From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 22 Jan 2021 11:17:56 +0000 (+0100)
Subject: cgroups: fix cgroup mounting
X-Git-Tag: lxc-5.0.0~322^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e6d4df7895ed1f17058e60dd4239131163d96566;p=thirdparty%2Flxc.git

cgroups: fix cgroup mounting

Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 1df135d94..138d01ee2 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1871,13 +1871,21 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops,
 		return cg_mount_cgroup_full(type, ops->unified, cgroup_root) == 0;
 	}
 
-	/* mount tmpfs */
-	ret = safe_mount_beneath(root, NULL, DEFAULT_CGROUP_MOUNTPOINT, "tmpfs",
+	/*
+	 * Mount a tmpfs over DEFAULT_CGROUP_MOUNTPOINT. Note that we're
+	 * relying on RESOLVE_BENEATH so we need to skip the leading "/" in the
+	 * DEFAULT_CGROUP_MOUNTPOINT define.
+	 */
+	ret = safe_mount_beneath(root, NULL,
+				 DEFAULT_CGROUP_MOUNTPOINT_RELATIVE,
+				 "tmpfs",
 				 MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,
 				 "size=10240k,mode=755");
 	if (ret < 0) {
 		if (errno != ENOSYS)
-			return false;
+			return log_error_errno(false, errno,
+					       "Failed to mount tmpfs on %s",
+					       DEFAULT_CGROUP_MOUNTPOINT);
 
 		ret = safe_mount(NULL, cgroup_root, "tmpfs",
 				 MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,
diff --git a/src/lxc/cgroups/cgroup.h b/src/lxc/cgroups/cgroup.h
index 7dec05a5c..b8a4d0f5b 100644
--- a/src/lxc/cgroups/cgroup.h
+++ b/src/lxc/cgroups/cgroup.h
@@ -11,6 +11,7 @@
 #include "macro.h"
 #include "memory_utils.h"
 
+#define DEFAULT_CGROUP_MOUNTPOINT_RELATIVE "sys/fs/cgroup"
 #define DEFAULT_CGROUP_MOUNTPOINT "/sys/fs/cgroup"
 #define DEFAULT_PAYLOAD_CGROUP_PREFIX "lxc.payload."
 #define DEFAULT_MONITOR_CGROUP_PREFIX "lxc.monitor."
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index c4815d14c..1e0b38e12 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1103,7 +1103,7 @@ int __safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, co
 
 	target_fd = openat2(beneath_fd, dst, &how, sizeof(how));
 	if (target_fd < 0)
-		return -errno;
+		return log_error_errno(-errno, errno, "Failed to open %d(%s)", beneath_fd, dst);
 	ret = snprintf(tgt_buf, sizeof(tgt_buf), "/proc/self/fd/%d", target_fd);
 	if (ret < 0 || ret >= sizeof(tgt_buf))
 		return -EIO;