License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 23:07:57 +09:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0 */
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
#ifndef _LINUX_CGROUP_H
|
|
|
|
|
#define _LINUX_CGROUP_H
|
|
|
|
|
/*
|
|
|
|
|
* cgroup interface
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2003 BULL SA
|
|
|
|
|
* Copyright (C) 2004-2006 Silicon Graphics, Inc.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <linux/sched.h>
|
|
|
|
|
#include <linux/cpumask.h>
|
|
|
|
|
#include <linux/nodemask.h>
|
2012-11-10 02:12:29 +09:00
|
|
|
#include <linux/rculist.h>
|
Add cgroupstats
This patch is inspired by the discussion at
http://lkml.org/lkml/2007/4/11/187 and implements per cgroup statistics
as suggested by Andrew Morton in http://lkml.org/lkml/2007/4/11/263. The
patch is on top of 2.6.21-mm1 with Paul's cgroups v9 patches (forward
ported)
This patch implements per cgroup statistics infrastructure and re-uses
code from the taskstats interface. A new set of cgroup operations are
registered with commands and attributes. It should be very easy to
*extend* per cgroup statistics, by adding members to the cgroupstats
structure.
The current model for cgroupstats is a pull, a push model (to post
statistics on interesting events), should be very easy to add. Currently
user space requests for statistics by passing the cgroup file
descriptor. Statistics about the state of all the tasks in the cgroup
is returned to user space.
TODO's/NOTE:
This patch provides an infrastructure for implementing cgroup statistics.
Based on the needs of each controller, we can incrementally add more statistics,
event based support for notification of statistics, accumulation of taskstats
into cgroup statistics in the future.
Sample output
# ./cgroupstats -C /cgroup/a
sleeping 2, blocked 0, running 1, stopped 0, uninterruptible 0
# ./cgroupstats -C /cgroup/
sleeping 154, blocked 0, running 0, stopped 0, uninterruptible 0
If the approach looks good, I'll enhance and post the user space utility for
the same
Feedback, comments, test results are always welcome!
[akpm@linux-foundation.org: build fix]
Signed-off-by: Balbir Singh <balbir@linux.vnet.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: Jay Lan <jlan@engr.sgi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:44 +09:00
|
|
|
#include <linux/cgroupstats.h>
|
2013-04-15 12:15:25 +09:00
|
|
|
#include <linux/fs.h>
|
2013-12-06 02:28:04 +09:00
|
|
|
#include <linux/seq_file.h>
|
cgroup: convert to kernfs
cgroup filesystem code was derived from the original sysfs
implementation which was heavily intertwined with vfs objects and
locking with the goal of re-using the existing vfs infrastructure.
That experiment turned out rather disastrous and sysfs switched, a
long time ago, to distributed filesystem model where a separate
representation is maintained which is queried by vfs. Unfortunately,
cgroup stuck with the failed experiment all these years and
accumulated even more problems over time.
Locking and object lifetime management being entangled with vfs is
probably the most egregious. vfs is never designed to be misused like
this and cgroup ends up jumping through various convoluted dancing to
make things work. Even then, operations across multiple cgroups can't
be done safely as it'll deadlock with rename locking.
Recently, kernfs is separated out from sysfs so that it can be used by
users other than sysfs. This patch converts cgroup to use kernfs,
which will bring the following benefits.
* Separation from vfs internals. Locking and object lifetime
management is contained in cgroup proper making things a lot
simpler. This removes significant amount of locking convolutions,
hairy object lifetime rules and the restriction on multi-cgroup
operations.
* Can drop a lot of code to implement filesystem interface as most are
provided by kernfs.
* Proper "severing" semantics, which allows controllers to not worry
about lingering file accesses after offline.
While the preceding patches did as much as possible to make the
transition less painful, large part of the conversion has to be one
discrete step making this patch rather large. The rest of the commit
message lists notable changes in different areas.
Overall
-------
* vfs constructs replaced with kernfs ones. cgroup->dentry w/ ->kn,
cgroupfs_root->sb w/ ->kf_root.
* All dentry accessors are removed. Helpers to map from kernfs
constructs are added.
* All vfs plumbing around dentry, inode and bdi removed.
* cgroup_mount() now directly looks for matching root and then
proceeds to create a new one if not found.
Synchronization and object lifetime
-----------------------------------
* vfs inode locking removed. Among other things, this removes the
need for the convolution in cgroup_cfts_commit(). Future patches
will further simplify it.
* vfs refcnting replaced with cgroup internal ones. cgroup->refcnt,
cgroupfs_root->refcnt added. cgroup_put_root() now directly puts
root->refcnt and when it reaches zero proceeds to destroy it thus
merging cgroup_put_root() and the former cgroup_kill_sb().
Simliarly, cgroup_put() now directly schedules cgroup_free_rcu()
when refcnt reaches zero.
* Unlike before, kernfs objects don't hold onto cgroup objects. When
cgroup destroys a kernfs node, all existing operations are drained
and the association is broken immediately. The same for
cgroupfs_roots and mounts.
* All operations which come through kernfs guarantee that the
associated cgroup is and stays valid for the duration of operation;
however, there are two paths which need to find out the associated
cgroup from dentry without going through kernfs -
css_tryget_from_dir() and cgroupstats_build(). For these two,
kernfs_node->priv is RCU managed so that they can dereference it
under RCU read lock.
File and directory handling
---------------------------
* File and directory operations converted to kernfs_ops and
kernfs_syscall_ops.
* xattrs is implicitly supported by kernfs. No need to worry about it
from cgroup. This means that "xattr" mount option is no longer
necessary. A future patch will add a deprecated warning message
when sane_behavior.
* When cftype->max_write_len > PAGE_SIZE, it's necessary to make a
private copy of one of the kernfs_ops to set its atomic_write_len.
cftype->kf_ops is added and cgroup_init/exit_cftypes() are updated
to handle it.
* cftype->lockdep_key added so that kernfs lockdep annotation can be
per cftype.
* Inidividual file entries and open states are now managed by kernfs.
No need to worry about them from cgroup. cfent, cgroup_open_file
and their friends are removed.
* kernfs_nodes are created deactivated and kernfs_activate()
invocations added to places where creation of new nodes are
committed.
* cgroup_rmdir() uses kernfs_[un]break_active_protection() for
self-removal.
v2: - Li pointed out in an earlier patch that specifying "name="
during mount without subsystem specification should succeed if
there's an existing hierarchy with a matching name although it
should fail with -EINVAL if a new hierarchy should be created.
Prior to the conversion, this used by handled by deferring
failure from NULL return from cgroup_root_from_opts(), which was
necessary because root was being created before checking for
existing ones. Note that cgroup_root_from_opts() returned an
ERR_PTR() value for error conditions which require immediate
mount failure.
As we now have separate search and creation steps, deferring
failure from cgroup_root_from_opts() is no longer necessary.
cgroup_root_from_opts() is updated to always return ERR_PTR()
value on failure.
- The logic to match existing roots is updated so that a mount
attempt with a matching name but different subsys_mask are
rejected. This was handled by a separate matching loop under
the comment "Check for name clashes with existing mounts" but
got lost during conversion. Merge the check into the main
search loop.
- Add __rcu __force casting in RCU_INIT_POINTER() in
cgroup_destroy_locked() to avoid the sparse address space
warning reported by kbuild test bot. Maybe we want an explicit
interface to use kn->priv as RCU protected pointer?
v3: Make CONFIG_CGROUPS select CONFIG_KERNFS.
v4: Rebased on top of 0ab02ca8f887 ("cgroup: protect modifications to
cgroup_idr with cgroup_mutex").
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Cc: kbuild test robot fengguang.wu@intel.com>
2014-02-12 01:52:49 +09:00
|
|
|
#include <linux/kernfs.h>
|
2015-09-19 00:56:28 +09:00
|
|
|
#include <linux/jump_label.h>
|
2016-01-29 17:54:06 +09:00
|
|
|
#include <linux/types.h>
|
|
|
|
|
#include <linux/ns_common.h>
|
|
|
|
|
#include <linux/nsproxy.h>
|
|
|
|
|
#include <linux/user_namespace.h>
|
2017-02-20 19:19:00 +09:00
|
|
|
#include <linux/refcount.h>
|
2017-09-26 00:12:04 +09:00
|
|
|
#include <linux/kernel_stat.h>
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2015-05-14 04:38:40 +09:00
|
|
|
#include <linux/cgroup-defs.h>
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
|
|
|
|
#ifdef CONFIG_CGROUPS
|
|
|
|
|
|
2015-08-05 04:20:55 +09:00
|
|
|
/*
|
|
|
|
|
* All weight knobs on the default hierarhcy should use the following min,
|
|
|
|
|
* default and max values. The default value is the logarithmic center of
|
|
|
|
|
* MIN and MAX and allows 100x to be expressed in both directions.
