[systemd.git] / src / core / cgroup.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include <stdbool.h>

#include "bpf-lsm.h"
#include "cgroup-util.h"
#include "cpu-set-util.h"
#include "list.h"
#include "time-util.h"

typedef struct TasksMax {
        /* If scale == 0, just use value; otherwise, value / scale.
         * See tasks_max_resolve(). */
        uint64_t value;
        uint64_t scale;
} TasksMax;

#define TASKS_MAX_UNSET ((TasksMax) { .value = UINT64_MAX, .scale = 0 })

static inline bool tasks_max_isset(const TasksMax *tasks_max) {
        return tasks_max->value != UINT64_MAX || tasks_max->scale != 0;
}

uint64_t tasks_max_resolve(const TasksMax *tasks_max);

typedef struct CGroupContext CGroupContext;
typedef struct CGroupDeviceAllow CGroupDeviceAllow;
typedef struct CGroupIODeviceWeight CGroupIODeviceWeight;
typedef struct CGroupIODeviceLimit CGroupIODeviceLimit;
typedef struct CGroupIODeviceLatency CGroupIODeviceLatency;
typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight;
typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth;
typedef struct CGroupBPFForeignProgram CGroupBPFForeignProgram;
typedef struct CGroupSocketBindItem CGroupSocketBindItem;

typedef enum CGroupDevicePolicy {
        /* When devices listed, will allow those, plus built-in ones, if none are listed will allow
         * everything. */
        CGROUP_DEVICE_POLICY_AUTO,

        /* Everything forbidden, except built-in ones and listed ones. */
        CGROUP_DEVICE_POLICY_CLOSED,

        /* Everything forbidden, except for the listed devices */
        CGROUP_DEVICE_POLICY_STRICT,

        _CGROUP_DEVICE_POLICY_MAX,
        _CGROUP_DEVICE_POLICY_INVALID = -EINVAL,
} CGroupDevicePolicy;

typedef enum FreezerAction {
        FREEZER_FREEZE,
        FREEZER_THAW,

        _FREEZER_ACTION_MAX,
        _FREEZER_ACTION_INVALID = -EINVAL,
} FreezerAction;

struct CGroupDeviceAllow {
        LIST_FIELDS(CGroupDeviceAllow, device_allow);
        char *path;
        bool r:1;
        bool w:1;
        bool m:1;
};

struct CGroupIODeviceWeight {
        LIST_FIELDS(CGroupIODeviceWeight, device_weights);
        char *path;
        uint64_t weight;
};

struct CGroupIODeviceLimit {
        LIST_FIELDS(CGroupIODeviceLimit, device_limits);
        char *path;
        uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX];
};

struct CGroupIODeviceLatency {
        LIST_FIELDS(CGroupIODeviceLatency, device_latencies);
        char *path;
        usec_t target_usec;
};

struct CGroupBlockIODeviceWeight {
        LIST_FIELDS(CGroupBlockIODeviceWeight, device_weights);
        char *path;
        uint64_t weight;
};

struct CGroupBlockIODeviceBandwidth {
        LIST_FIELDS(CGroupBlockIODeviceBandwidth, device_bandwidths);
        char *path;
        uint64_t rbps;
        uint64_t wbps;
};

struct CGroupBPFForeignProgram {
        LIST_FIELDS(CGroupBPFForeignProgram, programs);
        uint32_t attach_type;
        char *bpffs_path;
};

struct CGroupSocketBindItem {
        LIST_FIELDS(CGroupSocketBindItem, socket_bind_items);
        int address_family;
        int ip_protocol;
        uint16_t nr_ports;
        uint16_t port_min;
};

struct CGroupContext {
        bool cpu_accounting;
        bool io_accounting;
        bool blockio_accounting;
        bool memory_accounting;
        bool tasks_accounting;
        bool ip_accounting;

        /* Configures the memory.oom.group attribute (on unified) */
        bool memory_oom_group;

        bool delegate;
        CGroupMask delegate_controllers;
        CGroupMask disable_controllers;

