From: Michal Hocko <mhocko@suse.cz>
Date: Wed, 15 Jun 2011 15:23:39 +0000 (+0200)
Subject: Add file and directory permissions into cgroup
X-Git-Tag: v0.38~77
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cc185fb59cc5a67513b3f40d73b6a22dafb8c821;p=thirdparty%2Flibcgroup.git

Add file and directory permissions into cgroup

Let's add file permission for tasks and file and directory permissions
for control files into cgroup so that we can add them into configuration
files.
Permissions are initialized to NO_PERMS (unsigned -1 which doesn't
represent any valid permissions) to reflect that no value is set.  Let's
also add a common initialization functions for both cgroup table and
single cgroup.

Signed-off-by: Michal Hocko <mhocko@suse.cz>
Signed-off-by: Jan Safranek <jsafrane@redhat.com>
---

diff --git a/include/libcgroup/groups.h b/include/libcgroup/groups.h
index 10606414..61f18a09 100644
--- a/include/libcgroup/groups.h
+++ b/include/libcgroup/groups.h
@@ -109,6 +109,10 @@ struct cgroup;
  */
 struct cgroup_controller;
 
+/**
+ * Uninitialized file/directory permissions used for task/control files.
+ */
+#define NO_PERMS (-1U)
 
 /**
  * Allocate new cgroup structure. This function itself does not create new
diff --git a/src/config.c b/src/config.c
index b8325a56..92d8227b 100644
--- a/src/config.c
+++ b/src/config.c
@@ -105,6 +105,7 @@ int cgroup_config_insert_cgroup(char *cg_name)
 
 		memset(newblk + oldlen, 0, (MAX_CGROUPS - oldlen) *
 				sizeof(struct cgroup));
+		init_cgroup_table(newblk + oldlen, MAX_CGROUPS - oldlen);
 		config_cgroup_table = newblk;
 		cgroup_dbg("MAX_CGROUPS %d\n", MAX_CGROUPS);
 		cgroup_dbg("reallocated config_cgroup_table to %p\n", config_cgroup_table);
@@ -726,6 +727,11 @@ int cgroup_config_load_config(const char *pathname)
 	}
 
 	config_cgroup_table = calloc(MAX_CGROUPS, sizeof(struct cgroup));
+	if (!config_cgroup_table)
+		return ECGFAIL;
+
+	init_cgroup_table(config_cgroup_table, MAX_CGROUPS);
+
 	if (yyparse() != 0) {
 		cgroup_dbg("Failed to parse file %s\n", pathname);
 		fclose(yyin);
diff --git a/src/libcgroup-internal.h b/src/libcgroup-internal.h
index 45c1dede..9845cad1 100644
--- a/src/libcgroup-internal.h
+++ b/src/libcgroup-internal.h
@@ -84,8 +84,11 @@ struct cgroup {
 	int index;
 	uid_t tasks_uid;
 	gid_t tasks_gid;
+	mode_t task_fperm;
 	uid_t control_uid;
 	gid_t control_gid;
+	mode_t control_fperm;
+	mode_t control_dperm;
 };
 
 struct cg_mount_point {
@@ -189,6 +192,7 @@ int cgroup_get_procname_from_procfs(pid_t pid, char **procname);
 int cg_mkdir_p(const char *path);
 struct cgroup *create_cgroup_from_name_value_pairs(const char *name,
 		struct control_value *name_value, int nv_number);
+void init_cgroup_table(struct cgroup *cgroups, size_t count);
 
 /*
  * Main mounting structures
diff --git a/src/wrapper.c b/src/wrapper.c
index 4828ea8b..90c8bc31 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -23,13 +23,26 @@
 #include <string.h>
 #include <unistd.h>
 
+static void init_cgroup(struct cgroup *cgroup)
+{
+	cgroup->task_fperm = cgroup->control_fperm = cgroup->control_dperm = NO_PERMS;
+}
+
+void init_cgroup_table(struct cgroup *cgroups, size_t count)
+{
+	size_t i;
+
+	for (i = 0; i < count; ++i)
+		init_cgroup(&cgroups[i]);
+}
+
 struct cgroup *cgroup_new_cgroup(const char *name)
 {
 	struct cgroup *cgroup = calloc(1, sizeof(struct cgroup));
-
 	if (!cgroup)
 		return NULL;
 
+	init_cgroup(cgroup);
 	strncpy(cgroup->name, name, sizeof(cgroup->name));
 
 	return cgroup;