[Devel] [PATCH VZ8 v1 13/14] ve/cgroup: At cgroup_mark(unmark)_ve_roots skip non-virtualized roots

[Kirill Tkhai]

On 20.01.2021 12:56, Valeriy Vdovin wrote:
> During container start there might be a situation when not all cgroup
> hierarchies get virtualized by container manager (like vzctl). By
> virtualizing a cgroup hierarchy I mean creation of sub-directory within
> a particular mounted cgroup. When container starts it looks in css set
> of it's init process to list all affilated cgroups and perform actions
> on each. But non-virtualized cgroups will also be present in init's css_set
> and they should not be touched from inside of any non root ve.
> 
> Signed-off-by: Valeriy Vdovin <valeriy.vdovin at virtuozzo.com>

Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> ---
>  kernel/cgroup/cgroup.c | 17 +++++++++++++++++
>  1 file changed, 17 insertions(+)
> 
> diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
> index 285e84d1150f..34e049361611 100644
> --- a/kernel/cgroup/cgroup.c
> +++ b/kernel/cgroup/cgroup.c
> @@ -1927,6 +1927,23 @@ static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp,
>  			   struct cftype *cft, bool activate);
>  
>  #ifdef CONFIG_VE
> +static inline bool is_virtualized_cgroup(struct cgroup *cgrp)
> +{
> +	/*
> +	 * no parent means this is the host cgroup
> +	 */
> +	if (!cgrp->kn->parent)
> +		return false;
> +
> +	if (cgrp->root->subsys_mask)
> +		return true;
> +
> +	if (!strcmp(cgrp->root->name, "systemd"))
> +		return true;
> +
> +	return false;
> +}
> +
>  int cgroup_mark_ve_roots(struct ve_struct *ve)
>  {
>  	int err;
>