        /* For unified hierarchy */
        uint64_t cpu_weight;
        uint64_t startup_cpu_weight;
        usec_t cpu_quota_per_sec_usec;
        usec_t cpu_quota_period_usec;

        CPUSet cpuset_cpus;
        CPUSet startup_cpuset_cpus;
        CPUSet cpuset_mems;
        CPUSet startup_cpuset_mems;

        uint64_t io_weight;
        uint64_t startup_io_weight;
        LIST_HEAD(CGroupIODeviceWeight, io_device_weights);
        LIST_HEAD(CGroupIODeviceLimit, io_device_limits);
        LIST_HEAD(CGroupIODeviceLatency, io_device_latencies);

        uint64_t default_memory_min;
        uint64_t default_memory_low;
        uint64_t memory_min;
        uint64_t memory_low;
        uint64_t memory_high;
        uint64_t memory_max;
        uint64_t memory_swap_max;

        bool default_memory_min_set:1;
        bool default_memory_low_set:1;
        bool memory_min_set:1;
        bool memory_low_set:1;

        Set *ip_address_allow;
        Set *ip_address_deny;
        /* These two flags indicate that redundant entries have been removed from
         * ip_address_allow/ip_address_deny, i.e. in_addr_prefixes_reduce() has already been called. */
        bool ip_address_allow_reduced;
        bool ip_address_deny_reduced;

        char **ip_filters_ingress;
        char **ip_filters_egress;
        LIST_HEAD(CGroupBPFForeignProgram, bpf_foreign_programs);

        Set *restrict_network_interfaces;
        bool restrict_network_interfaces_is_allow_list;

        /* For legacy hierarchies */
        uint64_t cpu_shares;
        uint64_t startup_cpu_shares;

        uint64_t blockio_weight;
        uint64_t startup_blockio_weight;
        LIST_HEAD(CGroupBlockIODeviceWeight, blockio_device_weights);
        LIST_HEAD(CGroupBlockIODeviceBandwidth, blockio_device_bandwidths);

        uint64_t memory_limit;

        CGroupDevicePolicy device_policy;
        LIST_HEAD(CGroupDeviceAllow, device_allow);

        LIST_HEAD(CGroupSocketBindItem, socket_bind_allow);
        LIST_HEAD(CGroupSocketBindItem, socket_bind_deny);

        /* Common */
        TasksMax tasks_max;

        /* Settings for systemd-oomd */
        ManagedOOMMode moom_swap;
        ManagedOOMMode moom_mem_pressure;
        uint32_t moom_mem_pressure_limit; /* Normalized to 2^32-1 == 100% */
        ManagedOOMPreference moom_preference;
};

/* Used when querying IP accounting data */
typedef enum CGroupIPAccountingMetric {
        CGROUP_IP_INGRESS_BYTES,
        CGROUP_IP_INGRESS_PACKETS,
        CGROUP_IP_EGRESS_BYTES,
        CGROUP_IP_EGRESS_PACKETS,
        _CGROUP_IP_ACCOUNTING_METRIC_MAX,
        _CGROUP_IP_ACCOUNTING_METRIC_INVALID = -EINVAL,
} CGroupIPAccountingMetric;

/* Used when querying IO accounting data */
typedef enum CGroupIOAccountingMetric {
        CGROUP_IO_READ_BYTES,
        CGROUP_IO_WRITE_BYTES,
        CGROUP_IO_READ_OPERATIONS,
        CGROUP_IO_WRITE_OPERATIONS,
        _CGROUP_IO_ACCOUNTING_METRIC_MAX,
        _CGROUP_IO_ACCOUNTING_METRIC_INVALID = -EINVAL,
} CGroupIOAccountingMetric;

typedef struct Unit Unit;
typedef struct Manager Manager;

usec_t cgroup_cpu_adjust_period(usec_t period, usec_t quota, usec_t resolution, usec_t max_period);

void cgroup_context_init(CGroupContext *c);
void cgroup_context_done(CGroupContext *c);
void cgroup_context_dump(Unit *u, FILE* f, const char *prefix);
void cgroup_context_dump_socket_bind_item(const CGroupSocketBindItem *item, FILE *f);

