.cc
+++ b/src/libstore/cgroup.cc
@ -9,6 +9,23 @@

 namespace nix {

+std::map<std::string, std::string> getCgroups(const Path & cgroupFile)
+{
+    std::map<std::string, std::string> cgroups;
+
+    for (auto & line : tokenizeString<std::vector<std::string>>(readFile(cgroupFile), "\n")) {
+        static std::regex regex("([0-9]+):([^:]*):(.*)");
+        std::smatch match;
+        if (!std::regex_match(line, match, regex))
+            throw Error("invalid line '%s' in '%s'", line, cgroupFile);
+
+        std::string name = hasPrefix(match[2], "name=") ? std::string(match[2], 5) : match[2];
+        cgroups.insert_or_assign(name, match[3]);
+    }
+
+    return cgroups;
+}
+
 void destroyCgroup(const Path & cgroup)
 {
    for (auto & entry : readDirectory(cgroup)) {
--- a/src/libstore/cgroup.hh
+++ b/src/libstore/cgroup.hh
@ -6,6 +6,8 @@

 namespace nix {

+std::map<std::string, std::string> getCgroups(const Path & cgroupFile);
+
 void destroyCgroup(const Path & cgroup);

 }