[Devel] [PATCH RHEL7 v21 14/14] ve/cgroup: At cgroup_mark(unmark)_ve_roots skip non-virtualized roots
Kirill Tkhai
ktkhai at virtuozzo.com
Fri Jul 31 11:28:24 MSK 2020
On 28.07.2020 20:53, Valeriy Vdovin wrote:
> During container start there might be a situation when not all cgroup
> hierarchies get virtualized by container manager (like vzctl). By
> virtualizing a cgroup hierarchy I mean creation of sub-directory within
> a particular mounted cgroup. When container starts it looks in css set
> of it's init process to list all affilated cgroups and perform actions
> on each. But non-virtualized cgroups will also be present in init's css_set
> and they should not be touched from inside of any non root ve.
>
> Signed-off-by: Valeriy Vdovin <valeriy.vdovin at virtuozzo.com>
> ---
> kernel/cgroup.c | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
> diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> index 402973a..5fc60228 100644
> --- a/kernel/cgroup.c
> +++ b/kernel/cgroup.c
> @@ -4464,6 +4464,17 @@ int cgroup_mark_ve_roots(struct ve_struct *ve)
> mutex_lock(&cgroup_mutex);
> for_each_active_root(root) {
> cgrp = css_cgroup_from_root(ve->root_css_set, root);
> +
> + /*
> + * In some situations not all cgroup roots are
> + * virtualized by container manager (vzctl). In that
> + * case cgrp will point at the actual top cgroup of
> + * the hierarchy which is private property of host,
> + * we should not modify it and just skip.
> + */
> + if (cgrp == &root->top_cgroup)
> + continue;
This is a good idea, but what will be if this cgroup is private cgroup of host, which is not its top_cgroup?
> +
> rcu_assign_pointer(cgrp->ve_owner, ve);
> set_bit(CGRP_VE_ROOT, &cgrp->flags);
>
> @@ -4513,6 +4524,14 @@ void cgroup_unmark_ve_roots(struct ve_struct *ve)
> mutex_lock(&cgroup_mutex);
> for_each_active_root(root) {
> cgrp = css_cgroup_from_root(ve->root_css_set, root);
> +
> + /*
> + * For this line see comments in
> + * cgroup_mark_ve_roots
> + */
> + if (cgrp == &root->top_cgroup)
> + continue;
> +
> dget(cgrp->dentry);
> list_add_tail(&cgrp->cft_q_node, &pending);
> }
>
More information about the Devel
mailing list