回复: [PATCH] cgroup/pid: fix the pid_cgrp attach bug in cgroup v2
From: 苏辉(Robert Su)
Date: Fri Jul 02 2021 - 05:22:59 EST
Sorry, please ignore this change...
-----邮件原件-----
发件人: 苏辉(Robert Su) <suhui@xxxxxxxx>
发送时间: 2021年7月2日 17:19
收件人: tj@xxxxxxxxxx; lizefan.x@xxxxxxxxxxxxx; hannes@xxxxxxxxxxx; cgroups@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
抄送: 苏辉(Robert Su) <suhui@xxxxxxxx>
主题: [PATCH] cgroup/pid: fix the pid_cgrp attach bug in cgroup v2
pids_can_attach() should make sure the pids->counter not bigger than pids->limit, so we should use pids_try_charge() here.
without the change:
root@test:/sys/fs/cgroup/test# cat pids.max
3
root@test:/sys/fs/cgroup/test# sleep 1000 & [1] 3379 root@test:/sys/fs/cgroup/test# sleep 1000 & [2] 3380 root@test:/sys/fs/cgroup/test# sleep 1000 & [3] 3381 root@test:/sys/fs/cgroup/test# sleep 1000 & [4] 3382 root@test:/sys/fs/cgroup/test# echo 3379 > cgroup.procs root@test:/sys/fs/cgroup/test# echo 3380 > cgroup.procs root@test:/sys/fs/cgroup/test# echo 3381 > cgroup.procs root@test:/sys/fs/cgroup/test# echo 3382 > cgroup.procs root@test:/sys/fs/cgroup/test# cat pids.max
3
root@test:/sys/fs/cgroup/test# cat pids.current
4
root@test:/sys/fs/cgroup/test# cat cgroup.procs
3379
3380
3381
3382
root@test:/sys/fs/cgroup/test#
with this change:
root@test:/sys/fs/cgroup/test# cat pids.current
3
root@test:/sys/fs/cgroup/test# cat pids.max
3
root@test:/sys/fs/cgroup/test# cat cgroup.procs
2614
3683
3684
root@test:/sys/fs/cgroup/test# sleep 10000 & [5] 3733 root@test:/sys/fs/cgroup/test# echo 3733 > cgroup.procs
bash: echo: write error: Resource temporarily unavailable root@test:/sys/fs/cgroup/test# cat cgroup.procs
2614
3683
3684
root@test:/sys/fs/cgroup/test# cat pids.current
3
root@test:/sys/fs/cgroup/test# dmesg |tail -n 1 [ 863.612162] cgroup: attach rejected by pids controller in /test
Signed-off-by: Hui Su <suhui@xxxxxxxx>
---
kernel/cgroup/pids.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/kernel/cgroup/pids.c b/kernel/cgroup/pids.c index 511af87f685e..5e24990f28de 100644
--- a/kernel/cgroup/pids.c
+++ b/kernel/cgroup/pids.c
@@ -172,6 +172,7 @@ static int pids_can_attach(struct cgroup_taskset *tset) {
struct task_struct *task;
struct cgroup_subsys_state *dst_css;
+ int ret = 0;
cgroup_taskset_for_each(task, dst_css, tset) {
struct pids_cgroup *pids = css_pids(dst_css); @@ -186,11 +187,17 @@ static int pids_can_attach(struct cgroup_taskset *tset)
old_css = task_css(task, pids_cgrp_id);
old_pids = css_pids(old_css);
- pids_charge(pids, 1);
+ ret = pids_try_charge(pids, 1);
+ if (ret) {
+ pr_info("cgroup: attach rejected by pids controller in ");
+ pr_cont_cgroup_path(dst_css->cgroup);
+ pr_cont("\n");
+ break;
+ }
pids_uncharge(old_pids, 1);
}
- return 0;
+ return ret;
}
static void pids_cancel_attach(struct cgroup_taskset *tset)
--
2.25.1