10927 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Christian Brauner	9bca62b305	cgroups: distinguish between tmpfs and unified based cgroup layouts file descriptors ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 15:29:14 +01:00
Christian Brauner	e203535895	cgroups: log intermediate cleanup ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 15:24:59 +01:00
Stéphane Graber	b3ad27fb43	Merge pull request #3679 from brauner/2021-02-17/cgroups ... cgroups: third batch of cgroup fixes	2021-02-17 08:59:13 -05:00
Christian Brauner	0954f6cec9	cgroups: prevent NULL pointer deref ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 14:42:55 +01:00
Christian Brauner	8f45c49bb1	cgroups: simplify mount opening ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:45:35 +01:00
Christian Brauner	9981107f55	cgroups: ensure we prune the limit dir ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:35:58 +01:00
Christian Brauner	c1ece89518	cgroups: ensure we don't remove cgroups we didn't create ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:30:30 +01:00
Christian Brauner	57abfbb640	cgroups: don't move pivot cgroup under the monitor's cgroup ... Otherwise we will never be able to destroy the monitor's cgroup. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:08:27 +01:00
Christian Brauner	1e05885505	cgroups: don't rely on absolute path ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:06:29 +01:00
Christian Brauner	471929c6d0	cgroups: be stricter when creating payloads ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:04:58 +01:00
Christian Brauner	a6aeb9f1b9	cgroups: rework cgroup tree creation ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 10:03:42 +01:00
Christian Brauner	6c880cdfa1	cgroups: ensure leaf cgroup is correctly pruned on creation failure ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 09:29:04 +01:00
Christian Brauner	cb423bd38b	cgroups: rework cgroup tree removal on creation failure ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 09:15:38 +01:00
Christian Brauner	2291719e82	cgroups: remove obsolote check ... In the new layout we don't need to do this. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 09:06:37 +01:00
Christian Brauner	6fec43278e	cgroups: reorder function arguments ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 09:04:03 +01:00
Stéphane Graber	e82bb1b360	Merge pull request #3678 from brauner/2021-02-17/unified_controller_delegation ... cgroups: rework unified cgroup controller delegation	2021-02-16 20:27:03 -05:00
Christian Brauner	838d155694	start: delegate than move into the target cgroup ... This is a way more sensible model. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 01:45:47 +01:00
Christian Brauner	95ab26aff7	cgroups: rework unified controller delegation ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 01:45:47 +01:00
Christian Brauner	e4db08ed3e	cgroups: check correct variable ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 01:45:47 +01:00
Christian Brauner	e219f8e885	cgroups: s/openat()/open_at()/g ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 01:45:44 +01:00
Stéphane Graber	6963202241	Merge pull request #3677 from brauner/2021-02-17/cgroup_pruning ... cgroups: fd-only cgroup tree pruning	2021-02-16 19:16:38 -05:00
Stéphane Graber	a218be90f5	Merge pull request #3676 from brauner/2021-02-16/fixes ... cgroups: fixes	2021-02-16 19:16:23 -05:00
Christian Brauner	dcf6a5c7c6	cgroups: remove obsolote cgroup_tree handling ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 00:49:41 +01:00
Christian Brauner	c55fe36d28	cgroups: fd-only cgroup tree pruning ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 00:42:40 +01:00
Christian Brauner	6347774b4c	file_utils: move dup_cloexec() to header ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-17 00:42:37 +01:00
Christian Brauner	701be30e14	cgroups: prevent double-close ... Fixes: Coverity 1473183 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 23:27:53 +01:00
Christian Brauner	ba559a5b19	namespace: add missing \0 terminator ... Link: https://launchpadlibrarian.net/523195972/buildlog_ubuntu-groovy-ppc64el.lxc_1%3A4.0.6+master~20210215-1740-0ubuntu1~groovy_BUILDING.txt.gz Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 23:20:54 +01:00
Stéphane Graber	858f62255d	Merge pull request #3675 from brauner/2021-02-16/fixes ... cgroups: second batch of cgroup fixes	2021-02-16 16:37:42 -05:00
Christian Brauner	060e54d6df	cgroups: rework how hierarchies are added ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 20:39:02 +01:00
Christian Brauner	c426abeaa9	cgroups: fix fd leaks ... They didn't really matter because we want to keep them around for as long as the container lives anyway. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 19:19:09 +01:00
Christian Brauner	f5b049452e	cgroups: allow "" base cgroup paths ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 19:19:09 +01:00
Christian Brauner	192812516e	string_utils: handle empty strings in must_make_path() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 19:19:09 +01:00
Christian Brauner	088db01b85	cgroups: improve logging ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 19:19:09 +01:00
Christian Brauner	033267c93a	cgroups: rework legacy cpuset handling ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 19:19:09 +01:00
Christian Brauner	da42ac7b4b	cgroups: fd-based only cgroup creation ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 17:25:53 +01:00
Christian Brauner	3486d9935a	cgroups: stash fds for the controller mountpoint and base cgroup path ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 13:36:13 +01:00
Christian Brauner	5c7b81439c	cgroups: fail when no cgroup hierarchies are found ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 13:28:48 +01:00
Christian Brauner	600a016384	cgroups: rework base cgroup parsing ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 13:25:26 +01:00
Christian Brauner	c72e7cb584	cgroups: rework add_hierarchy() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 11:46:36 +01:00
Christian Brauner	008ccca920	cgroups: better document stashed file descriptors ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 11:35:43 +01:00
Christian Brauner	d4cff3525d	cgroups: stash host's cgroupfs file descriptor ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 11:22:56 +01:00
Christian Brauner	7414bc72c3	cgroups: s/cg_init()/__cgroup_init()/g ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-16 10:55:38 +01:00
Stéphane Graber	136b349c94	Merge pull request #3674 from brauner/2021-02-15/nesting ... cgroups: tighten cgroup config items	2021-02-15 12:56:52 -05:00
Christian Brauner	f63ef15527	confile: forbid absolute paths in config items that modify the cgroup layout ... This is not a safety measure but merely is supposed to raise awareness that these paths are always relative to the cgroup root as determined by lxc.cgroup.relative. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 18:08:56 +01:00
Christian Brauner	0a48ee66c6	confile: forbid walking upwards for confile items that modify cgroup layout ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 18:08:56 +01:00
Christian Brauner	7d714159a3	confile_utils: normalize paths in config items ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 18:08:56 +01:00
Christian Brauner	ee94a8b5cf	confile: use set_config_path_item() for most cgroup layout modifiers ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 18:08:54 +01:00
Stéphane Graber	7e925736c9	Merge pull request #3673 from brauner/2021-02-15/nesting ... cgroups: first batch of cgroup mounting fixes	2021-02-15 12:08:01 -05:00
Christian Brauner	a3e5ec2657	cgroupfs: rework cgroup2 mounting ... We now explicitly refuse to mount cgroups on pure unified layouts when the container is not running in a separate cgroup namespace. This is not a regression since we simply always failed before anyway. I will likely fix this very soon though. But there are bigger fish to fry currently. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 16:25:38 +01:00
Christian Brauner	3a86fb378d	cgroups: log early return ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-15 13:58:10 +01:00