Move operations previously done in the process of joining ve cgroup in ve_attach() to ve_setup_task() helper and call it from ve namespace join paths.
This is another step in making the process' ve to be namespace based, similar to what we did for ->task_ve. https://virtuozzo.atlassian.net/browse/VSTOR-119941 Signed-off-by: Pavel Tikhomirov <[email protected]> Feature: ve: ve generic structures --- include/linux/ve.h | 4 ++++ kernel/ve/ve.c | 52 +++++++++++++++++++--------------------- kernel/ve/ve_namespace.c | 5 ++++ 3 files changed, 33 insertions(+), 28 deletions(-) diff --git a/include/linux/ve.h b/include/linux/ve.h index 0fbc4c45525f..680a8ff2e6f0 100644 --- a/include/linux/ve.h +++ b/include/linux/ve.h @@ -254,6 +254,8 @@ int ve_net_hide_sysctl(struct net *net); extern bool is_ve_init_net(const struct net *net); +void ve_setup_task(struct task_struct *p, struct ve_struct *ve); + #else /* CONFIG_VE */ #include <linux/init_task.h> #define get_ve(ve) ((void)(ve), NULL) @@ -307,6 +309,8 @@ static inline struct cgroup_subsys_state *css_ve_root1( static inline int vz_security_family_check(struct net *net, int family, int type) { return 0; } static inline int vz_security_protocol_check(struct net *net, int protocol) { return 0; } +static inline void ve_setup_task(struct task_struct *p, struct ve_struct *ve) { } + #endif /* CONFIG_VE */ struct seq_file; diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index 5d28d78a74da..61448af310c7 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -1171,33 +1171,6 @@ static int ve_can_attach(struct cgroup_taskset *tset) return ve_is_attachable(tset); } -static void ve_attach(struct cgroup_taskset *tset) -{ - struct cgroup_subsys_state *css; - struct task_struct *task; - extern struct cpuid_override_table __rcu *cpuid_override; - - cgroup_taskset_for_each(task, css, tset) { - struct ve_struct *ve = css_to_ve(css); - - /* this probihibts ptracing of task entered to VE from host system */ - if (VE_IS_RUNNING(ve) && task->mm) - task->mm->vps_dumpable = VD_VE_ENTER_TASK; - - /* Drop OOM protection. */ - task->signal->oom_score_adj = 0; - task->signal->oom_score_adj_min = 0; - - /* Leave parent exec domain */ - task->parent_exec_id--; - - ve_set_task_start_time(ve, task); - - if (cpuid_override_on()) - set_tsk_thread_flag(task, TIF_CPUID_OVERRIDE); - } -} - static int ve_state_show(struct seq_file *sf, void *v) { struct cgroup_subsys_state *css = seq_css(sf); @@ -1904,7 +1877,6 @@ struct cgroup_subsys ve_cgrp_subsys = { .css_offline = ve_offline, .css_free = ve_destroy, .can_attach = ve_can_attach, - .attach = ve_attach, .legacy_cftypes = ve_cftypes, .dfl_cftypes = ve_cftypes, }; @@ -2051,4 +2023,28 @@ int ve_get_cpu_stat(struct ve_struct *ve, struct kernel_cpustat *kstat) return err; } EXPORT_SYMBOL(ve_get_cpu_stat); + +void ve_setup_task(struct task_struct *task, struct ve_struct *ve) +{ + if (ve == &ve0) + return; + + /* this probihibts ptracing of task entered to VE from host system */ + if (VE_IS_RUNNING(ve) && task->mm) + task->mm->vps_dumpable = VD_VE_ENTER_TASK; + + /* Drop OOM protection. */ + task->signal->oom_score_adj = 0; + task->signal->oom_score_adj_min = 0; + + /* Leave parent exec domain */ + task->parent_exec_id--; + + ve_set_task_start_time(ve, task); + + if (cpuid_override_on()) + set_tsk_thread_flag(task, TIF_CPUID_OVERRIDE); +} +EXPORT_SYMBOL(ve_setup_task); + #endif /* CONFIG_CGROUP_SCHED */ diff --git a/kernel/ve/ve_namespace.c b/kernel/ve/ve_namespace.c index 9df82c95f3d5..c8f89f57ab03 100644 --- a/kernel/ve/ve_namespace.c +++ b/kernel/ve/ve_namespace.c @@ -92,6 +92,9 @@ int copy_ve_ns(unsigned long flags, struct task_struct *p) p->ve_ns = new_ve_ns; p->task_ve = new_ve_ns->ve; + + ve_setup_task(p, p->task_ve); + return 0; } @@ -143,6 +146,8 @@ void switch_ve_namespace(struct task_struct *p, struct ve_namespace *new) if (old) put_ve_ns(old); + + ve_setup_task(p, p->task_ve); } void exit_ve_namespace(struct task_struct *p) -- 2.52.0 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
