aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Mark <[email protected]>2022-06-20 18:38:47 -0700
committerGravatar Mark <[email protected]>2022-07-03 16:06:08 -0700
commite83e0d7d161f84233eeed8221e8000f6a13b78f2 (patch)
tree79c9c5c148fa4d5365ecf9692650b25043f23079
parentMerge pull request #146 from python-discord/dawnofmidnight/typing-extensions (diff)
Create v1 cgroups as needed
Support creating cpu and net_cls cgroups in addition to mem and pids, since custom configs may use these controllers as well. Create the cgroups only for the controllers that are in-use i.e. have configured limits in the NsJail config. Resolve #101
-rw-r--r--snekbox/utils/cgroup.py31
1 files changed, 25 insertions, 6 deletions
diff --git a/snekbox/utils/cgroup.py b/snekbox/utils/cgroup.py
index b06cdfa..cc16178 100644
--- a/snekbox/utils/cgroup.py
+++ b/snekbox/utils/cgroup.py
@@ -65,16 +65,35 @@ def init(config: NsJailConfig) -> int:
def init_v1(config: NsJailConfig) -> None:
"""
- Create a PID and memory cgroup for NsJail to use as the parent cgroup for each controller.
+ Create cgroups for NsJail to use as the parent cgroup for each in-use controller.
+
+ A controller is in-use if any of its settings (except the mount and parent) have a non-default
+ value in the NsJail config.
NsJail doesn't do this automatically because it requires privileges NsJail usually doesn't
have.
"""
- pids = Path(config.cgroup_pids_mount, config.cgroup_pids_parent)
- mem = Path(config.cgroup_mem_mount, config.cgroup_mem_parent)
-
- pids.mkdir(parents=True, exist_ok=True)
- mem.mkdir(parents=True, exist_ok=True)
+ # If the config doesn't "have" a value, then it's set to the default value, which means the
+ # controller is not being used.
+ if config.HasField("cgroup_cpu_ms_per_sec"):
+ pids = Path(config.cgroup_cpu_mount, config.cgroup_cpu_parent)
+ pids.mkdir(parents=True, exist_ok=True)
+
+ if (
+ config.HasField("cgroup_mem_max")
+ or config.HasField("cgroup_mem_memsw_max")
+ or config.HasField("cgroup_mem_swap_max")
+ ):
+ mem = Path(config.cgroup_mem_mount, config.cgroup_mem_parent)
+ mem.mkdir(parents=True, exist_ok=True)
+
+ if config.HasField("cgroup_net_cls_classid"):
+ net_cls = Path(config.cgroup_net_cls_mount, config.cgroup_net_cls_parent)
+ net_cls.mkdir(parents=True, exist_ok=True)
+
+ if config.HasField("cgroup_pids_max"):
+ pids = Path(config.cgroup_pids_mount, config.cgroup_pids_parent)
+ pids.mkdir(parents=True, exist_ok=True)
def init_v2(config: NsJailConfig) -> None: