tawasuyu/brahman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3fc6dcfa72e4783f03da32b3ab5900b06f483bbd
brahman/crates/init/ente-incarnate/src/cgroup.rs
T
sergio 550c98f275 refactor(monorepo): reorganización lógica + renames + SDDs + split CHANGELOG 
Reorganización física de crates/:
- core/ (mezclaba 6 propósitos) se divide en protocol/, init/, runtime/, compat/
- shared/ (3 crates) se redistribuye en protocol/ e init/
- lapaloma (sub-módulo de ui_engine) se promueve a modules/pineal/

Renames de proyectos:
- shipote → shuma (runtime de sandboxes)
- nouser → akasha (explorador de Mónadas)
- yahweh → nahual (motor GPUI, antes ui_engine/)
- lapaloma → pineal (data-viz agnóstica)

Fraccionamiento UI → core agnóstico:
- vista-core (DeckState + snap, 175 LOC, 5 tests verdes)
- barra-core (Task + render_html + sanitize, 90 LOC, 5 tests verdes)
- vista-web y barra-web ahora son thin DOM bindings

Documentación nueva:
- 16 SDDs por subdirectorio (≤80 LOC c/u): protocol/init/runtime/compat
  + 10 módulos + apps/
- docs/STATUS.md con cifras reales por proyecto
- docs/ROADMAP.md con plan a finalización (6 hitos, ~6-8 semanas)
- CHANGELOG.md particionado en docs/changelog/<proyecto>.md (7 buckets)

Automatización:
- scripts/reorg.py — script idempotente que: git mv directorios, renombra
  package names, recomputa path = refs, reescribe imports rust, actualiza
  workspace Cargo.toml. Soporta --dry-run.
- scripts/split-changelog.py — particiona CHANGELOG por componente.

Validación:
- cargo check --workspace pasa (124 crates + 2 nuevos cores).
- 10 tests adicionales (5 en vista-core + 5 en barra-core) verdes.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-19 14:48:34 +00:00

117 lines
4.0 KiB
Rust
Raw Blame History

//! Resolución y creación de cgroups v2 para el hijo.
use crate::error::IncarnateError;
use brahman_card::{CgroupSpec, ResourceLimits};
use std::path::{Path, PathBuf};
/// Cgroup actual del proceso que llama. Lo usamos como prefijo para paths
/// declarados relativos en `CgroupSpec.path`.
pub fn current_cgroup() -> Option<String> {
let s = std::fs::read_to_string("/proc/self/cgroup").ok()?;
s.lines()
.find_map(|l| l.strip_prefix("0::"))
.map(|s| s.trim().to_string())
}
/// Resuelve un path declarado contra la jerarquía real.
pub fn resolve_cgroup_path(spec_path: &str) -> String {
if spec_path.is_empty() {
return String::new();
}
if spec_path.starts_with('/') {
return spec_path.to_string();
}
let trimmed = spec_path.trim_start_matches('/');
if let Some(cg) = current_cgroup() {
let base = if cg == "/" {
String::new()
} else {
cg.trim_end_matches('/').to_string()
};
format!("{base}/{trimmed}")
} else {
format!("/{trimmed}")
}
}
/// Crea el cgroup declarado y aplica weights. Devuelve el path absoluto
/// resultante bajo `/sys/fs/cgroup`.
pub fn ensure_cgroup(spec: &CgroupSpec) -> Result<PathBuf, IncarnateError> {
let rel = resolve_cgroup_path(&spec.path);
if rel.is_empty() {
return Err(IncarnateError::CgroupNotWritable {
path: PathBuf::from("(empty)"),
});
}
let abs = PathBuf::from(format!("/sys/fs/cgroup{}", rel));
std::fs::create_dir_all(&abs).map_err(|e| match e.kind() {
std::io::ErrorKind::PermissionDenied => IncarnateError::CgroupNotWritable { path: abs.clone() },
_ => IncarnateError::Io(e),
})?;
if let Some(w) = spec.cpu_weight {
let _ = std::fs::write(abs.join("cpu.weight"), format!("{w}\n"));
}
if let Some(w) = spec.io_weight {
// io.weight requiere "default <n>" en cgroup v2.
let _ = std::fs::write(abs.join("io.weight"), format!("default {w}\n"));
}
Ok(abs)
}
/// Escribe `memory.max` y `pids.max` al cgroup según `rlimits`. Falla
/// silenciosamente si los archivos no son escribibles (cgroup no
/// delegated). El kernel hace OOM kill cuando `memory.max` se excede,
/// y bloquea forks cuando `pids.max` se alcanza.
///
/// `memory.max` acepta `max` o un número en bytes. `pids.max` igual.
pub fn apply_rlimits_to_cgroup(cgroup_abs: &Path, rlimits: &ResourceLimits) -> Vec<String> {
let mut applied = Vec::new();
if let Some(mem) = rlimits.mem_bytes {
let path = cgroup_abs.join("memory.max");
match std::fs::write(&path, format!("{mem}\n")) {
Ok(_) => applied.push(format!("memory.max={mem}")),
Err(e) => tracing::warn!(?e, path = %path.display(), "memory.max write failed"),
}
}
if let Some(np) = rlimits.nproc {
let path = cgroup_abs.join("pids.max");
match std::fs::write(&path, format!("{np}\n")) {
Ok(_) => applied.push(format!("pids.max={np}")),
Err(e) => tracing::warn!(?e, path = %path.display(), "pids.max write failed"),
}
}
applied
}
/// Mueve `pid` a `cgroup_abs/cgroup.procs`.
pub fn move_to_cgroup(cgroup_abs: &Path, pid: nix::unistd::Pid) -> Result<(), IncarnateError> {
let procs = cgroup_abs.join("cgroup.procs");
std::fs::write(&procs, format!("{}\n", pid.as_raw())).map_err(|e| match e.kind() {
std::io::ErrorKind::PermissionDenied => IncarnateError::CgroupNotWritable {
path: procs.clone(),
},
_ => IncarnateError::Io(e),
})
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn absolute_path_passthrough() {
assert_eq!(resolve_cgroup_path("/foo/bar"), "/foo/bar");
}
#[test]
fn empty_returns_empty() {
assert_eq!(resolve_cgroup_path(""), "");
}
#[test]
fn relative_path_prefixed() {
let r = resolve_cgroup_path("shuma/ws-1");
assert!(r.ends_with("/shuma/ws-1") || r == "/shuma/ws-1");
}
}
Reference in New Issue View Git Blame Copy Permalink