|
|
|
|
|
*/
|
|
|
|
|
#define CGROUP_WEIGHT_MIN 1
|
|
|
|
|
#define CGROUP_WEIGHT_DFL 100
|
|
|
|
|
#define CGROUP_WEIGHT_MAX 10000
|
|
|
|
|
|
2017-05-15 22:34:01 +09:00
|
|
|
/* walk only threadgroup leaders */
|
|
|
|
|
#define CSS_TASK_ITER_PROCS (1U << 0)
|
2017-05-15 22:34:03 +09:00
|
|
|
/* walk all threaded css_sets in the domain */
|
|
|
|
|
#define CSS_TASK_ITER_THREADED (1U << 1)
|
2017-05-15 22:34:01 +09:00
|
|
|
|
2019-06-01 02:38:58 +09:00
|
|
|
/* internal flags */
|
|
|
|
|
#define CSS_TASK_ITER_SKIPPED (1U << 16)
|
|
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
/* a css_task_iter should be treated as an opaque object */
|
|
|
|
|
struct css_task_iter {
|
|
|
|
|
struct cgroup_subsys *ss;
|
2017-05-15 22:34:01 +09:00
|
|
|
unsigned int flags;
|
2015-05-14 05:24:16 +09:00
|
|
|
|
|
|
|
|
struct list_head *cset_pos;
|
|
|
|
|
struct list_head *cset_head;
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2017-05-15 22:34:03 +09:00
|
|
|
struct list_head *tcset_pos;
|
|
|
|
|
struct list_head *tcset_head;
|
|
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
struct list_head *task_pos;
|
|
|
|
|
struct list_head *tasks_head;
|
|
|
|
|
struct list_head *mg_tasks_head;
|
2019-06-01 02:38:58 +09:00
|
|
|
struct list_head *dying_tasks_head;
|
2015-10-16 05:41:52 +09:00
|
|
|
|
2020-01-24 20:40:15 +09:00
|
|
|
struct list_head *cur_tasks_head;
|
2015-10-16 05:41:52 +09:00
|
|
|
struct css_set *cur_cset;
|
2017-05-15 22:34:03 +09:00
|
|
|
struct css_set *cur_dcset;
|
2015-10-16 05:41:52 +09:00
|
|
|
struct task_struct *cur_task;
|
|
|
|
|
struct list_head iters_node; /* css_set->task_iters */
|
2015-05-14 05:24:16 +09:00
|
|
|
};
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
extern struct cgroup_root cgrp_dfl_root;
|
|
|
|
|
extern struct css_set init_css_set;
|
2007-10-19 15:39:35 +09:00
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
#define SUBSYS(_x) extern struct cgroup_subsys _x ## _cgrp_subsys;
|
2007-10-19 15:39:36 +09:00
|
|
|
#include <linux/cgroup_subsys.h>
|
|
|
|
|
#undef SUBSYS
|
|
|
|
|
|
2015-09-19 00:56:28 +09:00
|
|
|
#define SUBSYS(_x) \
|
|
|
|
|
extern struct static_key_true _x ## _cgrp_subsys_enabled_key; \
|
|
|
|
|
extern struct static_key_true _x ## _cgrp_subsys_on_dfl_key;
|
|
|
|
|
#include <linux/cgroup_subsys.h>
|
|
|
|
|
#undef SUBSYS
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* cgroup_subsys_enabled - fast test on whether a subsys is enabled
|
|
|
|
|
* @ss: subsystem in question
|
|
|
|
|
*/
|
|
|
|
|
#define cgroup_subsys_enabled(ss) \
|
|
|
|
|
static_branch_likely(&ss ## _enabled_key)
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* cgroup_subsys_on_dfl - fast test on whether a subsys is on default hierarchy
|
|
|
|
|
* @ss: subsystem in question
|
|
|
|
|
*/
|
|
|
|
|
#define cgroup_subsys_on_dfl(ss) \
|
|
|
|
|
static_branch_likely(&ss ## _on_dfl_key)
|
|
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
bool css_has_online_children(struct cgroup_subsys_state *css);
|
|
|
|
|
struct cgroup_subsys_state *css_from_id(int id, struct cgroup_subsys *ss);
|
2018-12-06 02:10:36 +09:00
|
|
|
struct cgroup_subsys_state *cgroup_e_css(struct cgroup *cgroup,
|
|
|
|
|
struct cgroup_subsys *ss);
|
2015-05-14 05:24:16 +09:00
|
|
|
struct cgroup_subsys_state *cgroup_get_e_css(struct cgroup *cgroup,
|
|
|
|
|
struct cgroup_subsys *ss);
|
|
|
|
|
struct cgroup_subsys_state *css_tryget_online_from_dir(struct dentry *dentry,
|
|
|
|
|
struct cgroup_subsys *ss);
|
|
|
|
|
|
2015-11-21 05:55:52 +09:00
|
|
|
struct cgroup *cgroup_get_from_path(const char *path);
|
2016-07-01 02:28:42 +09:00
|
|
|
struct cgroup *cgroup_get_from_fd(int fd);
|
2015-11-21 05:55:52 +09:00
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
int cgroup_attach_task_all(struct task_struct *from, struct task_struct *);
|
|
|
|
|
int cgroup_transfer_tasks(struct cgroup *to, struct cgroup *from);
|
|
|
|
|
|
|
|
|
|
int cgroup_add_dfl_cftypes(struct cgroup_subsys *ss, struct cftype *cfts);
|
|
|
|
|
int cgroup_add_legacy_cftypes(struct cgroup_subsys *ss, struct cftype *cfts);
|
|
|
|
|
int cgroup_rm_cftypes(struct cftype *cfts);
|
2015-11-05 14:12:24 +09:00
|
|
|
void cgroup_file_notify(struct cgroup_file *cfile);
|
2015-05-14 05:24:16 +09:00
|
|
|
|
2016-08-11 00:23:44 +09:00
|
|
|
int task_cgroup_path(struct task_struct *task, char *buf, size_t buflen);
|
2015-05-14 05:24:16 +09:00
|
|
|
int cgroupstats_build(struct cgroupstats *stats, struct dentry *dentry);
|
|
|
|
|
int proc_cgroup_show(struct seq_file *m, struct pid_namespace *ns,
|
|
|
|
|
struct pid *pid, struct task_struct *tsk);
|
|
|
|
|
|
|
|
|
|
void cgroup_fork(struct task_struct *p);
|
2015-12-04 00:24:08 +09:00
|
|
|
extern int cgroup_can_fork(struct task_struct *p);
|
|
|
|
|
extern void cgroup_cancel_fork(struct task_struct *p);
|
|
|
|
|
extern void cgroup_post_fork(struct task_struct *p);
|
2015-05-14 05:24:16 +09:00
|
|
|
void cgroup_exit(struct task_struct *p);
|
2019-01-29 01:00:13 +09:00
|
|
|
void cgroup_release(struct task_struct *p);
|
2015-10-16 05:41:53 +09:00
|
|
|
void cgroup_free(struct task_struct *p);
|
2015-05-14 05:24:16 +09:00
|
|
|
|
|
|
|
|
int cgroup_init_early(void);
|
|
|
|
|
int cgroup_init(void);
|
|
|
|
|
|
2019-05-14 04:37:17 +09:00
|
|
|
int cgroup_parse_float(const char *input, unsigned dec_shift, s64 *v);
|
|
|
|
|
|
2014-05-17 02:22:48 +09:00
|
|
|
/*
|
2015-05-14 05:24:16 +09:00
|
|
|
* Iteration helpers and macros.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
struct cgroup_subsys_state *css_next_child(struct cgroup_subsys_state *pos,
|
|
|
|
|
struct cgroup_subsys_state *parent);
|
|
|
|
|
struct cgroup_subsys_state *css_next_descendant_pre(struct cgroup_subsys_state *pos,
|
|
|
|
|
struct cgroup_subsys_state *css);
|
|
|
|
|
struct cgroup_subsys_state *css_rightmost_descendant(struct cgroup_subsys_state *pos);
|
|
|
|
|
struct cgroup_subsys_state *css_next_descendant_post(struct cgroup_subsys_state *pos,
|
|
|
|
|
struct cgroup_subsys_state *css);
|
|
|
|
|
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
struct task_struct *cgroup_taskset_first(struct cgroup_taskset *tset,
|
|
|
|
|
struct cgroup_subsys_state **dst_cssp);
|
|
|
|
|
struct task_struct *cgroup_taskset_next(struct cgroup_taskset *tset,
|
|
|
|
|
struct cgroup_subsys_state **dst_cssp);
|
2015-05-14 05:24:16 +09:00
|
|
|
|
2019-07-19 22:59:55 +09:00
|
|
|
void cgroup_enable_task_cg_lists(void);
|
2017-05-15 22:34:01 +09:00
|
|
|
void css_task_iter_start(struct cgroup_subsys_state *css, unsigned int flags,
|
2015-05-14 05:24:16 +09:00
|
|
|
struct css_task_iter *it);
|
|
|
|
|
struct task_struct *css_task_iter_next(struct css_task_iter *it);
|
|
|
|
|
void css_task_iter_end(struct css_task_iter *it);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* css_for_each_child - iterate through children of a css
|
|
|
|
|
* @pos: the css * to use as the loop cursor
|
|
|
|
|
* @parent: css whose children to walk
|
|
|
|
|
*
|
|
|
|
|
* Walk @parent's children. Must be called under rcu_read_lock().
|
|
|
|
|
*
|
|
|
|
|
* If a subsystem synchronizes ->css_online() and the start of iteration, a
|
|
|
|
|
* css which finished ->css_online() is guaranteed to be visible in the
|
|
|
|
|
* future iterations and will stay visible until the last reference is put.
|
|
|
|
|
* A css which hasn't finished ->css_online() or already finished
|
|
|
|
|
* ->css_offline() may show up during traversal. It's each subsystem's
|
|
|
|
|
* responsibility to synchronize against on/offlining.
|
2014-05-17 02:22:48 +09:00
|
|
|
*
|
2015-05-14 05:24:16 +09:00
|
|
|
* It is allowed to temporarily drop RCU read lock during iteration. The
|
|
|
|
|
* caller is responsible for ensuring that @pos remains accessible until
|
|
|
|
|
* the start of the next iteration by, for example, bumping the css refcnt.
|
2014-05-17 02:22:48 +09:00
|
|
|
*/
|
2015-05-14 05:24:16 +09:00
|
|
|
#define css_for_each_child(pos, parent) \
|
|
|
|
|
for ((pos) = css_next_child(NULL, (parent)); (pos); \
|
|
|
|
|
(pos) = css_next_child((pos), (parent)))
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
/**
|
|
|
|
|
* css_for_each_descendant_pre - pre-order walk of a css's descendants
|
|
|
|
|
* @pos: the css * to use as the loop cursor
|
|
|
|
|
* @root: css whose descendants to walk
|
|
|
|
|
*
|
|
|
|
|
* Walk @root's descendants. @root is included in the iteration and the
|
|
|
|
|
* first node to be visited. Must be called under rcu_read_lock().
|
|
|
|
|
*
|
|
|
|
|
* If a subsystem synchronizes ->css_online() and the start of iteration, a
|
|
|
|
|
* css which finished ->css_online() is guaranteed to be visible in the
|
|
|
|
|
* future iterations and will stay visible until the last reference is put.
|
|
|
|
|
* A css which hasn't finished ->css_online() or already finished
|
|
|
|
|
* ->css_offline() may show up during traversal. It's each subsystem's
|
|
|
|
|
* responsibility to synchronize against on/offlining.
|
|
|
|
|
*
|
|
|
|
|
* For example, the following guarantees that a descendant can't escape
|
|
|
|
|
* state updates of its ancestors.
|
|
|
|
|
*
|
|
|
|
|
* my_online(@css)
|
|
|
|
|
* {
|
|
|
|
|
* Lock @css's parent and @css;
|
|
|
|
|
* Inherit state from the parent;
|
|
|
|
|
* Unlock both.
|
|
|
|
|
* }
|
|
|
|
|
*
|
|
|
|
|
* my_update_state(@css)
|
|
|
|
|
* {
|
|
|
|
|
* css_for_each_descendant_pre(@pos, @css) {
|
|
|
|
|
* Lock @pos;
|
|
|
|
|
* if (@pos == @css)
|
|
|
|
|
* Update @css's state;
|
|
|
|
|
* else
|
|
|
|
|
* Verify @pos is alive and inherit state from its parent;
|
|
|
|
|
* Unlock @pos;
|
|
|
|
|
* }
|
|
|
|
|
* }
|
|
|
|
|
*
|
|
|
|
|
* As long as the inheriting step, including checking the parent state, is
|
|
|
|
|
* enclosed inside @pos locking, double-locking the parent isn't necessary
|
|
|
|
|
* while inheriting. The state update to the parent is guaranteed to be
|
|
|
|
|
* visible by walking order and, as long as inheriting operations to the
|
|
|
|
|
* same @pos are atomic to each other, multiple updates racing each other
|
|
|
|
|
* still result in the correct state. It's guaranateed that at least one
|
|
|
|
|
* inheritance happens for any css after the latest update to its parent.
