proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 08:05:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #3870 from brauner/2021-06-16.fixes

Browse Source 
cgroups: use stable ordering for co-mounted v1 controllers
This commit is contained in:
Stéphane Graber 2021-06-16 08:42:55 -04:00 committed by GitHub
commit 2ccc8081d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
src/lxc/cgroups/cgfsng.c
View File

@ -3086,6 +3086,55 @@ static bool legacy_hierarchy_delegated(int dfd_base)
return true; return true;
} }
/**
* systemd guarantees that the order of co-mounted controllers is stable. On
* some systems the order of the controllers might be reversed though.
*
* For example, this is how the order is mismatched on CentOS 7:
*
* [root@localhost ~]# cat /proc/self/cgroup
* 11:perf_event:/
* 10:pids:/
* 9:freezer:/
* >>>> 8:cpuacct,cpu:/
* 7:memory:/
* 6:blkio:/
* 5:devices:/
* 4:hugetlb:/
* >>>> 3:net_prio,net_cls:/
* 2:cpuset:/
* 1:name=systemd:/user.slice/user-0.slice/session-c1.scope
*
* whereas the mountpoint:
*
* | |-/sys/fs/cgroup tmpfs tmpfs ro,nosuid,nodev,noexec,mode=755
* | | |-/sys/fs/cgroup/systemd cgroup cgroup rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd
* | | |-/sys/fs/cgroup/cpuset cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpuset
* >>>> | | |-/sys/fs/cgroup/net_cls,net_prio cgroup cgroup rw,nosuid,nodev,noexec,relatime,net_prio,net_cls
* | | |-/sys/fs/cgroup/hugetlb cgroup cgroup rw,nosuid,nodev,noexec,relatime,hugetlb
* | | |-/sys/fs/cgroup/devices cgroup cgroup rw,nosuid,nodev,noexec,relatime,devices
* | | |-/sys/fs/cgroup/blkio cgroup cgroup rw,nosuid,nodev,noexec,relatime,blkio
* | | |-/sys/fs/cgroup/memory cgroup cgroup rw,nosuid,nodev,noexec,relatime,memory
* >>>> | | |-/sys/fs/cgroup/cpu,cpuacct cgroup cgroup rw,nosuid,nodev,noexec,relatime,cpuacct,cpu
* | | |-/sys/fs/cgroup/freezer cgroup cgroup rw,nosuid,nodev,noexec,relatime,freezer
* | | |-/sys/fs/cgroup/pids cgroup cgroup rw,nosuid,nodev,noexec,relatime,pids
* | | `-/sys/fs/cgroup/perf_event cgroup cgroup rw,nosuid,nodev,noexec,relatime,perf_event
*
* Ensure that we always use the systemd-guaranteed stable order when checking
* for the mountpoint.
*/
__attribute__((returns_nonnull)) __attribute__((nonnull))
static const char *stable_order(const char *controllers)
{
if (strequal(controllers, "cpuacct,cpu"))
return "cpu,cpuacct";
if (strequal(controllers, "net_prio,net_cls"))
return "net_cls,net_prio";
return unprefix(controllers);
}
static int __initialize_cgroups(struct cgroup_ops *ops, bool relative, static int __initialize_cgroups(struct cgroup_ops *ops, bool relative,
bool unprivileged) bool unprivileged)
{ {
@ -3180,12 +3229,13 @@ static int __initialize_cgroups(struct cgroup_ops *ops, bool relative,
*__current_cgroup = '\0'; *__current_cgroup = '\0';
__current_cgroup++; __current_cgroup++;
controllers = strdup(unprefix(__controllers)); controllers = strdup(stable_order(__controllers));
if (!controllers) if (!controllers)
return ret_errno(ENOMEM); return ret_errno(ENOMEM);
dfd_mnt = open_at(ops->dfd_mnt, dfd_mnt = open_at(ops->dfd_mnt,
controllers, PROTECT_OPATH_DIRECTORY, controllers,
PROTECT_OPATH_DIRECTORY,
PROTECT_LOOKUP_ABSOLUTE_XDEV, 0); PROTECT_LOOKUP_ABSOLUTE_XDEV, 0);
if (dfd_mnt < 0) { if (dfd_mnt < 0) {
if (errno != ENOENT) if (errno != ENOENT)