Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 2953a9273ea610a18f489b7edb8eafd8e5a38732^! / . / libprocessgroup / task_profiles.cpp
commit2953a9273ea610a18f489b7edb8eafd8e5a38732[log] [tgz]
authorBart Van Assche <bvanassche@google.com>Tue Nov 14 07:33:00 2023 -0800
committerBart Van Assche <bvanassche@google.com>Fri Nov 17 11:37:24 2023 -0800
tree6726e9984a02f8eea6f0e25b7592f7373153994a
parentb190d944690372eafe07e6f24f0e906caeeb4d58 [diff] [blame]
libprocessgroup: Reject JoinCgroup actions for v2 controllers

A JoinCgroup action for a v2 cgroup controller migrates a process or task
from the uid_%d/pid_%d cgroup into another cgroup, e.g. the root cgroup.
This may make services unkillable because Service::Stop() only stops a
service if the uid_%d/pid_%d cgroup still exists when Service::Stop() is
called.

Bug: 309674654
Change-Id: I20b797afdf596125ff5a6ed41cb33fe59b84ac88
Signed-off-by: Bart Van Assche <bvanassche@google.com>

diff --git a/libprocessgroup/task_profiles.cpp b/libprocessgroup/task_profiles.cpp
index fe3c375..d5bd47c 100644
--- a/libprocessgroup/task_profiles.cpp
+++ b/libprocessgroup/task_profiles.cpp

@@ -868,7 +868,13 @@
 
                 auto controller = cg_map.FindController(controller_name);
                 if (controller.HasValue()) {
-                    profile->Add(std::make_unique<SetCgroupAction>(controller, path));
+                    if (controller.version() == 1) {
+                        profile->Add(std::make_unique<SetCgroupAction>(controller, path));
+                    } else {
+                        LOG(WARNING) << "A JoinCgroup action in the " << profile_name
+                                     << " profile is used for controller " << controller_name
+                                     << " in the cgroup v2 hierarchy and will be ignored";
+                    }
                 } else {
                     LOG(WARNING) << "JoinCgroup: controller " << controller_name << " is not found";
                 }