cgroup v2 Integration

Invariant (INV-05)

High-durability mode requires cgroup v2. If cgroup v2 is absent, the system operates in a reduced assurance envelope and emits edge.assurance.reduced at startup.

Assurance Levels

Level	cgroup v2	Durability
High	Present	Kernel-enforced memory and I/O limits
Baseline (reduced)	Absent	Best-effort; advisory limits only

Startup Probe

Implemented checks:

• config.StartupValidate() probes cgroup v2 when assurance.mode = "high".

• Linux probe reads <cgroupv2_root>/cgroup.controllers.

• If absent/unreadable under high mode, startup returns error and emits edge.assurance.reduced.

• In baseline mode, cgroup v2 is not required.

edged validate also reports assurance mode outcome in the PASS/FAIL summary line.

Failure Injection

See FI Catalog → Matrix for FI-C1-05.

Evidence

• edge/config/cgroup_linux.go

• edge/config/cgroup_other.go

• edge/config/startup.go (checkAssurance)

• edge/cmd/edged/main.go (detectAssurance, validate summary output)

• edge/assurance/assurance.go (LogAssuranceReduced, ErrHighDurabilityUnavailable)

• edge/fi/fi_assurance_test.go

• docs/_generated/test-outputs/demo-output.txt (validate assurance summary line)

See Also

• Disk Ceiling

• Architecture → Invariants — INV-05