[CRIU] [PATCH] cg: Add ability to dump predefined controllers only

Cyrill Gorcunov gorcunov at gmail.com
Fri Apr 22 04:29:30 PDT 2016


When we dump container's cgroups we rely on the fact
that there is no external cgroups created on the
node which we don't know about (for this sake
we even prohibit mounting new cgroups from inside
of containers).

Still node's admin may create any additional cgroups
for own purpose unrelated to container and in such
case we will carry these cgroups inside dumped image
trying to restore them later. Moreover we're rewriting
the roots for containers so that if controller (especially
named controllers, ie cgroups mounted with "name=" options)
has path as a global root ("/") then on restore we won't
be able to recreate it properly.

For example, assume someone mounted cgroup with name=zdtmtst,
then in dump we will have

 | {
 |  "name": "name=zdtmtst",
 |  "path": "/"
 | },

Then on restore we will reqrite the root into some new
location, and the path '/' disappear because it get
overwritten with new root from command line. Of course
it's not what we wanted.

Thus for containers sake add simple filtering of cgroup
controllers to take into image files: pass their names
in option and skip anything else.

https://jira.sw.ru/browse/PSBM-46382

Signed-off-by: Cyrill Gorcunov <gorcunov at virtuozzo.com>
---
 criu/crtools.c            |  8 ++++++++
 criu/include/cr_options.h |  2 ++
 criu/proc_parse.c         | 14 ++++++++++++++
 3 files changed, 24 insertions(+)

diff --git a/criu/crtools.c b/criu/crtools.c
index 5d9647a..74baccf 100644
--- a/criu/crtools.c
+++ b/criu/crtools.c
@@ -323,6 +323,7 @@ int main(int argc, char *argv[], char *envp[])
 		{ "extra",			no_argument,		0, 1077	},
 		{ "experimental",		no_argument,		0, 1078	},
 		{ "all",			no_argument,		0, 1079	},
+		{ "cgroup-only",		required_argument,	0, 1080	},
 		{ },
 	};
 
@@ -627,6 +628,13 @@ int main(int argc, char *argv[], char *envp[])
 			opts.check_extra_features = true;
 			opts.check_experimental_features = true;
 			break;
+		case 1080:
+			if (xrealloc_safe(&opts.cgroup_only,
+					  sizeof(char *) * (opts.nr_cgroup_only + 1)))
+				return 1;
+			opts.cgroup_only[opts.nr_cgroup_only] = optarg;
+			opts.nr_cgroup_only++;
+			break;
 		case 'V':
 			pr_msg("Version: %s\n", CRIU_VERSION);
 			if (strcmp(CRIU_GITID, "0"))
diff --git a/criu/include/cr_options.h b/criu/include/cr_options.h
index b6ae3a1..fd5c5cd 100644
--- a/criu/include/cr_options.h
+++ b/criu/include/cr_options.h
@@ -98,6 +98,8 @@ struct cr_options {
 	unsigned int		manage_cgroups;
 	char			*new_global_cg_root;
 	struct list_head	new_cgroup_roots;
+	char			**cgroup_only;
+	size_t			nr_cgroup_only;
 	bool			autodetect_ext_mounts;
 	bool			enable_external_sharing;
 	bool			enable_external_masters;
diff --git a/criu/proc_parse.c b/criu/proc_parse.c
index 4522ce6..c3afbc4 100644
--- a/criu/proc_parse.c
+++ b/criu/proc_parse.c
@@ -2160,6 +2160,7 @@ int parse_cgroup_file(FILE *f, struct list_head *retl, unsigned int *n)
 	while (fgets(buf, BUF_SIZE, f)) {
 		struct cg_ctl *ncc, *cc;
 		char *name, *path = NULL, *e;
+		size_t i;
 
 		ncc = xmalloc(sizeof(*cc));
 		if (!ncc)
@@ -2185,6 +2186,19 @@ int parse_cgroup_file(FILE *f, struct list_head *retl, unsigned int *n)
 		if (e)
 			*e = '\0';
 
+		if (opts.nr_cgroup_only) {
+			for (i = 0; i < opts.nr_cgroup_only; i++) {
+				if (!strncmp(name, opts.cgroup_only[i],
+					     strlen(opts.cgroup_only[i])))
+					break;
+			}
+			if (i >= opts.nr_cgroup_only) {
+				pr_debug("cg: Skip controller %s\n", name);
+				xfree(ncc);
+				continue;
+			}
+		}
+
 		ncc->name = xstrdup(name);
 		ncc->path = xstrdup(path);
 		ncc->cgns_prefix = 0;
-- 
2.5.5



More information about the CRIU mailing list