|
|
|
|
|
*
|
|
|
|
|
* If checking parent's state requires locking the parent, each inheriting
|
|
|
|
|
* iteration should lock and unlock both @pos->parent and @pos.
|
|
|
|
|
*
|
|
|
|
|
* Alternatively, a subsystem may choose to use a single global lock to
|
|
|
|
|
* synchronize ->css_online() and ->css_offline() against tree-walking
|
|
|
|
|
* operations.
|
|
|
|
|
*
|
|
|
|
|
* It is allowed to temporarily drop RCU read lock during iteration. The
|
|
|
|
|
* caller is responsible for ensuring that @pos remains accessible until
|
|
|
|
|
* the start of the next iteration by, for example, bumping the css refcnt.
|
|
|
|
|
*/
|
|
|
|
|
#define css_for_each_descendant_pre(pos, css) \
|
|
|
|
|
for ((pos) = css_next_descendant_pre(NULL, (css)); (pos); \
|
|
|
|
|
(pos) = css_next_descendant_pre((pos), (css)))
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* css_for_each_descendant_post - post-order walk of a css's descendants
|
|
|
|
|
* @pos: the css * to use as the loop cursor
|
|
|
|
|
* @css: css whose descendants to walk
|
|
|
|
|
*
|
|
|
|
|
* Similar to css_for_each_descendant_pre() but performs post-order
|
|
|
|
|
* traversal instead. @root is included in the iteration and the last
|
|
|
|
|
* node to be visited.
|
|
|
|
|
*
|
|
|
|
|
* If a subsystem synchronizes ->css_online() and the start of iteration, a
|
|
|
|
|
* css which finished ->css_online() is guaranteed to be visible in the
|
|
|
|
|
* future iterations and will stay visible until the last reference is put.
|
|
|
|
|
* A css which hasn't finished ->css_online() or already finished
|
|
|
|
|
* ->css_offline() may show up during traversal. It's each subsystem's
|
|
|
|
|
* responsibility to synchronize against on/offlining.
|
|
|
|
|
*
|
|
|
|
|
* Note that the walk visibility guarantee example described in pre-order
|
|
|
|
|
* walk doesn't apply the same to post-order walks.
|
|
|
|
|
*/
|
|
|
|
|
#define css_for_each_descendant_post(pos, css) \
|
|
|
|
|
for ((pos) = css_next_descendant_post(NULL, (css)); (pos); \
|
|
|
|
|
(pos) = css_next_descendant_post((pos), (css)))
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* cgroup_taskset_for_each - iterate cgroup_taskset
|
|
|
|
|
* @task: the loop cursor
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
* @dst_css: the destination css
|
2015-05-14 05:24:16 +09:00
|
|
|
* @tset: taskset to iterate
|
2015-09-12 04:00:19 +09:00
|
|
|
*
|
|
|
|
|
* @tset may contain multiple tasks and they may belong to multiple
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
* processes.
|
|
|
|
|
*
|
|
|
|
|
* On the v2 hierarchy, there may be tasks from multiple processes and they
|
|
|
|
|
* may not share the source or destination csses.
|
|
|
|
|
*
|
|
|
|
|
* On traditional hierarchies, when there are multiple tasks in @tset, if a
|
|
|
|
|
* task of a process is in @tset, all tasks of the process are in @tset.
|
|
|
|
|
* Also, all are guaranteed to share the same source and destination csses.
|
2015-09-12 04:00:19 +09:00
|
|
|
*
|
|
|
|
|
* Iteration is not in any specific order.
|
2015-05-14 05:24:16 +09:00
|
|
|
*/
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
#define cgroup_taskset_for_each(task, dst_css, tset) \
|
|
|
|
|
for ((task) = cgroup_taskset_first((tset), &(dst_css)); \
|
|
|
|
|
(task); \
|
|
|
|
|
(task) = cgroup_taskset_next((tset), &(dst_css)))
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2015-09-12 04:00:19 +09:00
|
|
|
/**
|
|
|
|
|
* cgroup_taskset_for_each_leader - iterate group leaders in a cgroup_taskset
|
|
|
|
|
* @leader: the loop cursor
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
* @dst_css: the destination css
|
2016-12-25 00:28:35 +09:00
|
|
|
* @tset: taskset to iterate
|
2015-09-12 04:00:19 +09:00
|
|
|
*
|
|
|
|
|
* Iterate threadgroup leaders of @tset. For single-task migrations, @tset
|
|
|
|
|
* may not contain any.
|
|
|
|
|
*/
|
cgroup: fix handling of multi-destination migration from subtree_control enabling
Consider the following v2 hierarchy.
P0 (+memory) --- P1 (-memory) --- A
\- B
P0 has memory enabled in its subtree_control while P1 doesn't. If
both A and B contain processes, they would belong to the memory css of
P1. Now if memory is enabled on P1's subtree_control, memory csses
should be created on both A and B and A's processes should be moved to
the former and B's processes the latter. IOW, enabling controllers
can cause atomic migrations into different csses.
The core cgroup migration logic has been updated accordingly but the
controller migration methods haven't and still assume that all tasks
migrate to a single target css; furthermore, the methods were fed the
css in which subtree_control was updated which is the parent of the
target csses. pids controller depends on the migration methods to
move charges and this made the controller attribute charges to the
wrong csses often triggering the following warning by driving a
counter negative.
WARNING: CPU: 1 PID: 1 at kernel/cgroup_pids.c:97 pids_cancel.constprop.6+0x31/0x40()
Modules linked in:
CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc1+ #29
...
ffffffff81f65382 ffff88007c043b90 ffffffff81551ffc 0000000000000000
ffff88007c043bc8 ffffffff810de202 ffff88007a752000 ffff88007a29ab00
ffff88007c043c80 ffff88007a1d8400 0000000000000001 ffff88007c043bd8
Call Trace:
[<ffffffff81551ffc>] dump_stack+0x4e/0x82
[<ffffffff810de202>] warn_slowpath_common+0x82/0xc0
[<ffffffff810de2fa>] warn_slowpath_null+0x1a/0x20
[<ffffffff8118e031>] pids_cancel.constprop.6+0x31/0x40
[<ffffffff8118e0fd>] pids_can_attach+0x6d/0xf0
[<ffffffff81188a4c>] cgroup_taskset_migrate+0x6c/0x330
[<ffffffff81188e05>] cgroup_migrate+0xf5/0x190
[<ffffffff81189016>] cgroup_attach_task+0x176/0x200
[<ffffffff8118949d>] __cgroup_procs_write+0x2ad/0x460
[<ffffffff81189684>] cgroup_procs_write+0x14/0x20
[<ffffffff811854e5>] cgroup_file_write+0x35/0x1c0
[<ffffffff812e26f1>] kernfs_fop_write+0x141/0x190
[<ffffffff81265f88>] __vfs_write+0x28/0xe0
[<ffffffff812666fc>] vfs_write+0xac/0x1a0
[<ffffffff81267019>] SyS_write+0x49/0xb0
[<ffffffff81bcef32>] entry_SYSCALL_64_fastpath+0x12/0x76
This patch fixes the bug by removing @css parameter from the three
migration methods, ->can_attach, ->cancel_attach() and ->attach() and
updating cgroup_taskset iteration helpers also return the destination
css in addition to the task being migrated. All controllers are
updated accordingly.
* Controllers which don't care whether there are one or multiple
target csses can be converted trivially. cpu, io, freezer, perf,
netclassid and netprio fall in this category.
* cpuset's current implementation assumes that there's single source
and destination and thus doesn't support v2 hierarchy already. The
only change made by this patchset is how that single destination css
is obtained.
* memory migration path already doesn't do anything on v2. How the
single destination css is obtained is updated and the prep stage of
mem_cgroup_can_attach() is reordered to accomodate the change.
* pids is the only controller which was affected by this bug. It now
correctly handles multi-destination migrations and no longer causes
counter underflow from incorrect accounting.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
2015-12-04 00:18:21 +09:00
|
|
|
#define cgroup_taskset_for_each_leader(leader, dst_css, tset) \
|
|
|
|
|
for ((leader) = cgroup_taskset_first((tset), &(dst_css)); \
|
|
|
|
|
(leader); \
|
|
|
|
|
(leader) = cgroup_taskset_next((tset), &(dst_css))) \
|
2015-09-12 04:00:19 +09:00
|
|
|
if ((leader) != (leader)->group_leader) \
|
|
|
|
|
; \
|
|
|
|
|
else
|
|
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
/*
|
|
|
|
|
* Inline functions.
|
|
|
|
|
*/
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2013-06-13 13:04:52 +09:00
|
|
|
/**
|
|
|
|
|
* css_get - obtain a reference on the specified css
|
|
|
|
|
* @css: target css
|
|
|
|
|
*
|
|
|
|
|
* The caller must already have a reference.
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
*/
|
|
|
|
|
static inline void css_get(struct cgroup_subsys_state *css)
|
|
|
|
|
{
|
2014-05-17 02:22:47 +09:00
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
percpu_ref_get(&css->refcnt);
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
}
|
2009-01-08 11:08:38 +09:00
|
|
|
|
2014-12-11 08:42:42 +09:00
|
|
|
/**
|
|
|
|
|
* css_get_many - obtain references on the specified css
|
|
|
|
|
* @css: target css
|
|
|
|
|
* @n: number of references to get
|
|
|
|
|
*
|
|
|
|
|
* The caller must already have a reference.
|
|
|
|
|
*/
|
|
|
|
|
static inline void css_get_many(struct cgroup_subsys_state *css, unsigned int n)
|
|
|
|
|
{
|
|
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
percpu_ref_get_many(&css->refcnt, n);
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-17 02:22:52 +09:00
|
|
|
/**
|
|
|
|
|
* css_tryget - try to obtain a reference on the specified css
|
|
|
|
|
* @css: target css
|
|
|
|
|
*
|
|
|
|
|
* Obtain a reference on @css unless it already has reached zero and is
|
|
|
|
|
* being released. This function doesn't care whether @css is on or
|
|
|
|
|
* offline. The caller naturally needs to ensure that @css is accessible
|
|
|
|
|
* but doesn't have to be holding a reference on it - IOW, RCU protected
|
|
|
|
|
* access is good enough for this function. Returns %true if a reference
|
|
|
|
|
* count was successfully obtained; %false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool css_tryget(struct cgroup_subsys_state *css)
|
|
|
|
|
{
|
|
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
return percpu_ref_tryget(&css->refcnt);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-13 13:04:52 +09:00
|
|
|
/**
|
2014-05-14 01:11:01 +09:00
|
|
|
* css_tryget_online - try to obtain a reference on the specified css if online
|
2013-06-13 13:04:52 +09:00
|
|
|
* @css: target css
|
|
|
|
|
*
|
2014-05-14 01:11:01 +09:00
|
|
|
* Obtain a reference on @css if it's online. The caller naturally needs
|
|
|
|
|
* to ensure that @css is accessible but doesn't have to be holding a
|
2013-06-13 13:04:52 +09:00
|
|
|
* reference on it - IOW, RCU protected access is good enough for this
|
|
|
|
|
* function. Returns %true if a reference count was successfully obtained;
|
|
|
|
|
* %false otherwise.
|
|
|
|
|
*/
|
2014-05-14 01:11:01 +09:00
|
|
|
static inline bool css_tryget_online(struct cgroup_subsys_state *css)
|
2009-01-08 11:08:38 +09:00
|
|
|
{
|
2014-05-17 02:22:47 +09:00
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
return percpu_ref_tryget_live(&css->refcnt);
|
|
|
|
|
return true;
|
2009-01-08 11:08:38 +09:00
|
|
|
}
|
2011-12-13 11:12:21 +09:00
|
|
|
|
2017-05-25 01:03:48 +09:00
|
|
|
/**
|
|
|
|
|
* css_is_dying - test whether the specified css is dying
|
|
|
|
|
* @css: target css
|
|
|
|
|
*
|
|
|
|
|
* Test whether @css is in the process of offlining or already offline. In
|
|
|
|
|
* most cases, ->css_online() and ->css_offline() callbacks should be
|
|
|
|
|
* enough; however, the actual offline operations are RCU delayed and this
|
|
|
|
|
* test returns %true also when @css is scheduled to be offlined.
|
|
|
|
|
*
|
|
|
|
|
* This is useful, for example, when the use case requires synchronous
|
|
|
|
|
* behavior with respect to cgroup removal. cgroup removal schedules css
|
|
|
|
|
* offlining but the css can seem alive while the operation is being
|
|
|
|
|
* delayed. If the delay affects user visible semantics, this test can be
|
|
|
|
|
* used to resolve the situation.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool css_is_dying(struct cgroup_subsys_state *css)
|
|
|
|
|
{
|
|
|
|
|
return !(css->flags & CSS_NO_REF) && percpu_ref_is_dying(&css->refcnt);
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-13 11:12:21 +09:00
|
|
|
/**
|
2013-06-13 13:04:52 +09:00
|
|
|
* css_put - put a css reference
|
|
|
|
|
* @css: target css
|
|
|
|
|
*
|
2014-05-14 01:11:01 +09:00
|
|
|
* Put a reference obtained via css_get() and css_tryget_online().
|
2011-12-13 11:12:21 +09:00
|
|
|
*/
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
static inline void css_put(struct cgroup_subsys_state *css)
|
|
|
|
|
{
|
2014-05-17 02:22:47 +09:00
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
percpu_ref_put(&css->refcnt);
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
}
|
2011-12-13 11:12:21 +09:00
|
|
|
|
2014-12-11 08:42:42 +09:00
|
|
|
/**
|
|
|
|
|
* css_put_many - put css references
|
|
|
|
|
* @css: target css
|
|
|
|
|
* @n: number of references to put
|
|
|
|
|
*
|
|
|
|
|
* Put references obtained via css_get() and css_tryget_online().
|
2009-02-04 18:12:08 +09:00
|
|
|
*/
|
2014-12-11 08:42:42 +09:00
|
|
|
static inline void css_put_many(struct cgroup_subsys_state *css, unsigned int n)
|
|
|
|
|
{
|
|
|
|
|
if (!(css->flags & CSS_NO_REF))
|
|
|
|
|
percpu_ref_put_many(&css->refcnt, n);
|
|
|
|
|
}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2017-08-11 21:49:01 +09:00
|
|
|
static inline void cgroup_get(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
css_get(&cgrp->self);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline bool cgroup_tryget(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return css_tryget(&cgrp->self);
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-21 05:55:52 +09:00
|
|
|
static inline void cgroup_put(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
css_put(&cgrp->self);
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-26 03:48:32 +09:00
|
|
|
/**
|
|
|
|
|
* task_css_set_check - obtain a task's css_set with extra access conditions
|
|
|
|
|
* @task: the task to obtain css_set for
|
|
|
|
|
* @__c: extra condition expression to be passed to rcu_dereference_check()
|
|
|
|
|
*
|
|
|
|
|
* A task's css_set is RCU protected, initialized and exited while holding
|
|
|
|
|
* task_lock(), and can only be modified while holding both cgroup_mutex
|
|
|
|
|
* and task_lock() while the task is alive. This macro verifies that the
|
|
|
|
|
* caller is inside proper critical section and returns @task's css_set.
|
|
|
|
|
*
|
|
|
|
|
* The caller can also specify additional allowed conditions via @__c, such
|
|
|
|
|
* as locks used during the cgroup_subsys::attach() methods.
|
2010-06-08 18:40:42 +09:00
|
|
|
*/
|
2013-04-08 01:29:51 +09:00
|
|
|
#ifdef CONFIG_PROVE_RCU
|
|
|
|
|
extern struct mutex cgroup_mutex;
|
2015-10-16 05:41:53 +09:00
|
|
|
extern spinlock_t css_set_lock;
|
2013-06-26 03:48:32 +09:00
|
|
|
#define task_css_set_check(task, __c) \
|
|
|
|
|
rcu_dereference_check((task)->cgroups, \
|
2014-02-26 00:04:03 +09:00
|
|
|
lockdep_is_held(&cgroup_mutex) || \
|
2015-10-16 05:41:53 +09:00
|
|
|
lockdep_is_held(&css_set_lock) || \
|
2014-02-26 00:04:03 +09:00
|
|
|
((task)->flags & PF_EXITING) || (__c))
|
2013-04-08 01:29:51 +09:00
|
|
|
#else
|
2013-06-26 03:48:32 +09:00
|
|
|
#define task_css_set_check(task, __c) \
|
|
|
|
|
rcu_dereference((task)->cgroups)
|
2013-04-08 01:29:51 +09:00
|
|
|
#endif
|
2010-06-08 18:40:42 +09:00
|
|
|
|
2013-06-26 03:48:32 +09:00
|
|
|
/**
|
2013-08-09 09:11:22 +09:00
|
|
|
* task_css_check - obtain css for (task, subsys) w/ extra access conds
|
2013-06-26 03:48:32 +09:00
|
|
|
* @task: the target task
|
|
|
|
|
* @subsys_id: the target subsystem ID
|
|
|
|
|
* @__c: extra condition expression to be passed to rcu_dereference_check()
|
|
|
|
|
*
|
|
|
|
|
* Return the cgroup_subsys_state for the (@task, @subsys_id) pair. The
|
|
|
|
|
* synchronization rules are the same as task_css_set_check().
|
|
|
|
|
*/
|
2013-08-09 09:11:22 +09:00
|
|
|
#define task_css_check(task, subsys_id, __c) \
|
2013-06-26 03:48:32 +09:00
|
|
|
task_css_set_check((task), (__c))->subsys[(subsys_id)]
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* task_css_set - obtain a task's css_set
|
|
|
|
|
* @task: the task to obtain css_set for
|
|
|
|
|
*
|
|
|
|
|
* See task_css_set_check().
|
|
|
|
|
*/
|
|
|
|
|
static inline struct css_set *task_css_set(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
return task_css_set_check(task, false);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2013-08-09 09:11:22 +09:00
|
|
|
* task_css - obtain css for (task, subsys)
|
2013-06-26 03:48:32 +09:00
|
|
|
* @task: the target task
|
|
|
|
|
* @subsys_id: the target subsystem ID
|
|
|
|
|
*
|
2013-08-09 09:11:22 +09:00
|
|
|
* See task_css_check().
|
2013-06-26 03:48:32 +09:00
|
|
|
*/
|
2013-08-09 09:11:22 +09:00
|
|
|
static inline struct cgroup_subsys_state *task_css(struct task_struct *task,
|
|
|
|
|
int subsys_id)
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
{
|
2013-08-09 09:11:22 +09:00
|
|
|
return task_css_check(task, subsys_id, false);
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
}
|
|
|
|
|
|
2015-05-23 06:13:22 +09:00
|
|
|
/**
|
|
|
|
|
* task_get_css - find and get the css for (task, subsys)
|
|
|
|
|
* @task: the target task
|
|
|
|
|
* @subsys_id: the target subsystem ID
|
|
|
|
|
*
|
|
|
|
|
* Find the css for the (@task, @subsys_id) combination, increment a
|
|
|
|
|
* reference on and return it. This function is guaranteed to return a
|
2019-05-30 05:46:25 +09:00
|
|
|
* valid css. The returned css may already have been offlined.
|
2015-05-23 06:13:22 +09:00
|
|
|
*/
|
|
|
|
|
static inline struct cgroup_subsys_state *
|
|
|
|
|
task_get_css(struct task_struct *task, int subsys_id)
|
|
|
|
|
{
|
|
|
|
|
struct cgroup_subsys_state *css;
|
|
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
|
while (true) {
|
|
|
|
|
css = task_css(task, subsys_id);
|
2019-05-30 05:46:25 +09:00
|
|
|
/*
|
|
|
|
|
* Can't use css_tryget_online() here. A task which has
|
|
|
|
|
* PF_EXITING set may stay associated with an offline css.
|
|
|
|
|
* If such task calls this function, css_tryget_online()
|
|
|
|
|
* will keep failing.
|
|
|
|
|
*/
|
|
|
|
|
if (likely(css_tryget(css)))
|
2015-05-23 06:13:22 +09:00
|
|
|
break;
|
|
|
|
|
cpu_relax();
|
|
|
|
|
}
|
|
|
|
|
rcu_read_unlock();
|
|
|
|
|
return css;
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-08 10:31:17 +09:00
|
|
|
/**
|
|
|
|
|
* task_css_is_root - test whether a task belongs to the root css
|
|
|
|
|
* @task: the target task
|
|
|
|
|
* @subsys_id: the target subsystem ID
|
|
|
|
|
*
|
|
|
|
|
* Test whether @task belongs to the root css on the specified subsystem.
|
|
|
|
|
* May be invoked in any context.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool task_css_is_root(struct task_struct *task, int subsys_id)
|
|
|
|
|
{
|
|
|
|
|
return task_css_check(task, subsys_id, true) ==
|
|
|
|
|
init_css_set.subsys[subsys_id];
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-09 09:11:22 +09:00
|
|
|
static inline struct cgroup *task_cgroup(struct task_struct *task,
|
|
|
|
|
int subsys_id)
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
{
|
2013-08-09 09:11:22 +09:00
|
|
|
return task_css(task, subsys_id)->cgroup;
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
}
|
|
|
|
|
|
2017-08-11 21:49:01 +09:00
|
|
|
static inline struct cgroup *task_dfl_cgroup(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
return task_css_set(task)->dfl_cgrp;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline struct cgroup *cgroup_parent(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
struct cgroup_subsys_state *parent_css = cgrp->self.parent;
|
|
|
|
|
|
|
|
|
|
if (parent_css)
|
|
|
|
|
return container_of(parent_css, struct cgroup, self);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-21 05:55:52 +09:00
|
|
|
/**
|
|
|
|
|
* cgroup_is_descendant - test ancestry
|
|
|
|
|
* @cgrp: the cgroup to be tested
|
|
|
|
|
* @ancestor: possible ancestor of @cgrp
|
|
|
|
|
*
|
|
|
|
|
* Test whether @cgrp is a descendant of @ancestor. It also returns %true
|
|
|
|
|
* if @cgrp == @ancestor. This function is safe to call as long as @cgrp
|
|
|
|
|
* and @ancestor are accessible.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool cgroup_is_descendant(struct cgroup *cgrp,
|
|
|
|
|
struct cgroup *ancestor)
|
|
|
|
|
{
|
|
|
|
|
if (cgrp->root != ancestor->root || cgrp->level < ancestor->level)
|
|
|
|
|
return false;
|
|
|
|
|
return cgrp->ancestor_ids[ancestor->level] == ancestor->id;
|
|
|
|
|
}
|
|
|
|
|
|
bpf: Introduce bpf_skb_ancestor_cgroup_id helper
== Problem description ==
It's useful to be able to identify cgroup associated with skb in TC so
that a policy can be applied to this skb, and existing bpf_skb_cgroup_id
helper can help with this.
