[CRIU] [PATCH 03/11] cgroup: Introduce restore_special_propery()
Dmitry Safonov
dsafonov at virtuozzo.com
Wed Jul 26 00:08:08 MSK 2017
To reduce restore_special_props() size - let's factor a new
function for restoring one special property.
No functional change expected.
Signed-off-by: Dmitry Safonov <dsafonov at virtuozzo.com>
---
criu/cgroup.c | 166 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 82 insertions(+), 84 deletions(-)
diff --git a/criu/cgroup.c b/criu/cgroup.c
index 99435a360c14..f88f15d4d999 100644
--- a/criu/cgroup.c
+++ b/criu/cgroup.c
@@ -1371,100 +1371,98 @@ int prepare_cgroup_properties(void)
return 0;
}
-static int restore_special_props(char *paux, size_t off, CgroupDirEntry *e)
+static int restore_special_property(char *paux, size_t off, CgroupPropEntry *pr)
{
- int j;
+ /*
+ * XXX: we can drop this hack and make memory.swappiness and
+ * memory.oom_control regular properties when we drop support for
+ * kernels < 3.16. See 3dae7fec5.
+ */
+ if (!strcmp(pr->name, "memory.swappiness") && !strcmp(pr->value, "60"))
+ return 0;
+ if (!strcmp(pr->name, "memory.oom_control") && !strcmp(pr->value, "0"))
+ return 0;
- pr_info("Restore special props\n");
+ if (!strcmp(pr->name, "devices.list")) {
+ /*
+ * The devices cgroup must be restored in a special way:
+ * only the contents of devices.list can be read, and it
+ * is a whitelist of all the devices the cgroup is allowed
+ * to create. To re-create this whitelist, we firstly deny
+ * everything via devices.deny, and then write the list back
+ * into devices.allow.
+ *
+ * Further, we must have a write() call for each line,
+ * because the kernel only parses the first line of
+ * any write().
+ */
+ CgroupPropEntry *pe = pr;
+ char *old_val = pe->value, *old_name = pe->name;
+ int ret;
+ char *pos;
- {
+ /*
+ * A bit of a fudge here. These are write only by owner
+ * by default, but the container engine could have changed
+ * the perms. We should come up with a better way to
+ * restore all of this stuff.
+ */
+ pe->perms->mode = 0200;
- for (j = 0; j < e->n_properties; j++) {
- CgroupPropEntry *prop = e->properties[j];
+ pe->name = "devices.deny";
+ pe->value = "a";
+ ret = restore_cgroup_prop(pr, paux, off);
+ pe->name = old_name;
+ pe->value = old_val;
- if (is_special_property(prop->name)) {
- /* XXX: we can drop this hack and make
- * memory.swappiness and memory.oom_control
- * regular properties when we drop support for
- * kernels < 3.16. See 3dae7fec5.
- */
- if (!strcmp(prop->name, "memory.swappiness") &&
- !strcmp(prop->value, "60")) {
- continue;
- } else if (!strcmp(prop->name, "memory.oom_control") &&
- !strcmp(prop->value, "0")) {
- continue;
- }
+ /*
+ * An emptry string here means nothing is allowed,
+ * and the kernel disallows writing an "" to devices.allow,
+ * so let's just keep going.
+ */
+ if (!strcmp(pe->value, ""))
+ return 0;
- if (!strcmp(prop->name, "devices.list")) {
- /* The devices cgroup must be restored in a
- * special way: only the contents of
- * devices.list can be read, and it is a
- * whitelist of all the devices the cgroup is
- * allowed to create. To re-creat this
- * whitelist, we first deny everything via
- * devices.deny, and then write the list back
- * into devices.allow.
- *
- * Further, we must have a write() call for
- * each line, because the kernel only parses
- * the first line of any write().
- */
- CgroupPropEntry *pe = prop;
- char *old_val = pe->value, *old_name = pe->name;
- int ret;
- char *pos;
-
- /* A bit of a fudge here. These are
- * write only by owner by default, but
- * the container engine could have
- * changed the perms. We should come up
- * with a better way to restore all of
- * this stuff.
- */
- pe->perms->mode = 0200;
-
- pe->name = "devices.deny";
- pe->value = "a";
- ret = restore_cgroup_prop(prop, paux, off);
- pe->name = old_name;
- pe->value = old_val;
-
- /* an emptry string here means nothing
- * is allowed, and the kernel disallows
- * writing an "" to devices.allow, so
- * let's just keep going.
- */
- if (!strcmp(pe->value, ""))
- continue;
+ if (ret < 0)
+ return -1;
- if (ret < 0)
- return -1;
+ pe->name = "devices.allow";
- pe->name = "devices.allow";
-
- pos = pe->value;
- while (*pos) {
- int offset = next_device_entry(pos);
- pe->value = pos;
- ret = restore_cgroup_prop(pe, paux, off);
- if (ret < 0) {
- pe->name = old_name;
- pe->value = old_val;
- return -1;
- }
- pos += offset;
- }
- pe->value = old_val;
- pe->name = old_name;
- continue;
+ pos = pe->value;
+ while (*pos) {
+ int offset = next_device_entry(pos);
+ pe->value = pos;
+ ret = restore_cgroup_prop(pe, paux, off);
+ if (ret < 0) {
+ pe->name = old_name;
+ pe->value = old_val;
+ return -1;
+ }
+ pos += offset;
+ }
+ pe->value = old_val;
+ pe->name = old_name;
+ return 0;
+ }
- }
+ return restore_cgroup_prop(pr, paux, off);
+}
- if (restore_cgroup_prop(prop, paux, off) < 0) {
- return -1;
- }
- }
+static int restore_special_props(char *paux, size_t off, CgroupDirEntry *e)
+{
+ unsigned int j;
+
+ pr_info("Restore special props\n");
+
+ for (j = 0; j < e->n_properties; j++) {
+ CgroupPropEntry *prop = e->properties[j];
+
+ if (!is_special_property(prop->name))
+ continue;
+
+ if (restore_special_property(paux, off, prop) < 0) {
+ pr_err("Restoring %s special property failed\n", prop->name);
+ return -1;
}
}
--
2.13.3
More information about the CRIU
mailing list