Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cgroups: Introduce lxc.cgroup.dir.monitor.pivot - fixes cgroup removal on termination #3563

Merged
merged 1 commit into from Oct 27, 2020
Merged

cgroups: Introduce lxc.cgroup.dir.monitor.pivot - fixes cgroup removal on termination #3563

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
12 changes: 12 additions & 0 deletions doc/lxc.container.conf.sgml.in
View file
Open in desktop
Expand Up @@ -1604,6 +1604,18 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>lxc.cgroup.dir.monitor.pivot</option>
</term>
<listitem>
<para>
On container termination the PID of the monitor process is attached to this cgroup.
This path should not be a subpath of any other configured cgroup dir to ensure
proper removal of other cgroup paths on container termination.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>lxc.cgroup.dir.container.inner</option>
Expand Down
5 changes: 4 additions & 1 deletion src/lxc/cgroups/cgfsng.c
View file
Open in desktop
Expand Up @@ -1093,7 +1093,10 @@ __cgfsng_ops static void cgfsng_monitor_destroy(struct cgroup_ops *ops,
goto try_lxc_rm_rf;
}

if (conf && conf->cgroup_meta.monitor_dir)
if (conf && conf->cgroup_meta.monitor_pivot_dir)
pivot_path = must_make_path(h->mountpoint, h->container_base_path,
conf->cgroup_meta.monitor_pivot_dir, CGROUP_PIVOT, NULL);
else if (conf && conf->cgroup_meta.monitor_dir)
pivot_path = must_make_path(h->mountpoint, h->container_base_path,
conf->cgroup_meta.monitor_dir, CGROUP_PIVOT, NULL);
else if (conf && conf->cgroup_meta.dir)
Expand Down
1 change: 1 addition & 0 deletions src/lxc/conf.h
View file
Open in desktop
Expand Up @@ -61,6 +61,7 @@ struct lxc_cgroup {
char *controllers;
char *dir;
char *monitor_dir;
char *monitor_pivot_dir;
char *container_dir;
char *namespace_dir;
bool relative;
Expand Down
36 changes: 36 additions & 0 deletions src/lxc/confile.c
View file
Open in desktop
Expand Up @@ -73,6 +73,7 @@ lxc_config_define(cgroup_controller);
lxc_config_define(cgroup2_controller);
lxc_config_define(cgroup_dir);
lxc_config_define(cgroup_monitor_dir);
lxc_config_define(cgroup_monitor_pivot_dir);
lxc_config_define(cgroup_container_dir);
lxc_config_define(cgroup_container_inner_dir);
lxc_config_define(cgroup_relative);
Expand Down Expand Up @@ -178,6 +179,7 @@ static struct lxc_config_t config_jump_table[] = {
{ "lxc.cap.drop", set_config_cap_drop, get_config_cap_drop, clr_config_cap_drop, },
{ "lxc.cap.keep", set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
{ "lxc.cgroup2", set_config_cgroup2_controller, get_config_cgroup2_controller, clr_config_cgroup2_controller, },
{ "lxc.cgroup.dir.monitor.pivot", set_config_cgroup_monitor_pivot_dir, get_config_cgroup_monitor_pivot_dir, clr_config_cgroup_monitor_pivot_dir, },
{ "lxc.cgroup.dir.monitor", set_config_cgroup_monitor_dir, get_config_cgroup_monitor_dir, clr_config_cgroup_monitor_dir, },
{ "lxc.cgroup.dir.container.inner", set_config_cgroup_container_inner_dir, get_config_cgroup_container_inner_dir, clr_config_cgroup_container_inner_dir, },
{ "lxc.cgroup.dir.container", set_config_cgroup_container_dir, get_config_cgroup_container_dir, clr_config_cgroup_container_dir, },
Expand Down Expand Up @@ -1814,6 +1816,16 @@ static int set_config_cgroup_monitor_dir(const char *key, const char *value,
value);
}

static int set_config_cgroup_monitor_pivot_dir(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
if (lxc_config_value_empty(value))
return clr_config_cgroup_monitor_pivot_dir(key, lxc_conf, NULL);

return set_config_string_item(&lxc_conf->cgroup_meta.monitor_pivot_dir,
value);
}

static int set_config_cgroup_container_dir(const char *key, const char *value,
struct lxc_conf *lxc_conf,
void *data)
Expand Down Expand Up @@ -3858,6 +3870,22 @@ static int get_config_cgroup_monitor_dir(const char *key, char *retv, int inlen,
return fulllen;
}

static int get_config_cgroup_monitor_pivot_dir(const char *key, char *retv, int inlen,
struct lxc_conf *lxc_conf, void *data)
{
int len;
int fulllen = 0;

if (!retv)
inlen = 0;
else
memset(retv, 0, inlen);

strprint(retv, inlen, "%s", lxc_conf->cgroup_meta.monitor_pivot_dir);

return fulllen;
}

static int get_config_cgroup_container_dir(const char *key, char *retv,
int inlen,
struct lxc_conf *lxc_conf,
Expand Down Expand Up @@ -4756,6 +4784,14 @@ static int clr_config_cgroup_monitor_dir(const char *key,
return 0;
}

static int clr_config_cgroup_monitor_pivot_dir(const char *key,
struct lxc_conf *lxc_conf,
void *data)
{
free_disarm(lxc_conf->cgroup_meta.monitor_pivot_dir);
return 0;
}

static int clr_config_cgroup_container_dir(const char *key,
struct lxc_conf *lxc_conf,
void *data)
Expand Down