From 556c674d6ed128b6f847d4932b61a537edabff1e Mon Sep 17 00:00:00 2001 From: cunshunxia Date: Mon, 26 Jun 2023 04:14:40 +0000 Subject: [PATCH] mute the memory recursiveprot log if version of kernel is low. --- src/shared/mount-setup.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c index ede4e8483a1..1226ca121e1 100644 --- a/src/shared/mount-setup.c +++ b/src/shared/mount-setup.c @@ -61,6 +61,21 @@ typedef struct MountPoint { #define N_EARLY_MOUNT 4 #endif +static bool check_recursiveprot_supported(void) { + int r; + + if (!cg_is_unified_wanted()) + return false; + + r = mount_option_supported("cgroup2", "memory_recursiveprot", NULL); + if (r < 0) + log_debug_errno(r, "Failed to determiner whether the 'memory_recursiveprot' mount option is supported, assuming not: %m"); + else if (r == 0) + log_debug("This kernel version does not support 'memory_recursiveprot', not using mount option."); + + return r > 0; +} + static const MountPoint mount_table[] = { { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL, MNT_FATAL|MNT_IN_CONTAINER|MNT_FOLLOW_SYMLINK }, @@ -87,7 +102,7 @@ static const MountPoint mount_table[] = { { "tmpfs", "/run", "tmpfs", "mode=0755" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate,memory_recursiveprot", MS_NOSUID|MS_NOEXEC|MS_NODEV, - cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, + check_recursiveprot_supported, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, { "cgroup2", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, -- 2.47.3