cgroup: avoid using pid for cgroup name (#91)

This commit eliminates all issues around pid reuse in the cgroup name. Normally, the native cgroup cleaner (or systemd) would be responsible for garbage-collecting the cgroup of a previous bst invocation, but if we burn enough PIDs fast enough, it's also entirely possible for a new bst to start while the cleaner of an older invocation is busy cleaning up the old cgroup. To fix the problem, we use a random 128-bit identifier instead of the pid in the name of the cgroup.
aristanetworks · Jan 23, 2024 · e352189 · e352189
1 parent 7512a79
commit e352189
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/outer.c b/outer.c
@@ -17,6 +17,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <sys/mount.h>
+#include <sys/random.h>
 #include <unistd.h>
 
 #include "capable.h"
@@ -300,8 +301,18 @@ void outer_helper_spawn(struct outer_helper *helper)
 	}
 
 	if (cgroup_driver_rc >= 0 && helper->cgroup_path != NULL) {
+		uint64_t id[2];
+		switch (getrandom(id, sizeof (id), 0)) {
+		case -1:
+			err(1, "outer_helper: getrandom");
+		case sizeof (id):
+			break;
+		default:
+			errx(1, "outer_helper: getrandom: did not return enough bytes");
+		}
+
 		char cgroupstr[PATH_MAX];
-		makepath_r(cgroupstr, "bst-%" PRIi32, child_pid);
+		makepath_r(cgroupstr, "bst-%" PRIx64 "%" PRIx64, id[0], id[1]);
 
 		int cgroupfd = cgroup_join(helper->cgroup_path, cgroupstr);
 		if (cgroupfd == -1) {