From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Tue, 2 Feb 2021 21:21:38 +0000 (+0100)
Subject: cgroups: move down cgroup_attach()
X-Git-Tag: lxc-5.0.0~305^2~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=029d8e8801d489fd28a337aaebbffb385d86385a;p=thirdparty%2Flxc.git

cgroups: move down cgroup_attach()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 677b70cc6..2dce7673b 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -2350,42 +2350,6 @@ static int cgroup_unified_attach_parent_wrapper(void *data)
 					    args->pid);
 }
 
-int cgroup_attach(const struct lxc_conf *conf, const char *name,
-		  const char *lxcpath, pid_t pid)
-{
-	__do_close int unified_fd = -EBADF;
-	int ret;
-
-	if (!conf || !name || !lxcpath || pid <= 0)
-		return ret_errno(EINVAL);
-
-	unified_fd = lxc_cmd_get_cgroup2_fd(name, lxcpath);
-	if (unified_fd < 0)
-		return ret_errno(EBADF);
-
-	if (!lxc_list_empty(&conf->id_map)) {
-		struct userns_exec_unified_attach_data args = {
-			.conf		= conf,
-			.unified_fd	= unified_fd,
-			.pid		= pid,
-		};
-
-		ret = socketpair(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, args.sk_pair);
-		if (ret < 0)
-			return -errno;
-
-		ret = userns_exec_minimal(conf,
-					  cgroup_unified_attach_parent_wrapper,
-					  &args,
-					  cgroup_unified_attach_child_wrapper,
-					  &args);
-	} else {
-		ret = cgroup_attach_leaf(conf, unified_fd, pid);
-	}
-
-	return ret;
-}
-
 /* Technically, we're always at a delegation boundary here (This is especially
  * true when cgroup namespaces are available.). The reasoning is that in order
  * for us to have been able to start a container in the first place the root
@@ -3495,6 +3459,42 @@ struct cgroup_ops *cgfsng_ops_init(struct lxc_conf *conf)
 	return move_ptr(cgfsng_ops);
 }
 
+int cgroup_attach(const struct lxc_conf *conf, const char *name,
+		  const char *lxcpath, pid_t pid)
+{
+	__do_close int unified_fd = -EBADF;
+	int ret;
+
+	if (!conf || !name || !lxcpath || pid <= 0)
+		return ret_errno(EINVAL);
+
+	unified_fd = lxc_cmd_get_cgroup2_fd(name, lxcpath);
+	if (unified_fd < 0)
+		return ret_errno(EBADF);
+
+	if (!lxc_list_empty(&conf->id_map)) {
+		struct userns_exec_unified_attach_data args = {
+			.conf		= conf,
+			.unified_fd	= unified_fd,
+			.pid		= pid,
+		};
+
+		ret = socketpair(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, args.sk_pair);
+		if (ret < 0)
+			return -errno;
+
+		ret = userns_exec_minimal(conf,
+					  cgroup_unified_attach_parent_wrapper,
+					  &args,
+					  cgroup_unified_attach_child_wrapper,
+					  &args);
+	} else {
+		ret = cgroup_attach_leaf(conf, unified_fd, pid);
+	}
+
+	return ret;
+}
+
 /* Connects to command socket therefore isn't callable from command handler. */
 int cgroup_get(const char *name, const char *lxcpath,
 	       const char *filename, char *buf, size_t len)