cgroups: stash fds for the controller mountpoint and base cgroup path

author Christian Brauner <christian.brauner@ubuntu.com>

Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)

committer Christian Brauner <christian.brauner@ubuntu.com>

Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)
author Christian Brauner <christian.brauner@ubuntu.com>
Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)
committer Christian Brauner <christian.brauner@ubuntu.com>
Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c

index b237b75a94d71b0bc4b9b99219354c3c5f15caae..87343568885cf7020b94940be6c424ecde3be90d 100644 (file)
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -696,6 +696,7 @@ static struct hierarchy *add_hierarchy(struct cgroup_ops *ops,
                                        char **clist, char *mountpoint,
                                        char *container_base_path, int type)
  {
+       __do_close int dfd_base = -EBADF, dfd_mnt = -EBADF;
         __do_free struct hierarchy *new = NULL;
         int newentry;
  
@@ -714,6 +715,16 @@ static struct hierarchy *add_hierarchy(struct cgroup_ops *ops,
         new->cgfd_limit                 = -EBADF;
         new->cgfd_mon                   = -EBADF;
  
+       dfd_mnt = open_at(-EBADF, mountpoint, PROTECT_OPATH_DIRECTORY,
+                         PROTECT_LOOKUP_ABSOLUTE_XDEV, 0);
+       if (dfd_mnt < 0)
+               return syserrno(NULL, "Failed to open %s", mountpoint);
+
+       dfd_base = open_at(dfd_mnt, container_base_path, PROTECT_OPATH_DIRECTORY,
+                          PROTECT_LOOKUP_BENEATH_XDEV, 0);
+       if (dfd_base < 0)
+               return syserrno(NULL, "Failed to open %d(%s)", dfd_base, container_base_path);
+
         TRACE("Adding cgroup hierarchy with mountpoint %s and base cgroup %s %s",
               mountpoint, container_base_path,
               clist ? "with controllers " : "without any controllers");
@@ -721,6 +732,8 @@ static struct hierarchy *add_hierarchy(struct cgroup_ops *ops,
                 TRACE("%s", *it);
  
         newentry = append_null_to_list((void ***)&ops->hierarchies);
+       new->dfd_mnt = move_fd(dfd_mnt);
+       new->dfd_base = move_fd(dfd_base);
         (ops->hierarchies)[newentry] = new;
         return move_ptr(new);
  }
diff --git a/src/lxc/cgroups/cgroup.c b/src/lxc/cgroups/cgroup.c

index 9ba7a18608a6ea92ec30d6e2c5cb51eab16686bd..b83879b62b93362451627b970a2a050639361af8 100644 (file)
--- a/src/lxc/cgroups/cgroup.c
+++ b/src/lxc/cgroups/cgroup.c
@@ -92,6 +92,10 @@ void cgroup_exit(struct cgroup_ops *ops)
                         close((*it)->cgfd_con);
                 if ((*it)->cgfd_mon >= 0)
                         close((*it)->cgfd_mon);
+               if ((*it)->dfd_mnt >= 0)
+                       close((*it)->dfd_mnt);
+               if ((*it)->dfd_base >= 0)
+                       close((*it)->dfd_base);
                 free(*it);
         }
         free(ops->hierarchies);
diff --git a/src/lxc/cgroups/cgroup.h b/src/lxc/cgroups/cgroup.h

index f8060c06df126d00225544e06ac45d4c2de63040..2ec5f0a7ca1bcb417015891aec33d76398913ebf 100644 (file)
--- a/src/lxc/cgroups/cgroup.h
+++ b/src/lxc/cgroups/cgroup.h
@@ -103,6 +103,12 @@ struct hierarchy {
  
         /* File descriptor for the monitor's cgroup @monitor_full_path. */
         int cgfd_mon;
+
+       /* File descriptor for the controller's mountpoint @mountpoint. */
+       int dfd_mnt;
+
+       /* File descriptor for the controller's base cgroup path @container_base_path. */
+       int dfd_base;
  };
  
  struct cgroup_ops {
author	Christian Brauner <christian.brauner@ubuntu.com>
	Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)
committer	Christian Brauner <christian.brauner@ubuntu.com>
	Tue, 16 Feb 2021 12:36:13 +0000 (13:36 +0100)
src/lxc/cgroups/cgfsng.c		patch \| blob \| blame \| history
src/lxc/cgroups/cgroup.c		patch \| blob \| blame \| history
src/lxc/cgroups/cgroup.h		patch \| blob \| blame \| history