void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a);
void cgroup_context_free_io_device_weight(CGroupContext *c, CGroupIODeviceWeight *w);
void cgroup_context_free_io_device_limit(CGroupContext *c, CGroupIODeviceLimit *l);
void cgroup_context_free_io_device_latency(CGroupContext *c, CGroupIODeviceLatency *l);
void cgroup_context_free_blockio_device_weight(CGroupContext *c, CGroupBlockIODeviceWeight *w);
void cgroup_context_free_blockio_device_bandwidth(CGroupContext *c, CGroupBlockIODeviceBandwidth *b);
void cgroup_context_remove_bpf_foreign_program(CGroupContext *c, CGroupBPFForeignProgram *p);
void cgroup_context_remove_socket_bind(CGroupSocketBindItem **head);

int cgroup_add_device_allow(CGroupContext *c, const char *dev, const char *mode);
int cgroup_add_bpf_foreign_program(CGroupContext *c, uint32_t attach_type, const char *path);

void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path);

CGroupMask unit_get_own_mask(Unit *u);
CGroupMask unit_get_delegate_mask(Unit *u);
CGroupMask unit_get_members_mask(Unit *u);
CGroupMask unit_get_siblings_mask(Unit *u);
CGroupMask unit_get_ancestor_disable_mask(Unit *u);

CGroupMask unit_get_target_mask(Unit *u);
CGroupMask unit_get_enable_mask(Unit *u);

void unit_invalidate_cgroup_members_masks(Unit *u);

void unit_add_family_to_cgroup_realize_queue(Unit *u);

const char *unit_get_realized_cgroup_path(Unit *u, CGroupMask mask);
char *unit_default_cgroup_path(const Unit *u);
int unit_set_cgroup_path(Unit *u, const char *path);
int unit_pick_cgroup_path(Unit *u);

int unit_realize_cgroup(Unit *u);
void unit_prune_cgroup(Unit *u);
int unit_watch_cgroup(Unit *u);
int unit_watch_cgroup_memory(Unit *u);
void unit_add_to_cgroup_realize_queue(Unit *u);

void unit_release_cgroup(Unit *u);
/* Releases the cgroup only if it is recursively empty.
 * Returns true if the cgroup was released, false otherwise. */
bool unit_maybe_release_cgroup(Unit *u);

void unit_add_to_cgroup_empty_queue(Unit *u);
int unit_check_oomd_kill(Unit *u);
int unit_check_oom(Unit *u);

int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path);

int manager_setup_cgroup(Manager *m);
void manager_shutdown_cgroup(Manager *m, bool delete);

unsigned manager_dispatch_cgroup_realize_queue(Manager *m);

Unit *manager_get_unit_by_cgroup(Manager *m, const char *cgroup);
Unit *manager_get_unit_by_pid_cgroup(Manager *m, pid_t pid);
Unit* manager_get_unit_by_pid(Manager *m, pid_t pid);

uint64_t unit_get_ancestor_memory_min(Unit *u);
uint64_t unit_get_ancestor_memory_low(Unit *u);

int unit_search_main_pid(Unit *u, pid_t *ret);
int unit_watch_all_pids(Unit *u);

int unit_synthesize_cgroup_empty_event(Unit *u);

int unit_get_memory_current(Unit *u, uint64_t *ret);
int unit_get_memory_available(Unit *u, uint64_t *ret);
int unit_get_tasks_current(Unit *u, uint64_t *ret);
int unit_get_cpu_usage(Unit *u, nsec_t *ret);
int unit_get_io_accounting(Unit *u, CGroupIOAccountingMetric metric, bool allow_cache, uint64_t *ret);
int unit_get_ip_accounting(Unit *u, CGroupIPAccountingMetric metric, uint64_t *ret);

int unit_reset_cpu_accounting(Unit *u);
int unit_reset_ip_accounting(Unit *u);
int unit_reset_io_accounting(Unit *u);
int unit_reset_accounting(Unit *u);

