The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2670
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
From 362a380fbb2f9925385defe5ee90134608c5b341 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Wed, 3 Oct 2018 12:20:49 +0200
Subject: [PATCH 1/2] Revert "Revert "cgfsng: avoid tiny race window""
This reverts commit c5e7a7acbf23f0c267179b3318af41423b39493a.
---
src/lxc/cgroups/cgfsng.c | 58 +++++++++++++++++++++++++++++-----------
src/lxc/utils.c | 25 ++++++++++-------
2 files changed, 57 insertions(+), 26 deletions(-)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 0fc9b11d2..ec4501c33 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1257,13 +1257,50 @@ static bool cg_unified_create_cgroup(struct hierarchy
*h, char *cgname)
return bret;
}
+static int mkdir_eexist_on_last(const char *dir, mode_t mode)
+{
+ const char *tmp = dir;
+ const char *orig = dir;
+ size_t orig_len;
+
+ orig_len = strlen(dir);
+ do {
+ int ret;
+ size_t cur_len;
+ char *makeme;
+
+ dir = tmp + strspn(tmp, "/");
+ tmp = dir + strcspn(dir, "/");
+
+ errno = ENOMEM;
+ cur_len = dir - orig;
+ makeme = strndup(orig, cur_len);
+ if (!makeme)
+ return -1;
+
+ ret = mkdir(makeme, mode);
+ if (ret < 0) {
+ if ((errno != EEXIST) || (orig_len == cur_len)) {
+ SYSERROR("Failed to create directory \"%s\"",
makeme);
+ free(makeme);
+ return -1;
+ }
+ }
+ free(makeme);
+
+ } while (tmp != dir);
+
+ return 0;
+}
+
static bool monitor_create_path_for_hierarchy(struct hierarchy *h, char
*cgname)
{
int ret;
h->monitor_full_path = must_make_path(h->mountpoint,
h->container_base_path, cgname, NULL);
- if (dir_exists(h->monitor_full_path)) {
- ERROR("The cgroup \"%s\" already existed",
h->monitor_full_path);
+ ret = mkdir_eexist_on_last(h->monitor_full_path, 0755);
+ if (ret < 0) {
+ ERROR("Failed to create cgroup \"%s\"", h->monitor_full_path);
return false;
}
@@ -1272,12 +1309,6 @@ static bool monitor_create_path_for_hierarchy(struct
hierarchy *h, char *cgname)
return false;
}
- ret = mkdir_p(h->monitor_full_path, 0755);
- if (ret < 0) {
- ERROR("Failed to create cgroup \"%s\"", h->monitor_full_path);
- return false;
- }
-
return cg_unified_create_cgroup(h, cgname);
}
@@ -1286,8 +1317,9 @@ static bool container_create_path_for_hierarchy(struct
hierarchy *h, char *cgnam
int ret;
h->container_full_path = must_make_path(h->mountpoint,
h->container_base_path, cgname, NULL);
- if (dir_exists(h->container_full_path)) {
- ERROR("The cgroup \"%s\" already existed",
h->container_full_path);
+ ret = mkdir_eexist_on_last(h->container_full_path, 0755);
+ if (ret < 0) {
+ ERROR("Failed to create cgroup \"%s\"", h->container_full_path);
return false;
}
@@ -1296,12 +1328,6 @@ static bool container_create_path_for_hierarchy(struct
hierarchy *h, char *cgnam
return false;
}
- ret = mkdir_p(h->container_full_path, 0755);
- if (ret < 0) {
- ERROR("Failed to create cgroup \"%s\"", h->container_full_path);
- return false;
- }
-
return cg_unified_create_cgroup(h, cgname);
}
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index ff6ea3fd7..1af6f512c 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -221,26 +221,31 @@ extern int get_u16(unsigned short *val, const char *arg,
int base)
return 0;
}
-extern int mkdir_p(const char *dir, mode_t mode)
+int mkdir_p(const char *dir, mode_t mode)
{
const char *tmp = dir;
const char *orig = dir;
- char *makeme;
-
do {
+ int ret;
+ char *makeme;
+
dir = tmp + strspn(tmp, "/");
tmp = dir + strcspn(dir, "/");
+ errno = ENOMEM;
makeme = strndup(orig, dir - orig);
- if (*makeme) {
- if (mkdir(makeme, mode) && errno != EEXIST) {
- SYSERROR("failed to create directory '%s'",
makeme);
- free(makeme);
- return -1;
- }
+ if (!makeme)
+ return -1;
+
+ ret = mkdir(makeme, mode);
+ if (ret < 0 && errno != EEXIST) {
+ SYSERROR("Failed to create directory \"%s\"", makeme);
+ free(makeme);
+ return -1;
}
free(makeme);
- } while(tmp != dir);
+
+ } while (tmp != dir);
return 0;
}
From c85cc6c9ccd7b9555b336c68a60d337d776e14a8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Wed, 3 Oct 2018 12:23:36 +0200
Subject: [PATCH 2/2] cgfsng: handle v1 cpuset hierarchy first
If the value of cgroup.clone_children in our immediate ancestor cgroup
is 0 then the cpuset of any cgroups we create in subtrees will be empty
and hence we'll copy an empty cpuset at which point we cannot enter the
cpuset cgroup.
Avoid this problem by initializing cgroup.clone_children to 1 an copying
the initialized cpuset of our immediate ancestor. Note, that the cpuset
of our immediate ancestor must be initialized and ours as well otherwise
we couldn't be located in this cgroup.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
src/lxc/cgroups/cgfsng.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index ec4501c33..97913209c 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1297,6 +1297,11 @@ static bool monitor_create_path_for_hierarchy(struct
hierarchy *h, char *cgname)
{
int ret;
+ if (!cg_legacy_handle_cpuset_hierarchy(h, cgname)) {
+ ERROR("Failed to handle legacy cpuset controller");
+ return false;
+ }
+
h->monitor_full_path = must_make_path(h->mountpoint,
h->container_base_path, cgname, NULL);
ret = mkdir_eexist_on_last(h->monitor_full_path, 0755);
if (ret < 0) {
@@ -1304,11 +1309,6 @@ static bool monitor_create_path_for_hierarchy(struct
hierarchy *h, char *cgname)
return false;
}
- if (!cg_legacy_handle_cpuset_hierarchy(h, cgname)) {
- ERROR("Failed to handle legacy cpuset controller");
- return false;
- }
-
return cg_unified_create_cgroup(h, cgname);
}
@@ -1316,6 +1316,11 @@ static bool container_create_path_for_hierarchy(struct
hierarchy *h, char *cgnam
{
int ret;
+ if (!cg_legacy_handle_cpuset_hierarchy(h, cgname)) {
+ ERROR("Failed to handle legacy cpuset controller");
+ return false;
+ }
+
h->container_full_path = must_make_path(h->mountpoint,
h->container_base_path, cgname, NULL);
ret = mkdir_eexist_on_last(h->container_full_path, 0755);
if (ret < 0) {
@@ -1323,11 +1328,6 @@ static bool container_create_path_for_hierarchy(struct
hierarchy *h, char *cgnam
return false;
}
- if (!cg_legacy_handle_cpuset_hierarchy(h, cgname)) {
- ERROR("Failed to handle legacy cpuset controller");
- return false;
- }
-
return cg_unified_create_cgroup(h, cgname);
}
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