Though in real life cgroup hierarchy and hierarchy to apply a policy to
don't map 1:1.
It's often the case that there is a container and corresponding cgroup,
but there are many more sub-cgroups inside container, e.g. because it's
delegated to containerized application to control resources for its
subsystems, or to separate application inside container from infra that
belongs to containerization system (e.g. sshd).
At the same time it may be useful to apply a policy to container as a
whole.
If multiple containers like this are run on a host (what is often the
case) and many of them have sub-cgroups, it may not be possible to apply
per-container policy in TC with existing helpers such as
bpf_skb_under_cgroup or bpf_skb_cgroup_id:
* bpf_skb_cgroup_id will return id of immediate cgroup associated with
skb, i.e. if it's a sub-cgroup inside container, it can't be used to
identify container's cgroup;
* bpf_skb_under_cgroup can work only with one cgroup and doesn't scale,
i.e. if there are N containers on a host and a policy has to be
applied to M of them (0 <= M <= N), it'd require M calls to
bpf_skb_under_cgroup, and, if M changes, it'd require to rebuild &
load new BPF program.
== Solution ==
The patch introduces new helper bpf_skb_ancestor_cgroup_id that can be
used to get id of cgroup v2 that is an ancestor of cgroup associated
with skb at specified level of cgroup hierarchy.
That way admin can place all containers on one level of cgroup hierarchy
(what is a good practice in general and already used in many
configurations) and identify specific cgroup on this level no matter
what sub-cgroup skb is associated with.
E.g. if there is a cgroup hierarchy:
root/
root/container1/
root/container1/app11/
root/container1/app11/sub-app-a/
root/container1/app12/
root/container2/
root/container2/app21/
root/container2/app22/
root/container2/app22/sub-app-b/
, then having skb associated with root/container1/app11/sub-app-a/ it's
possible to get ancestor at level 1, what is container1 and apply policy
for this container, or apply another policy if it's container2.
Policies can be kept e.g. in a hash map where key is a container cgroup
id and value is an action.
Levels where container cgroups are created are usually known in advance
whether cgroup hierarchy inside container may be hard to predict
especially in case when its creation is delegated to containerized
application.
== Implementation details ==
The helper gets ancestor by walking parents up to specified level.
Another option would be to get different kind of "id" from
cgroup->ancestor_ids[level] and use it with idr_find() to get struct
cgroup for ancestor. But that would require radix lookup what doesn't
seem to be better (at least it's not obviously better).
Format of return value of the new helper is same as that of
bpf_skb_cgroup_id.
Signed-off-by: Andrey Ignatov <rdna@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-08-13 02:49:27 +09:00
|
|
|
/**
|
|
|
|
|
* cgroup_ancestor - find ancestor of cgroup
|
|
|
|
|
* @cgrp: cgroup to find ancestor of
|
|
|
|
|
* @ancestor_level: level of ancestor to find starting from root
|
|
|
|
|
*
|
|
|
|
|
* Find ancestor of cgroup at specified level starting from root if it exists
|
|
|
|
|
* and return pointer to it. Return NULL if @cgrp doesn't have ancestor at
|
|
|
|
|
* @ancestor_level.
|
|
|
|
|
*
|
|
|
|
|
* This function is safe to call as long as @cgrp is accessible.
|
|
|
|
|
*/
|
|
|
|
|
static inline struct cgroup *cgroup_ancestor(struct cgroup *cgrp,
|
|
|
|
|
int ancestor_level)
|
|
|
|
|
{
|
|
|
|
|
if (cgrp->level < ancestor_level)
|
|
|
|
|
return NULL;
|
2018-09-22 09:03:27 +09:00
|
|
|
while (cgrp && cgrp->level > ancestor_level)
|
|
|
|
|
cgrp = cgroup_parent(cgrp);
|
|
|
|
|
return cgrp;
|
bpf: Introduce bpf_skb_ancestor_cgroup_id helper
== Problem description ==
It's useful to be able to identify cgroup associated with skb in TC so
that a policy can be applied to this skb, and existing bpf_skb_cgroup_id
helper can help with this.
Though in real life cgroup hierarchy and hierarchy to apply a policy to
don't map 1:1.
It's often the case that there is a container and corresponding cgroup,
but there are many more sub-cgroups inside container, e.g. because it's
delegated to containerized application to control resources for its
subsystems, or to separate application inside container from infra that
belongs to containerization system (e.g. sshd).
At the same time it may be useful to apply a policy to container as a
whole.
If multiple containers like this are run on a host (what is often the
case) and many of them have sub-cgroups, it may not be possible to apply
per-container policy in TC with existing helpers such as
bpf_skb_under_cgroup or bpf_skb_cgroup_id:
* bpf_skb_cgroup_id will return id of immediate cgroup associated with
skb, i.e. if it's a sub-cgroup inside container, it can't be used to
identify container's cgroup;
* bpf_skb_under_cgroup can work only with one cgroup and doesn't scale,
i.e. if there are N containers on a host and a policy has to be
applied to M of them (0 <= M <= N), it'd require M calls to
bpf_skb_under_cgroup, and, if M changes, it'd require to rebuild &
load new BPF program.
== Solution ==
The patch introduces new helper bpf_skb_ancestor_cgroup_id that can be
used to get id of cgroup v2 that is an ancestor of cgroup associated
with skb at specified level of cgroup hierarchy.
That way admin can place all containers on one level of cgroup hierarchy
(what is a good practice in general and already used in many
configurations) and identify specific cgroup on this level no matter
what sub-cgroup skb is associated with.
E.g. if there is a cgroup hierarchy:
root/
root/container1/
root/container1/app11/
root/container1/app11/sub-app-a/
root/container1/app12/
root/container2/
root/container2/app21/
root/container2/app22/
root/container2/app22/sub-app-b/
, then having skb associated with root/container1/app11/sub-app-a/ it's
possible to get ancestor at level 1, what is container1 and apply policy
for this container, or apply another policy if it's container2.
Policies can be kept e.g. in a hash map where key is a container cgroup
id and value is an action.
Levels where container cgroups are created are usually known in advance
whether cgroup hierarchy inside container may be hard to predict
especially in case when its creation is delegated to containerized
application.
== Implementation details ==
The helper gets ancestor by walking parents up to specified level.
Another option would be to get different kind of "id" from
cgroup->ancestor_ids[level] and use it with idr_find() to get struct
cgroup for ancestor. But that would require radix lookup what doesn't
seem to be better (at least it's not obviously better).
Format of return value of the new helper is same as that of
bpf_skb_cgroup_id.
Signed-off-by: Andrey Ignatov <rdna@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-08-13 02:49:27 +09:00
|
|
|
}
|
|
|
|
|
|
2016-08-13 00:56:40 +09:00
|
|
|
/**
|
|
|
|
|
* task_under_cgroup_hierarchy - test task's membership of cgroup ancestry
|
|
|
|
|
* @task: the task to be tested
|
|
|
|
|
* @ancestor: possible ancestor of @task's cgroup
|
|
|
|
|
*
|
|
|
|
|
* Tests whether @task's default cgroup hierarchy is a descendant of @ancestor.
|
|
|
|
|
* It follows all the same rules as cgroup_is_descendant, and only applies
|
|
|
|
|
* to the default hierarchy.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool task_under_cgroup_hierarchy(struct task_struct *task,
|
|
|
|
|
struct cgroup *ancestor)
|
|
|
|
|
{
|
|
|
|
|
struct css_set *cset = task_css_set(task);
|
|
|
|
|
|
|
|
|
|
return cgroup_is_descendant(cset->dfl_cgrp, ancestor);
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-13 20:58:39 +09:00
|
|
|
/* no synchronization, the result can only be used as a hint */
|
2015-10-16 05:41:50 +09:00
|
|
|
static inline bool cgroup_is_populated(struct cgroup *cgrp)
|
2014-02-13 20:58:39 +09:00
|
|
|
{
|
2017-05-15 22:34:02 +09:00
|
|
|
return cgrp->nr_populated_csets + cgrp->nr_populated_domain_children +
|
|
|
|
|
cgrp->nr_populated_threaded_children;
|
2014-02-13 20:58:39 +09:00
|
|
|
}
|
2014-05-17 02:22:52 +09:00
|
|
|
|
2014-09-19 17:29:31 +09:00
|
|
|
/* returns ino associated with a cgroup */
|
2014-02-12 01:52:49 +09:00
|
|
|
static inline ino_t cgroup_ino(struct cgroup *cgrp)
|
|
|
|
|
{
|
2017-07-13 03:49:50 +09:00
|
|
|
return cgrp->kn->id.ino;
|
2014-02-12 01:52:49 +09:00
|
|
|
}
|
2014-04-24 00:13:15 +09:00
|
|
|
|
2014-05-14 01:16:21 +09:00
|
|
|
/* cft/css accessors for cftype->write() operation */
|
|
|
|
|
static inline struct cftype *of_cft(struct kernfs_open_file *of)
|
2013-12-06 02:28:04 +09:00
|
|
|
{
|
cgroup: convert to kernfs
cgroup filesystem code was derived from the original sysfs
implementation which was heavily intertwined with vfs objects and
locking with the goal of re-using the existing vfs infrastructure.
That experiment turned out rather disastrous and sysfs switched, a
long time ago, to distributed filesystem model where a separate
representation is maintained which is queried by vfs. Unfortunately,
cgroup stuck with the failed experiment all these years and
accumulated even more problems over time.
Locking and object lifetime management being entangled with vfs is
probably the most egregious. vfs is never designed to be misused like
this and cgroup ends up jumping through various convoluted dancing to
make things work. Even then, operations across multiple cgroups can't
be done safely as it'll deadlock with rename locking.