#define UNIT_CGROUP_BOOL(u, name)                       \
        ({                                              \
        CGroupContext *cc = unit_get_cgroup_context(u); \
        cc ? cc->name : false;                          \
        })

bool manager_owns_host_root_cgroup(Manager *m);
bool unit_has_host_root_cgroup(Unit *u);

bool unit_has_startup_cgroup_constraints(Unit *u);

int manager_notify_cgroup_empty(Manager *m, const char *group);

void unit_invalidate_cgroup(Unit *u, CGroupMask m);
void unit_invalidate_cgroup_bpf(Unit *u);

void manager_invalidate_startup_units(Manager *m);

const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_;
CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_;

void unit_cgroup_catchup(Unit *u);

bool unit_cgroup_delegate(Unit *u);

int compare_job_priority(const void *a, const void *b);

int unit_get_cpuset(Unit *u, CPUSet *cpus, const char *name);
int unit_cgroup_freezer_action(Unit *u, FreezerAction action);

const char* freezer_action_to_string(FreezerAction a) _const_;
FreezerAction freezer_action_from_string(const char *s) _pure_;
Commit	Line	Data
a032b68d	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
663996b3 MS	2	#pragma once
663996b3 MS	3
e735f4d4 MP	4	#include <stdbool.h>
e735f4d4 MP	5
ea0999c9	6	#include "bpf-lsm.h"
f5e65279	7	#include "cgroup-util.h"
e1f67bc7	8	#include "cpu-set-util.h"
14228c0d	9	#include "list.h"
e735f4d4	10	#include "time-util.h"
663996b3	11
e1f67bc7 MB	12	typedef struct TasksMax {
	13	/* If scale == 0, just use value; otherwise, value / scale.
	14	* See tasks_max_resolve(). */
	15	uint64_t value;
	16	uint64_t scale;
	17	} TasksMax;
	18
	19	#define TASKS_MAX_UNSET ((TasksMax) { .value = UINT64_MAX, .scale = 0 })
	20
	21	static inline bool tasks_max_isset(const TasksMax *tasks_max) {
	22	return tasks_max->value != UINT64_MAX \|\| tasks_max->scale != 0;
	23	}
	24
	25	uint64_t tasks_max_resolve(const TasksMax *tasks_max);
	26
14228c0d MB	27	typedef struct CGroupContext CGroupContext;
14228c0d MB	28	typedef struct CGroupDeviceAllow CGroupDeviceAllow;
aa27b158 MP	29	typedef struct CGroupIODeviceWeight CGroupIODeviceWeight;
aa27b158 MP	30	typedef struct CGroupIODeviceLimit CGroupIODeviceLimit;
6e866b33	31	typedef struct CGroupIODeviceLatency CGroupIODeviceLatency;
14228c0d MB	32	typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight;
14228c0d MB	33	typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth;
8b3d4ff0 MB	34	typedef struct CGroupBPFForeignProgram CGroupBPFForeignProgram;
8b3d4ff0 MB	35	typedef struct CGroupSocketBindItem CGroupSocketBindItem;
663996b3	36
14228c0d	37	typedef enum CGroupDevicePolicy {
e1f67bc7 MB	38	/* When devices listed, will allow those, plus built-in ones, if none are listed will allow
	39	* everything. */
	40	CGROUP_DEVICE_POLICY_AUTO,
663996b3	41
14228c0d	42	/* Everything forbidden, except built-in ones and listed ones. */
e1f67bc7	43	CGROUP_DEVICE_POLICY_CLOSED,
663996b3	44
