/**
* This function will drop all capabilities.
*/
static int drop_caps()
{
if (capng_have_capabilities(cap_set) == CAPNG_NONE)
return 0;
capng_clear(cap_set);
if (capng_lock() == -1 || capng_apply(cap_set) == -1) {
fprintf(stderr, _("Failed to drop all capabilities\n"));
return -1;
}
return 0;
}
int main(int argc, char *argv[])
{
int which = 0, i;
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "--text") == 0)
text = 1;
else if (strcmp(argv[i], "--no-child") == 0)
no_child = 1;
else if (strcmp(argv[i], "--lock") == 0)
lock = 1;
else if (strcmp(argv[i], "--drop-all") == 0)
which = 1;
else if (strcmp(argv[i], "--drop-caps") == 0)
which = 2;
else if (strcmp(argv[i], "--id") == 0)
which = 3;
else if (strcmp(argv[i], "--init-grp") == 0)
which = 4;
else {
usage();
return 0;
}
}
switch (which)
{
case 1:
capng_clear(CAPNG_SELECT_BOTH);
if (lock)
capng_lock();
capng_apply(CAPNG_SELECT_BOTH);
report();
break;
case 2:
capng_clear(CAPNG_SELECT_CAPS);
if (lock)
capng_lock();
capng_apply(CAPNG_SELECT_CAPS);
report();
break;
case 3:
case 4: {
int rc;
capng_clear(CAPNG_SELECT_BOTH);
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
CAP_CHOWN);
if (which == 4)
rc = capng_change_id(99, 99,
CAPNG_INIT_SUPP_GRP | CAPNG_CLEAR_BOUNDING);
else
rc = capng_change_id(99, 99,
CAPNG_DROP_SUPP_GRP | CAPNG_CLEAR_BOUNDING);
if (rc < 0) {
printf("Error changing uid: %d\n", rc);
capng_print_caps_text(CAPNG_PRINT_STDOUT,
CAPNG_EFFECTIVE);
printf("\n");
exit(1);
}
printf("Keeping CAP_CHOWN to show capabilities across uid change.\n");
report();
} break;
case 0:
if (lock)
capng_lock();
report();
break;
}
return 0;
}
int main(int argc, char** argv)
{
if (argc>1 && strstr(argv[1],"debug"))
debug_mode=1;
if (argc>1 && strstr(argv[1],"oneshot"))
one_shot_mode=1;
if (getenv("IRQBALANCE_BANNED_CPUS")) {
cpumask_parse_user(getenv("IRQBALANCE_BANNED_CPUS"), strlen(getenv("IRQBALANCE_BANNED_CPUS")), banned_cpus);
}
if (getenv("IRQBALANCE_ONESHOT"))
one_shot_mode=1;
if (getenv("IRQBALANCE_DEBUG"))
debug_mode=1;
parse_cpu_tree();
/* On single core UP systems irqbalance obviously has no work to do */
if (core_count<2)
exit(EXIT_SUCCESS);
/* On dual core/hyperthreading shared cache systems just do a one shot setup */
if (cache_domain_count==1)
one_shot_mode = 1;
if (!debug_mode)
if (daemon(0,0))
exit(EXIT_FAILURE);
#ifdef HAVE_LIBCAP_NG
// Drop capabilities
capng_clear(CAPNG_SELECT_BOTH);
capng_lock();
capng_apply(CAPNG_SELECT_BOTH);
#endif
parse_proc_interrupts();
sleep(SLEEP_INTERVAL/4);
reset_counts();
parse_proc_interrupts();
pci_numa_scan();
calculate_workload();
sort_irq_list();
if (debug_mode)
dump_workloads();
while (1) {
sleep_approx(SLEEP_INTERVAL);
if (debug_mode)
printf("\n\n\n-----------------------------------------------------------------------------\n");
check_power_mode();
parse_proc_interrupts();
/* cope with cpu hotplug -- detected during /proc/interrupts parsing */
if (need_cpu_rescan) {
need_cpu_rescan = 0;
/* if there's a hotplug event we better turn off power mode for a bit until things settle */
power_mode = 0;
if (debug_mode)
printf("Rescanning cpu topology \n");
reset_counts();
clear_work_stats();
clear_cpu_tree();
parse_cpu_tree();
}
/* deal with NAPI */
account_for_nic_stats();
calculate_workload();
/* to cope with dynamic configurations we scan for new numa information
* once every 5 minutes
*/
if (counter % NUMA_REFRESH_INTERVAL == 16)
pci_numa_scan();
calculate_placement();
activate_mapping();
if (debug_mode)
dump_tree();
if (one_shot_mode)
break;
counter++;
}
return EXIT_SUCCESS;
}