Recently, kernfs is separated out from sysfs so that it can be used by
users other than sysfs. This patch converts cgroup to use kernfs,
which will bring the following benefits.
* Separation from vfs internals. Locking and object lifetime
management is contained in cgroup proper making things a lot
simpler. This removes significant amount of locking convolutions,
hairy object lifetime rules and the restriction on multi-cgroup
operations.
* Can drop a lot of code to implement filesystem interface as most are
provided by kernfs.
* Proper "severing" semantics, which allows controllers to not worry
about lingering file accesses after offline.
While the preceding patches did as much as possible to make the
transition less painful, large part of the conversion has to be one
discrete step making this patch rather large. The rest of the commit
message lists notable changes in different areas.
Overall
-------
* vfs constructs replaced with kernfs ones. cgroup->dentry w/ ->kn,
cgroupfs_root->sb w/ ->kf_root.
* All dentry accessors are removed. Helpers to map from kernfs
constructs are added.
* All vfs plumbing around dentry, inode and bdi removed.
* cgroup_mount() now directly looks for matching root and then
proceeds to create a new one if not found.
Synchronization and object lifetime
-----------------------------------
* vfs inode locking removed. Among other things, this removes the
need for the convolution in cgroup_cfts_commit(). Future patches
will further simplify it.
* vfs refcnting replaced with cgroup internal ones. cgroup->refcnt,
cgroupfs_root->refcnt added. cgroup_put_root() now directly puts
root->refcnt and when it reaches zero proceeds to destroy it thus
merging cgroup_put_root() and the former cgroup_kill_sb().
Simliarly, cgroup_put() now directly schedules cgroup_free_rcu()
when refcnt reaches zero.
* Unlike before, kernfs objects don't hold onto cgroup objects. When
cgroup destroys a kernfs node, all existing operations are drained
and the association is broken immediately. The same for
cgroupfs_roots and mounts.
* All operations which come through kernfs guarantee that the
associated cgroup is and stays valid for the duration of operation;
however, there are two paths which need to find out the associated
cgroup from dentry without going through kernfs -
css_tryget_from_dir() and cgroupstats_build(). For these two,
kernfs_node->priv is RCU managed so that they can dereference it
under RCU read lock.
File and directory handling
---------------------------
* File and directory operations converted to kernfs_ops and
kernfs_syscall_ops.
* xattrs is implicitly supported by kernfs. No need to worry about it
from cgroup. This means that "xattr" mount option is no longer
necessary. A future patch will add a deprecated warning message
when sane_behavior.
* When cftype->max_write_len > PAGE_SIZE, it's necessary to make a
private copy of one of the kernfs_ops to set its atomic_write_len.
cftype->kf_ops is added and cgroup_init/exit_cftypes() are updated
to handle it.
* cftype->lockdep_key added so that kernfs lockdep annotation can be
per cftype.
* Inidividual file entries and open states are now managed by kernfs.
No need to worry about them from cgroup. cfent, cgroup_open_file
and their friends are removed.
* kernfs_nodes are created deactivated and kernfs_activate()
invocations added to places where creation of new nodes are
committed.
* cgroup_rmdir() uses kernfs_[un]break_active_protection() for
self-removal.
v2: - Li pointed out in an earlier patch that specifying "name="
during mount without subsystem specification should succeed if
there's an existing hierarchy with a matching name although it
should fail with -EINVAL if a new hierarchy should be created.
Prior to the conversion, this used by handled by deferring
failure from NULL return from cgroup_root_from_opts(), which was
necessary because root was being created before checking for
existing ones. Note that cgroup_root_from_opts() returned an
ERR_PTR() value for error conditions which require immediate
mount failure.
As we now have separate search and creation steps, deferring
failure from cgroup_root_from_opts() is no longer necessary.
cgroup_root_from_opts() is updated to always return ERR_PTR()
value on failure.
- The logic to match existing roots is updated so that a mount
attempt with a matching name but different subsys_mask are
rejected. This was handled by a separate matching loop under
the comment "Check for name clashes with existing mounts" but
got lost during conversion. Merge the check into the main
search loop.
- Add __rcu __force casting in RCU_INIT_POINTER() in
cgroup_destroy_locked() to avoid the sparse address space
warning reported by kbuild test bot. Maybe we want an explicit
interface to use kn->priv as RCU protected pointer?
v3: Make CONFIG_CGROUPS select CONFIG_KERNFS.
v4: Rebased on top of 0ab02ca8f887 ("cgroup: protect modifications to
cgroup_idr with cgroup_mutex").
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Cc: kbuild test robot fengguang.wu@intel.com>
2014-02-12 01:52:49 +09:00
|
|
|
return of->kn->priv;
|
2013-12-06 02:28:04 +09:00
|
|
|
}
|
2014-04-24 00:13:15 +09:00
|
|
|
|
2014-05-14 01:16:21 +09:00
|
|
|
struct cgroup_subsys_state *of_css(struct kernfs_open_file *of);
|
2007-10-19 15:39:36 +09:00
|
|
|
|
2014-05-14 01:16:21 +09:00
|
|
|
/* cft/css accessors for cftype->seq_*() operations */
|
|
|
|
|
static inline struct cftype *seq_cft(struct seq_file *seq)
|
|
|
|
|
{
|
|
|
|
|
return of_cft(seq->private);
|
|
|
|
|
}
|
2013-08-09 09:11:26 +09:00
|
|
|
|
2014-05-14 01:16:21 +09:00
|
|
|
static inline struct cgroup_subsys_state *seq_css(struct seq_file *seq)
|
|
|
|
|
{
|
|
|
|
|
return of_css(seq->private);
|
|
|
|
|
}
|
2010-09-10 08:37:37 +09:00
|
|
|
|
2014-02-12 23:29:50 +09:00
|
|
|
/*
|
|
|
|
|
* Name / path handling functions. All are thin wrappers around the kernfs
|
|
|
|
|
* counterparts and can be called under any context.
|
|
|
|
|
*/
|
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 08:57:25 +09:00
|
|
|
|
2014-02-12 23:29:50 +09:00
|
|
|
static inline int cgroup_name(struct cgroup *cgrp, char *buf, size_t buflen)
|
|
|
|
|
{
|
2014-03-19 23:23:54 +09:00
|
|
|
return kernfs_name(cgrp->kn, buf, buflen);
|
2014-02-12 23:29:50 +09:00
|
|
|
}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2016-08-11 00:23:44 +09:00
|
|
|
static inline int cgroup_path(struct cgroup *cgrp, char *buf, size_t buflen)
|
2014-02-12 23:29:50 +09:00
|
|
|
{
|
2014-03-19 23:23:54 +09:00
|
|
|
return kernfs_path(cgrp->kn, buf, buflen);
|
2014-02-12 23:29:50 +09:00
|
|
|
}
|
2015-01-07 02:02:46 +09:00
|
|
|
|
2014-02-12 23:29:50 +09:00
|
|
|
static inline void pr_cont_cgroup_name(struct cgroup *cgrp)
|
|
|
|
|
{
|
2014-03-19 23:23:54 +09:00
|
|
|
pr_cont_kernfs_name(cgrp->kn);
|
2014-02-12 23:29:50 +09:00
|
|
|
}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2014-02-12 23:29:50 +09:00
|
|
|
static inline void pr_cont_cgroup_path(struct cgroup *cgrp)
|
Add cgroupstats
This patch is inspired by the discussion at
http://lkml.org/lkml/2007/4/11/187 and implements per cgroup statistics
as suggested by Andrew Morton in http://lkml.org/lkml/2007/4/11/263. The
patch is on top of 2.6.21-mm1 with Paul's cgroups v9 patches (forward
ported)
This patch implements per cgroup statistics infrastructure and re-uses
code from the taskstats interface. A new set of cgroup operations are
registered with commands and attributes. It should be very easy to
*extend* per cgroup statistics, by adding members to the cgroupstats
structure.
The current model for cgroupstats is a pull, a push model (to post
statistics on interesting events), should be very easy to add. Currently
user space requests for statistics by passing the cgroup file
descriptor. Statistics about the state of all the tasks in the cgroup
is returned to user space.
TODO's/NOTE:
This patch provides an infrastructure for implementing cgroup statistics.
Based on the needs of each controller, we can incrementally add more statistics,
event based support for notification of statistics, accumulation of taskstats
into cgroup statistics in the future.
Sample output
# ./cgroupstats -C /cgroup/a
sleeping 2, blocked 0, running 1, stopped 0, uninterruptible 0
# ./cgroupstats -C /cgroup/
sleeping 154, blocked 0, running 0, stopped 0, uninterruptible 0
If the approach looks good, I'll enhance and post the user space utility for
the same
Feedback, comments, test results are always welcome!
[akpm@linux-foundation.org: build fix]
Signed-off-by: Balbir Singh <balbir@linux.vnet.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: Jay Lan <jlan@engr.sgi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:44 +09:00
|
|
|
{
|
2014-03-19 23:23:54 +09:00
|
|
|
pr_cont_kernfs_path(cgrp->kn);
|
Add cgroupstats
This patch is inspired by the discussion at
http://lkml.org/lkml/2007/4/11/187 and implements per cgroup statistics
as suggested by Andrew Morton in http://lkml.org/lkml/2007/4/11/263. The
patch is on top of 2.6.21-mm1 with Paul's cgroups v9 patches (forward
ported)
This patch implements per cgroup statistics infrastructure and re-uses
code from the taskstats interface. A new set of cgroup operations are
registered with commands and attributes. It should be very easy to
*extend* per cgroup statistics, by adding members to the cgroupstats
structure.
The current model for cgroupstats is a pull, a push model (to post
statistics on interesting events), should be very easy to add. Currently
user space requests for statistics by passing the cgroup file
descriptor. Statistics about the state of all the tasks in the cgroup
is returned to user space.
TODO's/NOTE:
This patch provides an infrastructure for implementing cgroup statistics.
Based on the needs of each controller, we can incrementally add more statistics,
event based support for notification of statistics, accumulation of taskstats
into cgroup statistics in the future.
Sample output
# ./cgroupstats -C /cgroup/a
sleeping 2, blocked 0, running 1, stopped 0, uninterruptible 0
# ./cgroupstats -C /cgroup/
sleeping 154, blocked 0, running 0, stopped 0, uninterruptible 0
If the approach looks good, I'll enhance and post the user space utility for
the same
Feedback, comments, test results are always welcome!
[akpm@linux-foundation.org: build fix]
Signed-off-by: Balbir Singh <balbir@linux.vnet.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: Jay Lan <jlan@engr.sgi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:44 +09:00
|
|
|
}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2018-10-27 07:06:31 +09:00
|
|
|
static inline struct psi_group *cgroup_psi(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return &cgrp->psi;
|
|
|
|
|
}
|
|
|
|
|
|
cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups
Creation of a kthread goes through a couple interlocked stages between
the kthread itself and its creator. Once the new kthread starts
running, it initializes itself and wakes up the creator. The creator
then can further configure the kthread and then let it start doing its
job by waking it up.