f2dec872	45	/* Everything forbidden, except for the listed devices */
e1f67bc7	46	CGROUP_DEVICE_POLICY_STRICT,
663996b3	47
14228c0d	48	_CGROUP_DEVICE_POLICY_MAX,
3a6ce677	49	_CGROUP_DEVICE_POLICY_INVALID = -EINVAL,
14228c0d	50	} CGroupDevicePolicy;
663996b3	51
a10f5d05 MB	52	typedef enum FreezerAction {
	53	FREEZER_FREEZE,
	54	FREEZER_THAW,
	55
	56	_FREEZER_ACTION_MAX,
3a6ce677	57	_FREEZER_ACTION_INVALID = -EINVAL,
a10f5d05 MB	58	} FreezerAction;
a10f5d05 MB	59
14228c0d MB	60	struct CGroupDeviceAllow {
	61	LIST_FIELDS(CGroupDeviceAllow, device_allow);
	62	char *path;
	63	bool r:1;
	64	bool w:1;
	65	bool m:1;
	66	};
663996b3	67
aa27b158 MP	68	struct CGroupIODeviceWeight {
	69	LIST_FIELDS(CGroupIODeviceWeight, device_weights);
	70	char *path;
	71	uint64_t weight;
	72	};
	73
	74	struct CGroupIODeviceLimit {
	75	LIST_FIELDS(CGroupIODeviceLimit, device_limits);
	76	char *path;
	77	uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX];
	78	};
	79
6e866b33 MB	80	struct CGroupIODeviceLatency {
	81	LIST_FIELDS(CGroupIODeviceLatency, device_latencies);
	82	char *path;
	83	usec_t target_usec;
	84	};
	85
14228c0d MB	86	struct CGroupBlockIODeviceWeight {
	87	LIST_FIELDS(CGroupBlockIODeviceWeight, device_weights);
	88	char *path;
6300502b	89	uint64_t weight;
663996b3 MS	90	};
663996b3 MS	91
14228c0d MB	92	struct CGroupBlockIODeviceBandwidth {
	93	LIST_FIELDS(CGroupBlockIODeviceBandwidth, device_bandwidths);
	94	char *path;
aa27b158 MP	95	uint64_t rbps;
aa27b158 MP	96	uint64_t wbps;
14228c0d	97	};
663996b3	98
8b3d4ff0 MB	99	struct CGroupBPFForeignProgram {
	100	LIST_FIELDS(CGroupBPFForeignProgram, programs);
	101	uint32_t attach_type;
	102	char *bpffs_path;
	103	};
	104
	105	struct CGroupSocketBindItem {
	106	LIST_FIELDS(CGroupSocketBindItem, socket_bind_items);
67bbd050 MB	107	int address_family;
67bbd050 MB	108	int ip_protocol;
8b3d4ff0 MB	109	uint16_t nr_ports;
	110	uint16_t port_min;
	111	};
	112
14228c0d MB	113	struct CGroupContext {
14228c0d MB	114	bool cpu_accounting;
aa27b158	115	bool io_accounting;
14228c0d MB	116	bool blockio_accounting;
14228c0d MB	117	bool memory_accounting;
6300502b	118	bool tasks_accounting;
f5e65279	119	bool ip_accounting;
663996b3	120
f2dec872 BR	121	/* Configures the memory.oom.group attribute (on unified) */
	122	bool memory_oom_group;
	123
bb4f798a MB	124	bool delegate;
	125	CGroupMask delegate_controllers;
	126	CGroupMask disable_controllers;
	127
aa27b158	128	/* For unified hierarchy */
8a584da2 MP	129	uint64_t cpu_weight;
	130	uint64_t startup_cpu_weight;
	131	usec_t cpu_quota_per_sec_usec;
bb4f798a	132	usec_t cpu_quota_period_usec;
8a584da2	133
e1f67bc7	134	CPUSet cpuset_cpus;
ea0999c9	135	CPUSet startup_cpuset_cpus;
e1f67bc7	136	CPUSet cpuset_mems;
ea0999c9	137	CPUSet startup_cpuset_mems;
e1f67bc7	138
aa27b158 MP	139	uint64_t io_weight;
	140	uint64_t startup_io_weight;
	141	LIST_HEAD(CGroupIODeviceWeight, io_device_weights);
	142	LIST_HEAD(CGroupIODeviceLimit, io_device_limits);
6e866b33	143	LIST_HEAD(CGroupIODeviceLatency, io_device_latencies);
