From: Christian Brauner Date: Wed, 4 Jul 2018 09:06:44 +0000 (+0200) Subject: cgfsng: respect lxc.cgroup.use X-Git-Tag: lxc-3.0.2~151 X-Git-Url: https://git.proxmox.com/?p=mirror_lxc.git;a=commitdiff_plain;h=f00410294074a0cab8e0f1cec74bf34098bf567e cgfsng: respect lxc.cgroup.use If lxc.cgroup.use is specified then only those controllers listed in there will be used others will be skipped. Closes #2447. Signed-off-by: Christian Brauner --- diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c index 6d472d6a7..935b868b9 100644 --- a/src/lxc/cgroups/cgfsng.c +++ b/src/lxc/cgroups/cgfsng.c @@ -695,8 +695,7 @@ static bool controller_found(struct hierarchy **hlist, char *entry) */ static bool all_controllers_found(struct cgroup_ops *ops) { - char *p; - char *saveptr = NULL; + char **cur; struct hierarchy **hlist = ops->hierarchies; if (!controller_found(hlist, "freezer")) { @@ -707,9 +706,9 @@ static bool all_controllers_found(struct cgroup_ops *ops) if (!ops->cgroup_use) return true; - for (; (p = strtok_r(ops->cgroup_use, ",", &saveptr)); ops->cgroup_use = NULL) - if (!controller_found(hlist, p)) { - ERROR("No %s controller mountpoint found", p); + for (cur = ops->cgroup_use; cur && *cur; cur++) + if (!controller_found(hlist, *cur)) { + ERROR("No %s controller mountpoint found", *cur); return false; } @@ -2251,6 +2250,34 @@ static bool cgfsng_setup_limits(struct cgroup_ops *ops, struct lxc_conf *conf, return __cg_unified_setup_limits(ops, &conf->cgroup2); } +static bool cgroup_use_wants_controllers(const struct cgroup_ops *ops, + char **controllers) +{ + char **cur_ctrl, **cur_use; + + if (!ops->cgroup_use) + return true; + + for (cur_ctrl = controllers; cur_ctrl && *cur_ctrl; cur_ctrl++) { + bool found = false; + + for (cur_use = ops->cgroup_use; cur_use && *cur_use; cur_use++) { + if (strcmp(*cur_use, *cur_ctrl) != 0) + continue; + + found = true; + break; + } + + if (found) + continue; + + return false; + } + + return true; +} + /* At startup, parse_hierarchies finds all the info we need about cgroup * mountpoints and current cgroups, and stores it in @d. */ @@ -2366,6 +2393,10 @@ static bool cg_hybrid_init(struct cgroup_ops *ops) } } + /* Exclude all controllers that cgroup use does not want. */ + if (!cgroup_use_wants_controllers(ops, controller_list)) + goto next; + new = add_hierarchy(&ops->hierarchies, controller_list, mountpoint, base_cgroup, type); if (type == CGROUP2_SUPER_MAGIC && !ops->unified) ops->unified = new; @@ -2498,8 +2529,18 @@ static bool cg_init(struct cgroup_ops *ops) const char *tmp; tmp = lxc_global_config_value("lxc.cgroup.use"); - if (tmp) - ops->cgroup_use = must_copy_string(tmp); + if (tmp) { + char *chop, *cur, *pin; + char *saveptr = NULL; + + pin = must_copy_string(tmp); + chop = pin; + + for (; (cur = strtok_r(chop, ",", &saveptr)); chop = NULL) + must_append_string(&ops->cgroup_use, cur); + + free(pin); + } ret = cg_unified_init(ops); if (ret < 0) diff --git a/src/lxc/cgroups/cgroup.c b/src/lxc/cgroups/cgroup.c index afb2a9e88..f86bd9be8 100644 --- a/src/lxc/cgroups/cgroup.c +++ b/src/lxc/cgroups/cgroup.c @@ -21,6 +21,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include #include @@ -63,12 +64,15 @@ struct cgroup_ops *cgroup_init(struct lxc_handler *handler) void cgroup_exit(struct cgroup_ops *ops) { + char **cur; struct hierarchy **it; if (!ops) return; - free(ops->cgroup_use); + for (cur = ops->cgroup_use; cur && *cur; cur++) + free(*cur); + free(ops->cgroup_pattern); free(ops->container_cgroup); diff --git a/src/lxc/cgroups/cgroup.h b/src/lxc/cgroups/cgroup.h index eae4ca06e..8f4af06c1 100644 --- a/src/lxc/cgroups/cgroup.h +++ b/src/lxc/cgroups/cgroup.h @@ -89,7 +89,7 @@ struct cgroup_ops { const char *version; /* What controllers is the container supposed to use. */ - char *cgroup_use; + char **cgroup_use; char *cgroup_pattern; char *container_cgroup;