[lxc-devel] [lxd/master] cgroups: pre-mount on pure-cgroup2 systems with cgroup namespaces

Wed, 11 Dec 2019 07:21:53 -0800 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/6588

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
We only do force-premounting if we are on a cgroup2-only system.
While it's paranoid to check for both since cgroup2-only should imply cgroupns
but let's not rely on that.

Closes #6587.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>

From 2a4c2ed0421ec1affb741440eae7a9a5e1f43b0a Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Wed, 11 Dec 2019 16:18:51 +0100
Subject: [PATCH] cgroups: pre-mount on pure-cgroup2 systems with cgroup
 namespaces

We only do force-premounting if we are on a cgroup2-only system.
While it's paranoid to check for both since cgroup2-only should imply cgroupns
but let's not rely on that.

Closes #6587.
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 lxd/cgroup/init.go   | 23 +++++++++++++++++++++++
 lxd/container_lxc.go |  4 +++-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/lxd/cgroup/init.go b/lxd/cgroup/init.go
index 6cd78e24af..db1ccd734f 100644
--- a/lxd/cgroup/init.go
+++ b/lxd/cgroup/init.go
@@ -6,12 +6,27 @@ import (
        "path/filepath"
        "strings"
 
+       "github.com/lxc/lxd/shared"
        "github.com/lxc/lxd/shared/logger"
 )
 
+var cgCgroup2SuperMagic int64 = 0x63677270
+
 var cgControllers = map[string]Backend{}
+var cgFullCgroup2 bool
+var cgCgroupNamespace bool
 
 func init() {
+       st, err := shared.Statvfs("/sys/fs/cgroup")
+       if err == nil && st.Type == cgCgroup2SuperMagic {
+               cgFullCgroup2 = true
+       }
+
+       _, err = os.Stat("/proc/self/ns/cgroup")
+       if err == nil {
+               cgCgroupNamespace = true
+       }
+
        // Go through the list of resource controllers for LXD.
        selfCg, err := os.Open("/proc/self/cgroup")
        if err != nil {
@@ -72,3 +87,11 @@ func init() {
                }
        }
 }
+
+func WantsMountCgroupsForce() bool {
+       return cgFullCgroup2 && cgCgroupNamespace
+}
+
+func WantsMountCgroupsMixed() bool {
+       return cgCgroupNamespace
+}
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 2c4e0097ca..972ed44ac4 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -781,7 +781,9 @@ func (c *containerLXC) initLXC(config bool) error {
                mounts = append(mounts, "sys:rw")
        }
 
-       if !shared.PathExists("/proc/self/ns/cgroup") {
+       if cgroup.WantsMountCgroupsForce() {
+               mounts = append(mounts, "cgroup:rw:force")
+       } else if cgroup.WantsMountCgroupsMixed() {
                mounts = append(mounts, "cgroup:mixed")
        }
 

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to