aa27b158	144
f2dec872 BR	145	uint64_t default_memory_min;
f2dec872 BR	146	uint64_t default_memory_low;
6e866b33	147	uint64_t memory_min;
5a920b42 MP	148	uint64_t memory_low;
	149	uint64_t memory_high;
	150	uint64_t memory_max;
8a584da2	151	uint64_t memory_swap_max;
5a920b42	152
ea0999c9 MB	153	bool default_memory_min_set:1;
	154	bool default_memory_low_set:1;
	155	bool memory_min_set:1;
	156	bool memory_low_set:1;
f2dec872	157
ea0999c9 MB	158	Set *ip_address_allow;
	159	Set *ip_address_deny;
	160	/* These two flags indicate that redundant entries have been removed from
	161	* ip_address_allow/ip_address_deny, i.e. in_addr_prefixes_reduce() has already been called. */
	162	bool ip_address_allow_reduced;
	163	bool ip_address_deny_reduced;
f5e65279	164
f2dec872 BR	165	char **ip_filters_ingress;
f2dec872 BR	166	char **ip_filters_egress;
8b3d4ff0	167	LIST_HEAD(CGroupBPFForeignProgram, bpf_foreign_programs);
f2dec872	168
ea0999c9 MB	169	Set *restrict_network_interfaces;
	170	bool restrict_network_interfaces_is_allow_list;
	171
aa27b158	172	/* For legacy hierarchies */
6300502b MP	173	uint64_t cpu_shares;
6300502b MP	174	uint64_t startup_cpu_shares;
663996b3	175
6300502b MP	176	uint64_t blockio_weight;
6300502b MP	177	uint64_t startup_blockio_weight;
14228c0d MB	178	LIST_HEAD(CGroupBlockIODeviceWeight, blockio_device_weights);
14228c0d MB	179	LIST_HEAD(CGroupBlockIODeviceBandwidth, blockio_device_bandwidths);
663996b3	180
14228c0d	181	uint64_t memory_limit;
663996b3	182
14228c0d MB	183	CGroupDevicePolicy device_policy;
14228c0d MB	184	LIST_HEAD(CGroupDeviceAllow, device_allow);
f47781d8	185
8b3d4ff0 MB	186	LIST_HEAD(CGroupSocketBindItem, socket_bind_allow);
	187	LIST_HEAD(CGroupSocketBindItem, socket_bind_deny);
	188
aa27b158	189	/* Common */
e1f67bc7	190	TasksMax tasks_max;
a032b68d MB	191
	192	/* Settings for systemd-oomd */
	193	ManagedOOMMode moom_swap;
	194	ManagedOOMMode moom_mem_pressure;
3a6ce677 BR	195	uint32_t moom_mem_pressure_limit; /* Normalized to 2^32-1 == 100% */
3a6ce677 BR	196	ManagedOOMPreference moom_preference;
14228c0d	197	};
663996b3	198
f5e65279 MB	199	/* Used when querying IP accounting data */
	200	typedef enum CGroupIPAccountingMetric {
	201	CGROUP_IP_INGRESS_BYTES,
	202	CGROUP_IP_INGRESS_PACKETS,
	203	CGROUP_IP_EGRESS_BYTES,
	204	CGROUP_IP_EGRESS_PACKETS,
	205	_CGROUP_IP_ACCOUNTING_METRIC_MAX,
3a6ce677	206	_CGROUP_IP_ACCOUNTING_METRIC_INVALID = -EINVAL,
f5e65279 MB	207	} CGroupIPAccountingMetric;
f5e65279 MB	208
f2dec872 BR	209	/* Used when querying IO accounting data */
	210	typedef enum CGroupIOAccountingMetric {
	211	CGROUP_IO_READ_BYTES,
	212	CGROUP_IO_WRITE_BYTES,
	213	CGROUP_IO_READ_OPERATIONS,
	214	CGROUP_IO_WRITE_OPERATIONS,
	215	_CGROUP_IO_ACCOUNTING_METRIC_MAX,
3a6ce677	216	_CGROUP_IO_ACCOUNTING_METRIC_INVALID = -EINVAL,
f2dec872 BR	217	} CGroupIOAccountingMetric;
f2dec872 BR	218
b012e921 MB	219	typedef struct Unit Unit;
b012e921 MB	220	typedef struct Manager Manager;
663996b3	221