In this configuration-by-creator stage, the creator is the only one
that can wake it up but the kthread is visible to userland. When
altering the kthread's attributes from userland is allowed, this is
fine; however, for cases where CPU affinity is critical,
kthread_bind() is used to first disable affinity changes from userland
and then set the affinity. This also prevents the kthread from being
migrated into non-root cgroups as that can affect the CPU affinity and
many other things.
Unfortunately, the cgroup side of protection is racy. While the
PF_NO_SETAFFINITY flag prevents further migrations, userland can win
the race before the creator sets the flag with kthread_bind() and put
the kthread in a non-root cgroup, which can lead to all sorts of
problems including incorrect CPU affinity and starvation.
This bug got triggered by userland which periodically tries to migrate
all processes in the root cpuset cgroup to a non-root one. Per-cpu
workqueue workers got caught while being created and ended up with
incorrected CPU affinity breaking concurrency management and sometimes
stalling workqueue execution.
This patch adds task->no_cgroup_migration which disallows the task to
be migrated by userland. kthreadd starts with the flag set making
every child kthread start in the root cgroup with migration
disallowed. The flag is cleared after the kthread finishes
initialization by which time PF_NO_SETAFFINITY is set if the kthread
should stay in the root cgroup.
It'd be better to wait for the initialization instead of failing but I
couldn't think of a way of implementing that without adding either a
new PF flag, or sleeping and retrying from waiting side. Even if
userland depends on changing cgroup membership of a kthread, it either
has to be synchronized with kthread_create() or periodically repeat,
so it's unlikely that this would break anything.
v2: Switch to a simpler implementation using a new task_struct bit
field suggested by Oleg.
Signed-off-by: Tejun Heo <tj@kernel.org>
Suggested-by: Oleg Nesterov <oleg@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Reported-and-debugged-by: Chris Mason <clm@fb.com>
Cc: stable@vger.kernel.org # v4.3+ (we can't close the race on < v4.3)
Signed-off-by: Tejun Heo <tj@kernel.org>
2017-03-17 05:54:24 +09:00
|
|
|
static inline void cgroup_init_kthreadd(void)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* kthreadd is inherited by all kthreads, keep it in the root so
|
|
|
|
|
* that the new kthreads are guaranteed to stay in the root until
|
|
|
|
|
* initialization is finished.
|
|
|
|
|
*/
|
|
|
|
|
current->no_cgroup_migration = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_kthread_ready(void)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* This kthread finished initialization. The creator should have
|
|
|
|
|
* set PF_NO_SETAFFINITY if this kthread should stay in the root.
|
|
|
|
|
*/
|
|
|
|
|
current->no_cgroup_migration = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-13 03:49:52 +09:00
|
|
|
static inline union kernfs_node_id *cgroup_get_kernfs_id(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return &cgrp->kn->id;
|
|
|
|
|
}
|
2017-07-13 03:49:55 +09:00
|
|
|
|
|
|
|
|
void cgroup_path_from_kernfs_id(const union kernfs_node_id *id,
|
|
|
|
|
char *buf, size_t buflen);
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
#else /* !CONFIG_CGROUPS */
|
|
|
|
|
|
2015-01-07 02:02:46 +09:00
|
|
|
struct cgroup_subsys_state;
|
2016-08-13 00:56:40 +09:00
|
|
|
struct cgroup;
|
2015-01-07 02:02:46 +09:00
|
|
|
|
2019-06-28 05:39:48 +09:00
|
|
|
static inline void css_get(struct cgroup_subsys_state *css) {}
|
2015-05-14 05:24:16 +09:00
|
|
|
static inline void css_put(struct cgroup_subsys_state *css) {}
|
2010-09-10 08:37:37 +09:00
|
|
|
static inline int cgroup_attach_task_all(struct task_struct *from,
|
2015-05-14 05:24:16 +09:00
|
|
|
struct task_struct *t) { return 0; }
|
|
|
|
|
static inline int cgroupstats_build(struct cgroupstats *stats,
|
|
|
|
|
struct dentry *dentry) { return -EINVAL; }
|
|
|
|
|
|
2007-10-19 15:39:33 +09:00
|
|
|
static inline void cgroup_fork(struct task_struct *p) {}
|
2015-12-04 00:24:08 +09:00
|
|
|
static inline int cgroup_can_fork(struct task_struct *p) { return 0; }
|
|
|
|
|
static inline void cgroup_cancel_fork(struct task_struct *p) {}
|
|
|
|
|
static inline void cgroup_post_fork(struct task_struct *p) {}
|
2014-03-28 16:22:19 +09:00
|
|
|
static inline void cgroup_exit(struct task_struct *p) {}
|
2019-01-29 01:00:13 +09:00
|
|
|
static inline void cgroup_release(struct task_struct *p) {}
|
2015-10-16 05:41:53 +09:00
|
|
|
static inline void cgroup_free(struct task_struct *p) {}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
|
2015-05-14 05:24:16 +09:00
|
|
|
static inline int cgroup_init_early(void) { return 0; }
|
|
|
|
|
static inline int cgroup_init(void) { return 0; }
|
cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups
Creation of a kthread goes through a couple interlocked stages between
the kthread itself and its creator. Once the new kthread starts
running, it initializes itself and wakes up the creator. The creator
then can further configure the kthread and then let it start doing its
job by waking it up.
In this configuration-by-creator stage, the creator is the only one
that can wake it up but the kthread is visible to userland. When
altering the kthread's attributes from userland is allowed, this is
fine; however, for cases where CPU affinity is critical,
kthread_bind() is used to first disable affinity changes from userland
and then set the affinity. This also prevents the kthread from being
migrated into non-root cgroups as that can affect the CPU affinity and
many other things.
Unfortunately, the cgroup side of protection is racy. While the
PF_NO_SETAFFINITY flag prevents further migrations, userland can win
the race before the creator sets the flag with kthread_bind() and put
the kthread in a non-root cgroup, which can lead to all sorts of
problems including incorrect CPU affinity and starvation.
This bug got triggered by userland which periodically tries to migrate
all processes in the root cpuset cgroup to a non-root one. Per-cpu
workqueue workers got caught while being created and ended up with
incorrected CPU affinity breaking concurrency management and sometimes
stalling workqueue execution.
This patch adds task->no_cgroup_migration which disallows the task to
be migrated by userland. kthreadd starts with the flag set making
every child kthread start in the root cgroup with migration
disallowed. The flag is cleared after the kthread finishes
initialization by which time PF_NO_SETAFFINITY is set if the kthread
should stay in the root cgroup.
It'd be better to wait for the initialization instead of failing but I
couldn't think of a way of implementing that without adding either a
new PF flag, or sleeping and retrying from waiting side. Even if
userland depends on changing cgroup membership of a kthread, it either
has to be synchronized with kthread_create() or periodically repeat,
so it's unlikely that this would break anything.
v2: Switch to a simpler implementation using a new task_struct bit
field suggested by Oleg.
Signed-off-by: Tejun Heo <tj@kernel.org>
Suggested-by: Oleg Nesterov <oleg@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Reported-and-debugged-by: Chris Mason <clm@fb.com>
Cc: stable@vger.kernel.org # v4.3+ (we can't close the race on < v4.3)
Signed-off-by: Tejun Heo <tj@kernel.org>
2017-03-17 05:54:24 +09:00
|
|
|
static inline void cgroup_init_kthreadd(void) {}
|
|
|
|
|
static inline void cgroup_kthread_ready(void) {}
|
2017-07-13 03:49:52 +09:00
|
|
|
static inline union kernfs_node_id *cgroup_get_kernfs_id(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2010-05-31 05:24:39 +09:00
|
|
|
|
2018-10-27 07:06:31 +09:00
|
|
|
static inline struct cgroup *cgroup_parent(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline struct psi_group *cgroup_psi(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-13 00:56:40 +09:00
|
|
|
static inline bool task_under_cgroup_hierarchy(struct task_struct *task,
|
|
|
|
|
struct cgroup *ancestor)
|
|
|
|
|
{
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2017-07-13 03:49:55 +09:00
|
|
|
|
|
|
|
|
static inline void cgroup_path_from_kernfs_id(const union kernfs_node_id *id,
|
|
|
|
|
char *buf, size_t buflen) {}
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
#endif /* !CONFIG_CGROUPS */
|
|
|
|
|
|
2018-04-27 06:29:05 +09:00
|
|
|
#ifdef CONFIG_CGROUPS
|
2017-09-26 00:12:04 +09:00
|
|
|
/*
|
2018-04-27 06:29:05 +09:00
|
|
|
* cgroup scalable recursive statistics.
|
2017-09-26 00:12:04 +09:00
|
|
|
*/
|
2018-04-27 06:29:05 +09:00
|
|
|
void cgroup_rstat_updated(struct cgroup *cgrp, int cpu);
|
|
|
|
|
void cgroup_rstat_flush(struct cgroup *cgrp);
|
2018-04-27 06:29:05 +09:00
|
|
|
void cgroup_rstat_flush_irqsafe(struct cgroup *cgrp);
|
2018-04-27 06:29:05 +09:00
|
|
|
void cgroup_rstat_flush_hold(struct cgroup *cgrp);
|
|
|
|
|
void cgroup_rstat_flush_release(void);
|
2017-09-26 00:12:04 +09:00
|
|
|
|
2018-04-27 06:29:05 +09:00
|
|
|
/*
|
|
|
|
|
* Basic resource stats.
