libprocessgroup: fix uid/pid hierarchy for recovery mode
configure the cgroup v2 hierarchy for recovery mode, and create uid/pid
groups with attributes following the container cgroup directory.
Bug: 168907513
Test: verified correct pid migration in normal and recovery modes
Change-Id: Idc8b96b4db075383a6a2e523c241b0bc632c7030
diff --git a/libprocessgroup/processgroup.cpp b/libprocessgroup/processgroup.cpp
index 2bf48fc..209ccd9 100644
--- a/libprocessgroup/processgroup.cpp
+++ b/libprocessgroup/processgroup.cpp
@@ -421,14 +421,27 @@
static int createProcessGroupInternal(uid_t uid, int initialPid, std::string cgroup) {
auto uid_path = ConvertUidToPath(cgroup.c_str(), uid);
- if (!MkdirAndChown(uid_path, 0750, AID_SYSTEM, AID_SYSTEM)) {
+ struct stat cgroup_stat;
+ mode_t cgroup_mode = 0750;
+ gid_t cgroup_uid = AID_SYSTEM;
+ uid_t cgroup_gid = AID_SYSTEM;
+
+ if (stat(cgroup.c_str(), &cgroup_stat) == 1) {
+ PLOG(ERROR) << "Failed to get stats for " << cgroup;
+ } else {
+ cgroup_mode = cgroup_stat.st_mode;
+ cgroup_uid = cgroup_stat.st_uid;
+ cgroup_gid = cgroup_stat.st_gid;
+ }
+
+ if (!MkdirAndChown(uid_path, cgroup_mode, cgroup_uid, cgroup_gid)) {
PLOG(ERROR) << "Failed to make and chown " << uid_path;
return -errno;
}
auto uid_pid_path = ConvertUidPidToPath(cgroup.c_str(), uid, initialPid);
- if (!MkdirAndChown(uid_pid_path, 0750, AID_SYSTEM, AID_SYSTEM)) {
+ if (!MkdirAndChown(uid_pid_path, cgroup_mode, cgroup_uid, cgroup_gid)) {
PLOG(ERROR) << "Failed to make and chown " << uid_pid_path;
return -errno;
}
diff --git a/libprocessgroup/profiles/cgroups.recovery.json b/libprocessgroup/profiles/cgroups.recovery.json
index 2c63c08..e275252 100644
--- a/libprocessgroup/profiles/cgroups.recovery.json
+++ b/libprocessgroup/profiles/cgroups.recovery.json
@@ -1,2 +1,8 @@
{
+ "Cgroups2": {
+ "Path": "/sys/fs/cgroup",
+ "Mode": "0755",
+ "UID": "root",
+ "GID": "root"
+ }
}