bb4f798a MB	222	usec_t cgroup_cpu_adjust_period(usec_t period, usec_t quota, usec_t resolution, usec_t max_period);
bb4f798a MB	223
14228c0d MB	224	void cgroup_context_init(CGroupContext *c);
14228c0d MB	225	void cgroup_context_done(CGroupContext *c);
e1f67bc7	226	void cgroup_context_dump(Unit u, FILE f, const char *prefix);
8b3d4ff0	227	void cgroup_context_dump_socket_bind_item(const CGroupSocketBindItem item, FILE f);
60f067b4	228
14228c0d	229	void cgroup_context_free_device_allow(CGroupContext c, CGroupDeviceAllow a);
aa27b158 MP	230	void cgroup_context_free_io_device_weight(CGroupContext c, CGroupIODeviceWeight w);
aa27b158 MP	231	void cgroup_context_free_io_device_limit(CGroupContext c, CGroupIODeviceLimit l);
6e866b33	232	void cgroup_context_free_io_device_latency(CGroupContext c, CGroupIODeviceLatency l);
14228c0d MB	233	void cgroup_context_free_blockio_device_weight(CGroupContext c, CGroupBlockIODeviceWeight w);
14228c0d MB	234	void cgroup_context_free_blockio_device_bandwidth(CGroupContext c, CGroupBlockIODeviceBandwidth b);
8b3d4ff0 MB	235	void cgroup_context_remove_bpf_foreign_program(CGroupContext c, CGroupBPFForeignProgram p);
8b3d4ff0 MB	236	void cgroup_context_remove_socket_bind(CGroupSocketBindItem **head);
663996b3	237
6e866b33	238	int cgroup_add_device_allow(CGroupContext c, const char dev, const char *mode);
8b3d4ff0	239	int cgroup_add_bpf_foreign_program(CGroupContext c, uint32_t attach_type, const char path);
6e866b33	240
3a6ce677 BR	241	void cgroup_oomd_xattr_apply(Unit u, const char cgroup_path);
3a6ce677 BR	242
d9dfd233	243	CGroupMask unit_get_own_mask(Unit *u);
52ad194e	244	CGroupMask unit_get_delegate_mask(Unit *u);
d9dfd233	245	CGroupMask unit_get_members_mask(Unit *u);
52ad194e	246	CGroupMask unit_get_siblings_mask(Unit *u);
6e866b33	247	CGroupMask unit_get_ancestor_disable_mask(Unit *u);
d9dfd233 MP	248
	249	CGroupMask unit_get_target_mask(Unit *u);
	250	CGroupMask unit_get_enable_mask(Unit *u);
60f067b4	251
6e866b33	252	void unit_invalidate_cgroup_members_masks(Unit *u);
f5e65279	253
a032b68d	254	void unit_add_family_to_cgroup_realize_queue(Unit *u);
d9dfd233	255
98393f85	256	const char unit_get_realized_cgroup_path(Unit u, CGroupMask mask);
6e866b33	257	char unit_default_cgroup_path(const Unit u);
d9dfd233	258	int unit_set_cgroup_path(Unit u, const char path);
52ad194e	259	int unit_pick_cgroup_path(Unit *u);
d9dfd233	260
14228c0d	261	int unit_realize_cgroup(Unit *u);
d9dfd233 MP	262	void unit_prune_cgroup(Unit *u);
d9dfd233 MP	263	int unit_watch_cgroup(Unit *u);
f2dec872	264	int unit_watch_cgroup_memory(Unit *u);
28085778	265	void unit_add_to_cgroup_realize_queue(Unit *u);
d9dfd233	266
a032b68d MB	267	void unit_release_cgroup(Unit *u);
	268	/* Releases the cgroup only if it is recursively empty.
	269	* Returns true if the cgroup was released, false otherwise. */
	270	bool unit_maybe_release_cgroup(Unit *u);
	271
f5e65279	272	void unit_add_to_cgroup_empty_queue(Unit *u);
a032b68d	273	int unit_check_oomd_kill(Unit *u);
