cgroup2: move bpf device cgroup program to struct cgroup_ops

Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index cade4d3c7f5f98f2f1bbb7df73162ff8ea314f73..0078b3c858aaa362e9417ffbe69284ab0e397cde 100644 (file)
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1027,7 +1027,7 @@ __cgfsng_ops static void cgfsng_payload_destroy(struct cgroup_ops *ops,
        }
 
 #ifdef HAVE_STRUCT_BPF_CGROUP_DEV_CTX
-       ret = bpf_program_cgroup_detach(handler->conf->cgroup2_devices);
+       ret = bpf_program_cgroup_detach(handler->cgroup_ops->cgroup2_devices);
        if (ret < 0)
                WARN("Failed to detach bpf program from cgroup");
 #endif
@@ -3028,8 +3028,8 @@ __cgfsng_ops static bool cgfsng_devices_activate(struct cgroup_ops *ops, struct
                return log_error_errno(false, ENOMEM, "Failed to attach bpf program");
 
        /* Replace old bpf program. */
-       devices_old = move_ptr(conf->cgroup2_devices);
-       conf->cgroup2_devices = move_ptr(devices);
+       devices_old = move_ptr(ops->cgroup2_devices);
+       ops->cgroup2_devices = move_ptr(devices);
        devices = move_ptr(devices_old);
 #endif
        return true;

diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index 422d70d221d013b6aa99fe336f48903a24ffab0b..54d333c3f62e48a6d875dd722281a22842ac9a0d 100644 (file)
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -439,17 +439,18 @@ int bpf_program_cgroup_detach(struct bpf_program *prog)
                                               prog->attached_path);
        }
 
-       free(prog->attached_path);
-       prog->attached_path = NULL;
+        TRACE("Detached bpf program from cgroup %s", prog->attached_path);
+        free_disarm(prog->attached_path);
 
-       return 0;
+        return 0;
 }
 
-void lxc_clear_cgroup2_devices(struct lxc_conf *conf)
+void bpf_device_program_free(struct cgroup_ops *ops)
 {
-       if (conf->cgroup2_devices) {
-               (void)bpf_program_cgroup_detach(conf->cgroup2_devices);
-               (void)bpf_program_free(conf->cgroup2_devices);
+       if (ops->cgroup2_devices) {
+               (void)bpf_program_cgroup_detach(ops->cgroup2_devices);
+               (void)bpf_program_free(ops->cgroup2_devices);
+               ops->cgroup2_devices = NULL;
        }
 }
 

diff --git a/src/lxc/cgroups/cgroup2_devices.h b/src/lxc/cgroups/cgroup2_devices.h
index 83d2fd3cc1babbff1449335e48d12d5e84684af7..04f493e0299f19477b3b80391de0fa8e8ad38f46 100644 (file)
--- a/src/lxc/cgroups/cgroup2_devices.h
+++ b/src/lxc/cgroups/cgroup2_devices.h
@@ -15,6 +15,7 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "cgroup.h"
 #include "compiler.h"
 #include "conf.h"
 #include "config.h"
@@ -61,7 +62,7 @@ __hidden extern int bpf_program_cgroup_attach(struct bpf_program *prog, int type
                                              uint32_t flags);
 __hidden extern int bpf_program_cgroup_detach(struct bpf_program *prog);
 __hidden extern void bpf_program_free(struct bpf_program *prog);
-__hidden extern void lxc_clear_cgroup2_devices(struct lxc_conf *conf);
+__hidden extern void bpf_device_program_free(struct cgroup_ops *ops);
 __hidden extern bool bpf_devices_cgroup_supported(void);
 
 static inline void __auto_bpf_program_free__(struct bpf_program **prog)
@@ -119,7 +120,7 @@ static inline void bpf_program_free(struct bpf_program *prog)
 {
 }
 
-static inline void lxc_clear_cgroup2_devices(struct lxc_conf *conf)
+static inline void bpf_device_program_free(struct cgroup_ops *ops)
 {
 }
 

diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index cca09a12610061b06f9fa1de3eb3a9b9b8d2679f..a9a03ca2c8e32fae43c2796a1d112b13d4e1ae31 100644 (file)
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -1198,7 +1198,8 @@ static int lxc_cmd_add_bpf_device_cgroup_callback(int fd, struct lxc_cmd_req *re
        __do_bpf_program_free struct bpf_program *devices = NULL;
        struct lxc_cmd_rsp rsp = {0};
        struct lxc_conf *conf = handler->conf;
-       struct hierarchy *unified = handler->cgroup_ops->unified;
+       struct cgroup_ops *cgroup_ops = handler->cgroup_ops;
+       struct hierarchy *unified = cgroup_ops->unified;
        int ret;
        struct lxc_list *it;
        struct device_item *device;
@@ -1249,8 +1250,8 @@ static int lxc_cmd_add_bpf_device_cgroup_callback(int fd, struct lxc_cmd_req *re
                goto respond;
 
        /* Replace old bpf program. */
-       devices_old = move_ptr(conf->cgroup2_devices);
-       conf->cgroup2_devices = move_ptr(devices);
+       devices_old = move_ptr(cgroup_ops->cgroup2_devices);
+       cgroup_ops->cgroup2_devices = move_ptr(devices);
        devices = move_ptr(devices_old);
 
        rsp.ret = 0;

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 27f97066876d2a8237a1ac45ed1e499999f213a9..d5c069553ac1a8e2325d06b5467dda3219668e6e 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -36,7 +36,6 @@
 #include "af_unix.h"
 #include "caps.h"
 #include "cgroup.h"
-#include "cgroup2_devices.h"
 #include "conf.h"
 #include "config.h"
 #include "confile.h"
@@ -3842,7 +3841,6 @@ void lxc_conf_free(struct lxc_conf *conf)
        lxc_clear_cgroups(conf, "lxc.cgroup", CGROUP_SUPER_MAGIC);
        lxc_clear_cgroups(conf, "lxc.cgroup2", CGROUP2_SUPER_MAGIC);
        lxc_clear_devices(conf);
-       lxc_clear_cgroup2_devices(conf);
        lxc_clear_hooks(conf, "lxc.hook");
        lxc_clear_mount_entries(conf);
        lxc_clear_idmaps(conf);

diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 116479df94006c6527561e0bd4b814632a78a04a..84b0f81b0f754db2b73d73c1bc5d4e5d6a9eeac2 100644 (file)
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -299,7 +299,6 @@ struct lxc_conf {
        struct {
                struct lxc_list cgroup;
                struct lxc_list cgroup2;
-               struct bpf_program *cgroup2_devices;
                /* This should be reimplemented as a hashmap. */
                struct lxc_list devices;
        };