From 76eca5b4c1be997a93a4febf3d74098c83d9f149 Mon Sep 17 00:00:00 2001 From: Marco Ballesio Date: Wed, 11 Mar 2020 19:21:20 -0700 Subject: [PATCH 1/4] freezer: allow dynamic changes to freezer.state create new profiles to allowing thawing and freezing back the freezer cgroup Bug: 151225245 Test: Manually verified that using the SetTaskProfiles method on the profiles thaws and freezes back the freezer cgroup. Change-Id: I7f3e193ebe79b49c1f6ac52b6138ff4ec26fc570 --- libprocessgroup/profiles/task_profiles.json | 31 +++++++++++++++++++++ rootdir/init.rc | 2 +- 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/libprocessgroup/profiles/task_profiles.json b/libprocessgroup/profiles/task_profiles.json index a515e58c6..bc6bc7c25 100644 --- a/libprocessgroup/profiles/task_profiles.json +++ b/libprocessgroup/profiles/task_profiles.json @@ -49,6 +49,11 @@ "Name": "UClampMax", "Controller": "cpu", "File": "cpu.uclamp.max" + }, + { + "Name": "FreezerState", + "Controller": "freezer", + "File": "frozen/freezer.state" } ], @@ -531,6 +536,32 @@ } } ] + }, + { + "Name": "FreezerThawed", + "Actions": [ + { + "Name": "SetAttribute", + "Params": + { + "Name": "FreezerState", + "Value": "THAWED" + } + } + ] + }, + { + "Name": "FreezerFrozen", + "Actions": [ + { + "Name": "SetAttribute", + "Params": + { + "Name": "FreezerState", + "Value": "FROZEN" + } + } + ] } ], diff --git a/rootdir/init.rc b/rootdir/init.rc index 6ef3bdca6..6fab57250 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -332,7 +332,7 @@ on init chown system system /dev/freezer/frozen/freezer.state chown system system /dev/freezer/frozen/cgroup.procs - chmod 0444 /dev/freezer/frozen/freezer.state + chmod 0664 /dev/freezer/frozen/freezer.state # make the PSI monitor accessible to others chown system system /proc/pressure/memory From 1c755e22c8fac626aec289bff181191e6e87a237 Mon Sep 17 00:00:00 2001 From: Marco Ballesio Date: Tue, 2 Jun 2020 15:35:30 -0700 Subject: [PATCH 2/4] libprocessgroup: switch freezer to cgroup v2 remove cgroup v1 freezer entries from init.rc, add a new cgroup v2 controller and modify plists to properly interact with it. Bug: 154548692 Test: manually verified the the cgroup v1 freezer controller isn't created and a new controller for cgroup v2 is created under the correct sysfs directory. Change-Id: I1b811300ade486f88fdbd157255a7f37750cc54d --- libprocessgroup/profiles/cgroups.json | 24 +++++++++++---------- libprocessgroup/profiles/task_profiles.json | 14 ++++++------ rootdir/init.rc | 10 --------- 3 files changed, 20 insertions(+), 28 deletions(-) diff --git a/libprocessgroup/profiles/cgroups.json b/libprocessgroup/profiles/cgroups.json index 03419020c..451848711 100644 --- a/libprocessgroup/profiles/cgroups.json +++ b/libprocessgroup/profiles/cgroups.json @@ -39,19 +39,21 @@ "Mode": "0755", "UID": "system", "GID": "system" - }, - { - "Controller": "freezer", - "Path": "/dev/freezer", - "Mode": "0755", - "UID": "system", - "GID": "system" } ], "Cgroups2": { - "Path": "/dev/cg2_bpf", - "Mode": "0600", - "UID": "root", - "GID": "root" + "Path": "/sys/fs/cgroup", + "Mode": "0755", + "UID": "system", + "GID": "system", + "Controllers": [ + { + "Controller": "freezer", + "Path": "freezer", + "Mode": "0755", + "UID": "system", + "GID": "system" + } + ] } } diff --git a/libprocessgroup/profiles/task_profiles.json b/libprocessgroup/profiles/task_profiles.json index bc6bc7c25..c4dbf8e55 100644 --- a/libprocessgroup/profiles/task_profiles.json +++ b/libprocessgroup/profiles/task_profiles.json @@ -53,7 +53,7 @@ { "Name": "FreezerState", "Controller": "freezer", - "File": "frozen/freezer.state" + "File": "cgroup.freeze" } ], @@ -79,7 +79,7 @@ "Params": { "Controller": "freezer", - "Path": "frozen" + "Path": "" } } ] @@ -92,7 +92,7 @@ "Params": { "Controller": "freezer", - "Path": "" + "Path": "../" } } ] @@ -538,27 +538,27 @@ ] }, { - "Name": "FreezerThawed", + "Name": "FreezerDisabled", "Actions": [ { "Name": "SetAttribute", "Params": { "Name": "FreezerState", - "Value": "THAWED" + "Value": "0" } } ] }, { - "Name": "FreezerFrozen", + "Name": "FreezerEnabled", "Actions": [ { "Name": "SetAttribute", "Params": { "Name": "FreezerState", - "Value": "FROZEN" + "Value": "1" } } ] diff --git a/rootdir/init.rc b/rootdir/init.rc index 6fab57250..9079fa4b7 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -324,16 +324,6 @@ on init chmod 0664 /dev/cpuset/restricted/tasks chmod 0664 /dev/cpuset/tasks - # freezer cgroup entries - mkdir /dev/freezer/frozen - write /dev/freezer/frozen/freezer.state FROZEN - chown system system /dev/freezer/cgroup.procs - chown system system /dev/freezer/frozen - chown system system /dev/freezer/frozen/freezer.state - chown system system /dev/freezer/frozen/cgroup.procs - - chmod 0664 /dev/freezer/frozen/freezer.state - # make the PSI monitor accessible to others chown system system /proc/pressure/memory chmod 0664 /proc/pressure/memory From 43050baa7f4e7e34cfc11b26e316c890ee0b83cd Mon Sep 17 00:00:00 2001 From: Marco Ballesio Date: Thu, 20 Aug 2020 08:59:09 -0700 Subject: [PATCH 3/4] libprocessgroup: json prototype for cgroups v2 cgroups v2 support introduces new fields in the json format. Adapt the proto file accordingly Bug: 154548692 Test: atest libprocessgroup_proto_test -- Change-Id: I40f8757a8f4e6a0b839caa7faa976dfebf3aac98 --- libprocessgroup/profiles/cgroups.proto | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/libprocessgroup/profiles/cgroups.proto b/libprocessgroup/profiles/cgroups.proto index f4070c550..13adcae07 100644 --- a/libprocessgroup/profiles/cgroups.proto +++ b/libprocessgroup/profiles/cgroups.proto @@ -24,19 +24,24 @@ message Cgroups { Cgroups2 cgroups2 = 2 [json_name = "Cgroups2"]; } -// Next: 6 +// Next: 7 message Cgroup { string controller = 1 [json_name = "Controller"]; string path = 2 [json_name = "Path"]; string mode = 3 [json_name = "Mode"]; string uid = 4 [json_name = "UID"]; string gid = 5 [json_name = "GID"]; +// Booleans default to false when not specified. File reconstruction fails +// when a boolean is specified as false, so leave unspecified in that case +// https://developers.google.com/protocol-buffers/docs/proto3#default + bool needs_activation = 6 [json_name = "NeedsActivation"]; } -// Next: 5 +// Next: 6 message Cgroups2 { string path = 1 [json_name = "Path"]; string mode = 2 [json_name = "Mode"]; string uid = 3 [json_name = "UID"]; string gid = 4 [json_name = "GID"]; + repeated Cgroup controllers = 5 [json_name = "Controllers"]; } From fdc03350f44aba8abfabc9d66a6e20186cc5d8b0 Mon Sep 17 00:00:00 2001 From: Marco Ballesio Date: Fri, 21 Aug 2020 08:00:23 -0700 Subject: [PATCH 4/4] init.rc: remove initializations to cg2_bpf path https://r.android.com/c/1324649/5 moves the cgroup folder to its sysfs path. Directory access rights are defined by kernel code and sepolicy, so remove the initialization lines from init.rc. Test: manually booted the device and verified access rights for /sys/fs/cgroup Bug: 154548692 Change-Id: I67284dc651ed529cae69e413b66c6e1292a2d970 --- rootdir/init.rc | 2 -- 1 file changed, 2 deletions(-) diff --git a/rootdir/init.rc b/rootdir/init.rc index 9079fa4b7..37f911a34 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -338,8 +338,6 @@ on init # This is needed by any process that uses socket tagging. chmod 0644 /dev/xt_qtaguid - chown root root /dev/cg2_bpf - chmod 0600 /dev/cg2_bpf mount bpf bpf /sys/fs/bpf nodev noexec nosuid # Create location for fs_mgr to store abbreviated output from filesystem