f2dec872	274	int unit_check_oom(Unit *u);
f5e65279	275
98393f85	276	int unit_attach_pids_to_cgroup(Unit u, Set pids, const char *suffix_path);
663996b3	277
14228c0d MB	278	int manager_setup_cgroup(Manager *m);
14228c0d MB	279	void manager_shutdown_cgroup(Manager *m, bool delete);
663996b3	280
f5e65279	281	unsigned manager_dispatch_cgroup_realize_queue(Manager *m);
663996b3	282
14228c0d	283	Unit manager_get_unit_by_cgroup(Manager m, const char *cgroup);
d9dfd233	284	Unit manager_get_unit_by_pid_cgroup(Manager m, pid_t pid);
14228c0d	285	Unit* manager_get_unit_by_pid(Manager *m, pid_t pid);
663996b3	286
f2dec872 BR	287	uint64_t unit_get_ancestor_memory_min(Unit *u);
	288	uint64_t unit_get_ancestor_memory_low(Unit *u);
	289
d9dfd233 MP	290	int unit_search_main_pid(Unit u, pid_t ret);
d9dfd233 MP	291	int unit_watch_all_pids(Unit *u);
663996b3	292
1d42b86d MB	293	int unit_synthesize_cgroup_empty_event(Unit *u);
1d42b86d MB	294
e3bff60a	295	int unit_get_memory_current(Unit u, uint64_t ret);
8b3d4ff0	296	int unit_get_memory_available(Unit u, uint64_t ret);
6300502b	297	int unit_get_tasks_current(Unit u, uint64_t ret);
e3bff60a	298	int unit_get_cpu_usage(Unit u, nsec_t ret);
f2dec872	299	int unit_get_io_accounting(Unit u, CGroupIOAccountingMetric metric, bool allow_cache, uint64_t ret);
f5e65279 MB	300	int unit_get_ip_accounting(Unit u, CGroupIPAccountingMetric metric, uint64_t ret);
	301
	302	int unit_reset_cpu_accounting(Unit *u);
	303	int unit_reset_ip_accounting(Unit *u);
f2dec872 BR	304	int unit_reset_io_accounting(Unit *u);
f2dec872 BR	305	int unit_reset_accounting(Unit *u);
e3bff60a	306
f5e65279 MB	307	#define UNIT_CGROUP_BOOL(u, name) \
	308	({ \
	309	CGroupContext *cc = unit_get_cgroup_context(u); \
	310	cc ? cc->name : false; \
	311	})
d9dfd233	312
6e866b33 MB	313	bool manager_owns_host_root_cgroup(Manager *m);
6e866b33 MB	314	bool unit_has_host_root_cgroup(Unit *u);
1d42b86d	315
ea0999c9 MB	316	bool unit_has_startup_cgroup_constraints(Unit *u);
ea0999c9 MB	317
d9dfd233 MP	318	int manager_notify_cgroup_empty(Manager m, const char group);
d9dfd233 MP	319
6300502b	320	void unit_invalidate_cgroup(Unit *u, CGroupMask m);
f5e65279	321	void unit_invalidate_cgroup_bpf(Unit *u);
6300502b MP	322
	323	void manager_invalidate_startup_units(Manager *m);
	324
14228c0d MB	325	const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_;
14228c0d MB	326	CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_;
98393f85	327
2c6f20ef MB	328	void unit_cgroup_catchup(Unit *u);
2c6f20ef MB	329
98393f85	330	bool unit_cgroup_delegate(Unit *u);
f2dec872 BR	331
f2dec872 BR	332	int compare_job_priority(const void a, const void b);
e1f67bc7 MB	333
e1f67bc7 MB	334	int unit_get_cpuset(Unit u, CPUSet cpus, const char *name);
a10f5d05 MB	335	int unit_cgroup_freezer_action(Unit *u, FreezerAction action);
	336
	337	const char* freezer_action_to_string(FreezerAction a) _const_;
	338	FreezerAction freezer_action_from_string(const char *s) _pure_;