26 Jul, 2008

1 commit

• e885dcde7   cgroup_clone: use pid of newly created task for new cgroup ... Browse Code »

  cgroup_clone creates a new cgroup with the pid of the task. This works
  correctly for unshare, but for clone cgroup_clone is called from
  copy_namespaces inside copy_process, which happens before the new pid is
  created. As a result, the new cgroup was created with current's pid.
  This patch:

  1. Moves the call inside copy_process to after the new pid
  is created
  2. Passes the struct pid into ns_cgroup_clone (as it is not
  yet attached to the task)
  3. Passes a name from ns_cgroup_clone() into cgroup_clone()
  so as to keep cgroup_clone() itself simpler
  4. Uses pid_vnr() to get the process id value, so that the
  pid used to name the new cgroup is always the pid as it
  would be known to the task which did the cloning or
  unsharing. I think that is the most intuitive thing to
  do. This way, task t1 does clone(CLONE_NEWPID) to get
  t2, which does clone(CLONE_NEWPID) to get t3, then the
  cgroup for t3 will be named for the pid by which t2 knows
  t3.

  (Thanks to Dan Smith for finding the main bug)

  Changelog:
  June 11: Incorporate Paul Menage's feedback: don't pass
  NULL to ns_cgroup_clone from unshare, and reduce
  patch size by using 'nodename' in cgroup_clone.
  June 10: Original version

  [akpm@linux-foundation.org: build fix]
  [akpm@linux-foundation.org: coding-style fixes]
  Signed-off-by: Serge Hallyn
  Acked-by: Paul Menage
  Tested-by: Dan Smith
  Cc: Balbir Singh
  Cc: KAMEZAWA Hiroyuki
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Serge E. Hallyn

  2008-07-26 01:53:37 +0800  

29 Apr, 2008

2 commits

• 3ff31d0cc   cgroups: kernel/ns_cgroup.c should #include <linux/nsproxy.h> ... Browse Code »

  Every file should include the headers containing the externs its global
  functions (in this case for ns_cgroup_clone()).

  Signed-off-by: Adrian Bunk
  Acked-by: Serge Hallyn
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Adrian Bunk

  2008-04-29 23:06:07 +0800  
• 1aeb272cf   kernel: explicitly include required header files under kernel/ ... Browse Code »

  Following an experimental deletion of the unnecessary directive

  #include

  from the header file , these files under kernel/ were exposed
  as needing to include one of or , so explicit
  includes were added where necessary.

  Signed-off-by: Robert P. J. Day
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Robert P. J. Day

  2008-04-29 23:06:04 +0800  

20 Oct, 2007

1 commit

• 858d72ead   cgroups: implement namespace tracking subsystem ... Browse Code »

  When a task enters a new namespace via a clone() or unshare(), a new cgroup
  is created and the task moves into it.

  This version names cgroups which are automatically created using
  cgroup_clone() as "node_" where pid is the pid of the unsharing or
  cloned process. (Thanks Pavel for the idea) This is safe because if the
  process unshares again, it will create

  /cgroups/(...)/node_/node_

  The only possibilities (AFAICT) for a -EEXIST on unshare are

  1. pid wraparound
  2. a process fails an unshare, then tries again.

  Case 1 is unlikely enough that I ignore it (at least for now). In case 2, the
  node_ will be empty and can be rmdir'ed to make the subsequent unshare()
  succeed.

  Changelog:
  Name cloned cgroups as "node_".

  [clg@fr.ibm.com: fix order of cgroup subsystems in init/Kconfig]
  Signed-off-by: Serge E. Hallyn
  Cc: Paul Menage
  Signed-off-by: Cedric Le Goater
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Serge E. Hallyn

  2007-10-20 02:53:37 +0800