From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Tue, 26 Jan 2021 14:28:12 +0000 (+0100)
Subject: cgroups: rework cg_unified_init()
X-Git-Tag: lxc-5.0.0~317^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f914ae08c498205b1661d743dffc368d2024cee0;p=thirdparty%2Flxc.git

cgroups: rework cg_unified_init()

Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index ce8adeee6..c6d05c376 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -3298,12 +3298,11 @@ static char *cg_unified_get_current_cgroup(bool relative)
 static int cg_unified_init(struct cgroup_ops *ops, bool relative,
 			   bool unprivileged)
 {
-	__do_free char *subtree_path = NULL;
+	__do_close int cgroup_root_fd = -EBADF;
+	__do_free char *base_cgroup = NULL, *controllers_path = NULL;
 	int ret;
-	char *mountpoint;
 	char **delegatable;
 	struct hierarchy *new;
-	char *base_cgroup = NULL;
 
 	ret = unified_cgroup_hierarchy();
 	if (ret == -ENOMEDIUM)
@@ -3318,14 +3317,18 @@ static int cg_unified_init(struct cgroup_ops *ops, bool relative,
 	if (!relative)
 		prune_init_scope(base_cgroup);
 
+	cgroup_root_fd = openat(-EBADF, DEFAULT_CGROUP_MOUNTPOINT,
+				O_NOCTTY | O_CLOEXEC | O_NOFOLLOW | O_DIRECTORY);
+	if (cgroup_root_fd < 0)
+		return -errno;
+
 	/*
 	 * We assume that the cgroup we're currently in has been delegated to
 	 * us and we are free to further delege all of the controllers listed
 	 * in cgroup.controllers further down the hierarchy.
 	 */
-	mountpoint = must_copy_string(DEFAULT_CGROUP_MOUNTPOINT);
-	subtree_path = must_make_path(mountpoint, base_cgroup, "cgroup.controllers", NULL);
-	delegatable = cg_unified_get_controllers(subtree_path);
+	controllers_path = must_make_path_relative(base_cgroup, "cgroup.controllers", NULL);
+	delegatable = cg_unified_get_controllers(cgroup_root_fd, controllers_path);
 	if (!delegatable)
 		delegatable = cg_unified_make_empty_controller();
 	if (!delegatable[0])
@@ -3338,7 +3341,11 @@ static int cg_unified_init(struct cgroup_ops *ops, bool relative,
 	 * controllers per container.
 	 */
 
-	new = add_hierarchy(&ops->hierarchies, delegatable, mountpoint, base_cgroup, CGROUP2_SUPER_MAGIC);
+	new = add_hierarchy(&ops->hierarchies,
+			    delegatable,
+			    must_copy_string(DEFAULT_CGROUP_MOUNTPOINT),
+			    move_ptr(base_cgroup),
+			    CGROUP2_SUPER_MAGIC);
 	if (unprivileged)
 		cg_unified_delegate(&new->cgroup2_chown);