Second part of changes for enabling cgroup-v2: - Enable cgroup-v2 files - Hide cgroup files per controller - Move ve cgroup attach operations to namespace join path - Allow nested ve cgroup in cgroup-v2 - Link ve namespace and cgroup namespace exclusively - Make CLONE_NEWVE easier to use from vzctl and alter original namespace creation ordering to be user -> ve -> other namespaces.
https://virtuozzo.atlassian.net/browse/VSTOR-119803 https://virtuozzo.atlassian.net/browse/VSTOR-119804 https://virtuozzo.atlassian.net/browse/VSTOR-119941 https://virtuozzo.atlassian.net/browse/VSTOR-104639 https://virtuozzo.atlassian.net/browse/VSTOR-119801 https://virtuozzo.atlassian.net/browse/VSTOR-118289 Signed-off-by: Pavel Tikhomirov <[email protected]> v2: append extra improving/fixing patches Pavel Tikhomirov (12): cgroup-v2: Add a new API to hide cgroup files per controller ve: Enable files on cgroup-v2 ve/cgroup-v2: Allow writing to some files in the root of cgroup namespace ve_namespace: Don't allow to share thread group across VE boundaries ve_namespace: Move cgroup ve_attach() operations to namespace join path ve_namespace: Block setns untill VE is running ve: Always allow to attach to ve cgroup ve/cgroup-v2: Allow nested ve cgroup directories ve/cgroup-v2: Don't hide default cgroup when ve controller is enabled on it ve_namespace: Make link between ve namespace and cgroup exclusive ve_namespace: Reorder VE namespace creation before other namespaces ve_namespace: Make CLONE_NEWVE work with clone3 fs/sysfs/ve.c | 2 +- include/linux/cgroup-defs.h | 1 + include/linux/cgroup.h | 1 + include/linux/ve.h | 6 ++ kernel/cgroup/cgroup.c | 136 +++++++++++++++++++++++++++++++++++- kernel/fork.c | 56 ++++++++++----- kernel/ve/ve.c | 132 ++++++++-------------------------- kernel/ve/ve_namespace.c | 56 +++++++++++++-- 8 files changed, 260 insertions(+), 130 deletions(-) -- 2.52.0 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
