Initial support for cgmanager

This patch splits out most of the cgroupfs-specific code, so that cgroup-manager versions can be plugged in. The case I did not handle is cgroup_enter at lxc_attach. I'm hoping that case can be greatly simplified, but will worry about it after fleshing out the cgroup manager handlers. This also simplify the freezer functions. This seems to not regress my common tests when running without cgmanager, but I'd like to do a bit more testing before pushing. However I was hoping to get some more eyes on this so am sending it out now. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>
lxc · Jan 16, 2014 · d4ef7c5 · d4ef7c5
1 parent 9cde036
commit d4ef7c5
Show file tree

Hide file tree

Showing 13 changed files with 718 additions and 201 deletions.
diff --git a/configure.ac b/configure.ac
@@ -240,6 +240,23 @@ AM_COND_IF([ENABLE_SECCOMP],
 		])
 	])
 
+# cgmanager
+AC_ARG_ENABLE([cgmanager],
+	[AC_HELP_STRING([--enable-cgmanager], [enable cgmanager support [default=auto]])],
+	[], [enable_cgmanager=auto])
+
+if test "x$enable_cgmanager" = "xauto" ; then
+	AC_CHECK_LIB([cgmanager],[cgmanager_create],[enable_cgmanager=yes],[enable_cgmanager=no])
+fi
+AM_CONDITIONAL([ENABLE_CGMANAGER], [test "x$enable_cgmanager" = "xyes"])
+
+AM_COND_IF([ENABLE_CGMANAGER],
+	[PKG_CHECK_MODULES([CGMANAGER], [libcgmanager])
+	PKG_CHECK_MODULES([NIH], [libnih >= 1.0.2])
+	PKG_CHECK_MODULES([NIH_DBUS], [libnih-dbus >= 1.0.0])
+	PKG_CHECK_MODULES([DBUS], [dbus-1 >= 1.2.16])
+	])
+
 # Linux capabilities
 AC_ARG_ENABLE([capabilities],
 	[AC_HELP_STRING([--enable-capabilities], [enable kernel capabilities support [default=auto]])],
@@ -689,6 +706,7 @@ Security features:
  - Linux capabilities: $enable_capabilities
  - seccomp: $enable_seccomp
  - SELinux: $enable_selinux
+ - cgmanager: $enable_cgmanager
 
 Bindings:
  - lua: $enable_lua

diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
@@ -93,6 +93,10 @@ liblxc_so_SOURCES = \
 	\
 	$(LSM_SOURCES)
 
+if ENABLE_CGMANAGER
+liblxc_so_SOURCES += cgmanager.c
+endif
+
 if IS_BIONIC
 liblxc_so_SOURCES += \
 	../include/ifaddrs.c ../include/ifaddrs.h \
@@ -122,6 +126,10 @@ if ENABLE_APPARMOR
 AM_CFLAGS += -DHAVE_APPARMOR
 endif
 
+if ENABLE_CGMANAGER
+AM_CFLAGS += -DHAVE_CGMANAGER
+endif
+
 if ENABLE_SELINUX
 AM_CFLAGS += -DHAVE_SELINUX
 endif
@@ -144,6 +152,11 @@ liblxc_so_LDFLAGS = \
 
 liblxc_so_LDADD = $(CAP_LIBS) $(APPARMOR_LIBS) $(SECCOMP_LIBS)
 
+#if ENABLE_CGMANAGER
+liblxc_so_LDADD += $(CGMANAGER_LIBS) $(DBUS_LIBS) $(NIH_LIBS) $(NIH_DBUS_LIBS)
+liblxc_so_CFLAGS += $(CGMANAGER_CFLAGS) $(DBUS_CFLAGS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS)
+#endif
+
 bin_SCRIPTS = \
 	lxc-ps \
 	lxc-netstat \
@@ -245,6 +258,11 @@ LDADD=liblxc.so @CAP_LIBS@ @APPARMOR_LIBS@ @SECCOMP_LIBS@
 lxc_attach_SOURCES = lxc_attach.c
 lxc_autostart_SOURCES = lxc_autostart.c
 lxc_cgroup_SOURCES = lxc_cgroup.c
+#if ENABLE_CGMANAGER
+lxc_cgroup_SOURCES += cgmanager.c
+lxc_cgroup_LDADD = $(CGMANAGER_LIBS) $(DBUS_LIBS) $(NIH_LIBS) $(NIH_DBUS_LIBS) $(LDADD)
+lxc_cgroup_CFLAGS = $(CGMANAGER_CFLAGS) $(DBUS_CFLAGS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS)
+#endif
 lxc_checkpoint_SOURCES = lxc_checkpoint.c
 lxc_config_SOURCES = lxc_config.c
 lxc_console_SOURCES = lxc_console.c

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
@@ -748,7 +748,11 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun
 				goto cleanup_error;
 			}
 
-			ret = lxc_cgroup_enter(container_info, attached_pid, false);
+			/*
+			 * TODO - switch over to using a cgroup_operation.  We can't use
+			 * cgroup_enter() as that takes a handler.
+			 */
+			ret = lxc_cgroupfs_enter(container_info, attached_pid, false);
 			lxc_cgroup_process_info_free(container_info);
 			if (ret < 0) {
 				ERROR("could not move attached process %ld to cgroup of container", (long)attached_pid);