[PATCH v2 1/2] cgroup: export list of delegatable control files using sysfs

From: Roman Gushchin
Date: Mon Nov 06 2017 - 13:31:05 EST

Next message: Roman Gushchin: "[PATCH v2 2/2] cgroup: export list of cgroups v2 features using sysfs"
Previous message: Brijesh Singh: "[Part2 PATCH v8 01/38] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV)"
In reply to: Tejun Heo: "Re: [PATCH 1/2] cgroup: export list of delegatable control files using sysfs"
Next in thread: Roman Gushchin: "[PATCH v2 2/2] cgroup: export list of cgroups v2 features using sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Delegatable cgroup v2 control files may require special handling
(e.g. chowning), and the exact list of such files varies between
kernel versions (and likely to be extended in the future).

To guarantee correctness of this list and simplify the life
of userspace (systemd, first of all), let's export the list
via /sys/kernel/cgroup/delegate pseudo-file.

Format is siple: each control file name is printed on a new line.
Example:
$ cat /sys/kernel/cgroup/delegate
cgroup.procs
cgroup.subtree_control

Signed-off-by: Roman Gushchin <guro@xxxxxx>
Cc: Tejun Heo <tj@xxxxxxxxxx>
Cc: kernel-team@xxxxxx
---
kernel/cgroup/cgroup.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 61 insertions(+)

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index d6ed725f36d9..eed92ed624e5 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5832,3 +5832,64 @@ int cgroup_bpf_update(struct cgroup *cgrp, struct bpf_prog *prog,
return ret;
}
#endif /* CONFIG_CGROUP_BPF */
+
+#ifdef CONFIG_SYSFS
+static ssize_t show_delegatable_files(struct cftype *files, char *buf,
+ ssize_t size, const char *prefix)
+{
+ struct cftype *cft;
+ ssize_t ret = 0;
+
+ for (cft = files; cft && cft->name[0] != '\0'; cft++) {
+ if (!(cft->flags & CFTYPE_NS_DELEGATABLE))
+ continue;
+
+ if (prefix)
+ ret += snprintf(buf + ret, size - ret, "%s.", prefix);
+
+ ret += snprintf(buf + ret, size - ret, "%s\n", cft->name);
+
+ if (unlikely(ret >= size)) {
+ WARN_ON(1);
+ break;
+ }
+ }
+
+ return ret;
+}
+
+static ssize_t delegate_show(struct kobject *kobj, struct kobj_attribute *attr,
+ char *buf)
+{
+ struct cgroup_subsys *ss;
+ int ssid;
+ ssize_t ret = 0;
+
+ ret = show_delegatable_files(cgroup_base_files, buf, PAGE_SIZE - ret,
+ NULL);
+
+ for_each_subsys(ss, ssid)
+ ret += show_delegatable_files(ss->dfl_cftypes, buf + ret,
+ PAGE_SIZE - ret,
+ cgroup_subsys_name[ssid]);
+
+ return ret;
+}
+static struct kobj_attribute cgroup_delegate_attr = __ATTR_RO(delegate);
+
+static struct attribute *cgroup_sysfs_attrs[] = {
+ &cgroup_delegate_attr.attr,
+ NULL,
+};
+
+static const struct attribute_group cgroup_sysfs_attr_group = {
+ .attrs = cgroup_sysfs_attrs,
+ .name = "cgroup",
+};
+
+static int __init cgroup_sysfs_init(void)
+{
+ return sysfs_create_group(kernel_kobj, &cgroup_sysfs_attr_group);
+}
+subsys_initcall(cgroup_sysfs_init);
+#endif /* CONFIG_SYSFS */
--
2.13.6

Next message: Roman Gushchin: "[PATCH v2 2/2] cgroup: export list of cgroups v2 features using sysfs"
Previous message: Brijesh Singh: "[Part2 PATCH v8 01/38] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV)"
In reply to: Tejun Heo: "Re: [PATCH 1/2] cgroup: export list of delegatable control files using sysfs"
Next in thread: Roman Gushchin: "[PATCH v2 2/2] cgroup: export list of cgroups v2 features using sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]