|
 |
c480ed |
From c06173bae3630cd1f953e69c4dd8df98904892a5 Mon Sep 17 00:00:00 2001
|
|
|
c480ed |
Message-Id: <c06173bae3630cd1f953e69c4dd8df98904892a5@dist-git>
|
|
|
c480ed |
From: Pavel Hrdina <phrdina@redhat.com>
|
|
|
c480ed |
Date: Mon, 1 Jul 2019 17:08:24 +0200
|
|
|
c480ed |
Subject: [PATCH] util: vircgroupv2: stop enabling missing controllers with
|
|
|
c480ed |
systemd
|
|
|
c480ed |
MIME-Version: 1.0
|
|
|
c480ed |
Content-Type: text/plain; charset=UTF-8
|
|
|
c480ed |
Content-Transfer-Encoding: 8bit
|
|
|
c480ed |
|
|
|
c480ed |
Because of a systemd delegation policy [1] we should not write to any
|
|
|
c480ed |
cgroups files owned by systemd which in case of cgroups v2 includes
|
|
|
c480ed |
'cgroups.subtree_control'.
|
|
|
c480ed |
|
|
|
c480ed |
systemd will enable controllers automatically for us to have them
|
|
|
c480ed |
available for VM cgroups.
|
|
|
c480ed |
|
|
|
c480ed |
[1] <https://github.com/systemd/systemd/blob/master/docs/CGROUP_DELEGATION.md>
|
|
|
c480ed |
|
|
|
c480ed |
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
|
|
|
c480ed |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
c480ed |
(cherry picked from commit 62dd4d25a2bc5ee33ed22728dc79a5da99906748)
|
|
|
c480ed |
|
|
|
c480ed |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689297
|
|
|
c480ed |
|
|
|
c480ed |
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
|
|
|
c480ed |
Message-Id: <273d20b3ced7f8b3ea0cc761cff25601f03e318f.1561993100.git.phrdina@redhat.com>
|
|
|
c480ed |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
c480ed |
---
|
|
|
c480ed |
src/util/vircgroup.c | 2 +-
|
|
|
c480ed |
src/util/vircgroupbackend.h | 3 +++
|
|
|
c480ed |
src/util/vircgroupv2.c | 5 +++++
|
|
|
c480ed |
3 files changed, 9 insertions(+), 1 deletion(-)
|
|
|
c480ed |
|
|
|
c480ed |
diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
|
|
|
c480ed |
index a7fb595bce..3c99934b25 100644
|
|
|
c480ed |
--- a/src/util/vircgroup.c
|
|
|
c480ed |
+++ b/src/util/vircgroup.c
|
|
|
c480ed |
@@ -1075,7 +1075,7 @@ virCgroupEnableMissingControllers(char *path,
|
|
|
c480ed |
&tmp) < 0)
|
|
|
c480ed |
goto cleanup;
|
|
|
c480ed |
|
|
|
c480ed |
- if (virCgroupMakeGroup(parent, tmp, true, VIR_CGROUP_NONE) < 0) {
|
|
|
c480ed |
+ if (virCgroupMakeGroup(parent, tmp, true, VIR_CGROUP_SYSTEMD) < 0) {
|
|
|
c480ed |
virCgroupFree(&tmp);
|
|
|
c480ed |
goto cleanup;
|
|
|
c480ed |
}
|
|
|
c480ed |
diff --git a/src/util/vircgroupbackend.h b/src/util/vircgroupbackend.h
|
|
|
c480ed |
index a825dc4be7..2b5be21a76 100644
|
|
|
c480ed |
--- a/src/util/vircgroupbackend.h
|
|
|
c480ed |
+++ b/src/util/vircgroupbackend.h
|
|
|
c480ed |
@@ -35,6 +35,9 @@ typedef enum {
|
|
|
c480ed |
* attaching tasks
|
|
|
c480ed |
*/
|
|
|
c480ed |
VIR_CGROUP_THREAD = 1 << 1, /* cgroup v2 handles threads differently */
|
|
|
c480ed |
+ VIR_CGROUP_SYSTEMD = 1 << 2, /* with systemd and cgroups v2 we cannot
|
|
|
c480ed |
+ * manually enable controllers that systemd
|
|
|
c480ed |
+ * doesn't know how to delegate */
|
|
|
c480ed |
} virCgroupBackendFlags;
|
|
|
c480ed |
|
|
|
c480ed |
typedef enum {
|
|
|
c480ed |
diff --git a/src/util/vircgroupv2.c b/src/util/vircgroupv2.c
|
|
|
c480ed |
index b0ed889cc8..749efa199b 100644
|
|
|
c480ed |
--- a/src/util/vircgroupv2.c
|
|
|
c480ed |
+++ b/src/util/vircgroupv2.c
|
|
|
c480ed |
@@ -394,6 +394,11 @@ virCgroupV2MakeGroup(virCgroupPtr parent ATTRIBUTE_UNUSED,
|
|
|
c480ed |
VIR_AUTOFREE(char *) path = NULL;
|
|
|
c480ed |
int controller;
|
|
|
c480ed |
|
|
|
c480ed |
+ if (flags & VIR_CGROUP_SYSTEMD) {
|
|
|
c480ed |
+ VIR_DEBUG("Running with systemd so we should not create cgroups ourselves.");
|
|
|
c480ed |
+ return 0;
|
|
|
c480ed |
+ }
|
|
|
c480ed |
+
|
|
|
c480ed |
VIR_DEBUG("Make group %s", group->path);
|
|
|
c480ed |
|
|
|
c480ed |
controller = virCgroupV2GetAnyController(group);
|
|
|
c480ed |
--
|
|
|
c480ed |
2.22.0
|
|
|
c480ed |
|