|
|
|
|
|
*/
|
2017-09-26 00:12:04 +09:00
|
|
|
#ifdef CONFIG_CGROUP_CPUACCT
|
|
|
|
|
void cpuacct_charge(struct task_struct *tsk, u64 cputime);
|
|
|
|
|
void cpuacct_account_field(struct task_struct *tsk, int index, u64 val);
|
|
|
|
|
#else
|
|
|
|
|
static inline void cpuacct_charge(struct task_struct *tsk, u64 cputime) {}
|
|
|
|
|
static inline void cpuacct_account_field(struct task_struct *tsk, int index,
|
|
|
|
|
u64 val) {}
|
|
|
|
|
#endif
|
|
|
|
|
|
2017-09-26 00:12:05 +09:00
|
|
|
void __cgroup_account_cputime(struct cgroup *cgrp, u64 delta_exec);
|
|
|
|
|
void __cgroup_account_cputime_field(struct cgroup *cgrp,
|
|
|
|
|
enum cpu_usage_stat index, u64 delta_exec);
|
|
|
|
|
|
2017-09-26 00:12:04 +09:00
|
|
|
static inline void cgroup_account_cputime(struct task_struct *task,
|
|
|
|
|
u64 delta_exec)
|
|
|
|
|
{
|
2017-09-26 00:12:05 +09:00
|
|
|
struct cgroup *cgrp;
|
|
|
|
|
|
2017-09-26 00:12:04 +09:00
|
|
|
cpuacct_charge(task, delta_exec);
|
2017-09-26 00:12:05 +09:00
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
|
cgrp = task_dfl_cgroup(task);
|
|
|
|
|
if (cgroup_parent(cgrp))
|
|
|
|
|
__cgroup_account_cputime(cgrp, delta_exec);
|
|
|
|
|
rcu_read_unlock();
|
2017-09-26 00:12:04 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_account_cputime_field(struct task_struct *task,
|
|
|
|
|
enum cpu_usage_stat index,
|
|
|
|
|
u64 delta_exec)
|
|
|
|
|
{
|
2017-09-26 00:12:05 +09:00
|
|
|
struct cgroup *cgrp;
|
|
|
|
|
|
2017-09-26 00:12:04 +09:00
|
|
|
cpuacct_account_field(task, index, delta_exec);
|
2017-09-26 00:12:05 +09:00
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
|
cgrp = task_dfl_cgroup(task);
|
|
|
|
|
if (cgroup_parent(cgrp))
|
|
|
|
|
__cgroup_account_cputime_field(cgrp, index, delta_exec);
|
|
|
|
|
rcu_read_unlock();
|
2017-09-26 00:12:04 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else /* CONFIG_CGROUPS */
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_account_cputime(struct task_struct *task,
|
|
|
|
|
u64 delta_exec) {}
|
|
|
|
|
static inline void cgroup_account_cputime_field(struct task_struct *task,
|
|
|
|
|
enum cpu_usage_stat index,
|
|
|
|
|
u64 delta_exec) {}
|
|
|
|
|
|
|
|
|
|
#endif /* CONFIG_CGROUPS */
|
|
|
|
|
|
sock, cgroup: add sock->sk_cgroup
In cgroup v1, dealing with cgroup membership was difficult because the
number of membership associations was unbound. As a result, cgroup v1
grew several controllers whose primary purpose is either tagging
membership or pull in configuration knobs from other subsystems so
that cgroup membership test can be avoided.
net_cls and net_prio controllers are examples of the latter. They
allow configuring network-specific attributes from cgroup side so that
network subsystem can avoid testing cgroup membership; unfortunately,
these are not only cumbersome but also problematic.
Both net_cls and net_prio aren't properly hierarchical. Both inherit
configuration from the parent on creation but there's no interaction
afterwards. An ancestor doesn't restrict the behavior in its subtree
in anyway and configuration changes aren't propagated downwards.
Especially when combined with cgroup delegation, this is problematic
because delegatees can mess up whatever network configuration
implemented at the system level. net_prio would allow the delegatees
to set whatever priority value regardless of CAP_NET_ADMIN and net_cls
the same for classid.
While it is possible to solve these issues from controller side by
implementing hierarchical allowable ranges in both controllers, it
would involve quite a bit of complexity in the controllers and further
obfuscate network configuration as it becomes even more difficult to
tell what's actually being configured looking from the network side.
While not much can be done for v1 at this point, as membership
handling is sane on cgroup v2, it'd be better to make cgroup matching
behave like other network matches and classifiers than introducing
further complications.
In preparation, this patch updates sock->sk_cgrp_data handling so that
it points to the v2 cgroup that sock was created in until either
net_prio or net_cls is used. Once either of the two is used,
sock->sk_cgrp_data reverts to its previous role of carrying prioidx
and classid. This is to avoid adding yet another cgroup related field
to struct sock.
As the mode switching can happen at most once per boot, the switching
mechanism is aimed at lowering hot path overhead. It may leak a
finite, likely small, number of cgroup refs and report spurious
prioidx or classid on switching; however, dynamic updates of prioidx
and classid have always been racy and lossy - socks between creation
and fd installation are never updated, config changes don't update
existing sockets at all, and prioidx may index with dead and recycled
cgroup IDs. Non-critical inaccuracies from small race windows won't
make any noticeable difference.
This patch doesn't make use of the pointer yet. The following patch
will implement netfilter match for cgroup2 membership.
v2: Use sock_cgroup_data to avoid inflating struct sock w/ another
cgroup specific field.
v3: Add comments explaining why sock_data_prioidx() and
sock_data_classid() use different fallback values.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Daniel Wagner <daniel.wagner@bmw-carit.de>
CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-08 07:38:53 +09:00
|
|
|
/*
|
|
|
|
|
* sock->sk_cgrp_data handling. For more info, see sock_cgroup_data
|
|
|
|
|
* definition in cgroup-defs.h.
|
|
|
|
|
*/
|
|
|
|
|
#ifdef CONFIG_SOCK_CGROUP_DATA
|
|
|
|
|
|
|
|
|
|
#if defined(CONFIG_CGROUP_NET_PRIO) || defined(CONFIG_CGROUP_NET_CLASSID)
|
|
|
|
|
extern spinlock_t cgroup_sk_update_lock;
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
void cgroup_sk_alloc_disable(void);
|
|
|
|
|
void cgroup_sk_alloc(struct sock_cgroup_data *skcd);
|
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
[ Upstream commit ad0f75e5f57ccbceec13274e1e242f2b5a6397ed ]
When we clone a socket in sk_clone_lock(), its sk_cgrp_data is
copied, so the cgroup refcnt must be taken too. And, unlike the
sk_alloc() path, sock_update_netprioidx() is not called here.
Therefore, it is safe and necessary to grab the cgroup refcnt
even when cgroup_sk_alloc is disabled.
sk_clone_lock() is in BH context anyway, the in_interrupt()
would terminate this function if called there. And for sk_alloc()
skcd->val is always zero. So it's safe to factor out the code
to make it more readable.
The global variable 'cgroup_sk_alloc_disabled' is used to determine
whether to take these reference counts. It is impossible to make
the reference counting correct unless we save this bit of information
in skcd->val. So, add a new bit there to record whether the socket
has already taken the reference counts. This obviously relies on
kmalloc() to align cgroup pointers to at least 4 bytes,
ARCH_KMALLOC_MINALIGN is certainly larger than that.
This bug seems to be introduced since the beginning, commit
d979a39d7242 ("cgroup: duplicate cgroup reference when cloning sockets")
tried to fix it but not compeletely. It seems not easy to trigger until
the recent commit 090e28b229af
("netprio_cgroup: Fix unlimited memory leak of v2 cgroups") was merged.
Fixes: bd1060a1d671 ("sock, cgroup: add sock->sk_cgroup")
Reported-by: Cameron Berkenpas <cam@neo-zeon.de>
Reported-by: Peter Geis <pgwipeout@gmail.com>
Reported-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Reported-by: Daniël Sonck <dsonck92@gmail.com>
Reported-by: Zhang Qiang <qiang.zhang@windriver.com>
Tested-by: Cameron Berkenpas <cam@neo-zeon.de>
Tested-by: Peter Geis <pgwipeout@gmail.com>
Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Zefan Li <lizefan@huawei.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Roman Gushchin <guro@fb.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-03 03:52:56 +09:00
|
|
|
void cgroup_sk_clone(struct sock_cgroup_data *skcd);
|
sock, cgroup: add sock->sk_cgroup
In cgroup v1, dealing with cgroup membership was difficult because the
number of membership associations was unbound. As a result, cgroup v1
grew several controllers whose primary purpose is either tagging
membership or pull in configuration knobs from other subsystems so
that cgroup membership test can be avoided.
net_cls and net_prio controllers are examples of the latter. They
allow configuring network-specific attributes from cgroup side so that
network subsystem can avoid testing cgroup membership; unfortunately,
these are not only cumbersome but also problematic.
Both net_cls and net_prio aren't properly hierarchical. Both inherit
configuration from the parent on creation but there's no interaction
afterwards. An ancestor doesn't restrict the behavior in its subtree
in anyway and configuration changes aren't propagated downwards.
Especially when combined with cgroup delegation, this is problematic
because delegatees can mess up whatever network configuration
implemented at the system level. net_prio would allow the delegatees
to set whatever priority value regardless of CAP_NET_ADMIN and net_cls
the same for classid.
While it is possible to solve these issues from controller side by
implementing hierarchical allowable ranges in both controllers, it
would involve quite a bit of complexity in the controllers and further
obfuscate network configuration as it becomes even more difficult to
tell what's actually being configured looking from the network side.
While not much can be done for v1 at this point, as membership
handling is sane on cgroup v2, it'd be better to make cgroup matching
behave like other network matches and classifiers than introducing
further complications.
In preparation, this patch updates sock->sk_cgrp_data handling so that
it points to the v2 cgroup that sock was created in until either
net_prio or net_cls is used. Once either of the two is used,
sock->sk_cgrp_data reverts to its previous role of carrying prioidx
and classid. This is to avoid adding yet another cgroup related field
to struct sock.
As the mode switching can happen at most once per boot, the switching
mechanism is aimed at lowering hot path overhead. It may leak a
finite, likely small, number of cgroup refs and report spurious
prioidx or classid on switching; however, dynamic updates of prioidx
and classid have always been racy and lossy - socks between creation
and fd installation are never updated, config changes don't update
existing sockets at all, and prioidx may index with dead and recycled
cgroup IDs. Non-critical inaccuracies from small race windows won't
make any noticeable difference.
This patch doesn't make use of the pointer yet. The following patch
will implement netfilter match for cgroup2 membership.
v2: Use sock_cgroup_data to avoid inflating struct sock w/ another
cgroup specific field.
v3: Add comments explaining why sock_data_prioidx() and
sock_data_classid() use different fallback values.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Daniel Wagner <daniel.wagner@bmw-carit.de>
CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-08 07:38:53 +09:00
|
|
|
void cgroup_sk_free(struct sock_cgroup_data *skcd);
|
|
|
|
|
|
|
|
|
|
static inline struct cgroup *sock_cgroup_ptr(struct sock_cgroup_data *skcd)
|
|
|
|
|
{
|
|
|
|
|
#if defined(CONFIG_CGROUP_NET_PRIO) || defined(CONFIG_CGROUP_NET_CLASSID)
|
|
|
|
|
unsigned long v;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @skcd->val is 64bit but the following is safe on 32bit too as we
|
|
|
|
|
* just need the lower ulong to be written and read atomically.
|
|
|
|
|
*/
|
|
|
|
|
v = READ_ONCE(skcd->val);
|
|
|
|
|
|
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
[ Upstream commit ad0f75e5f57ccbceec13274e1e242f2b5a6397ed ]
When we clone a socket in sk_clone_lock(), its sk_cgrp_data is
copied, so the cgroup refcnt must be taken too. And, unlike the
sk_alloc() path, sock_update_netprioidx() is not called here.
Therefore, it is safe and necessary to grab the cgroup refcnt
even when cgroup_sk_alloc is disabled.
sk_clone_lock() is in BH context anyway, the in_interrupt()
would terminate this function if called there. And for sk_alloc()
skcd->val is always zero. So it's safe to factor out the code
to make it more readable.
The global variable 'cgroup_sk_alloc_disabled' is used to determine
whether to take these reference counts. It is impossible to make
the reference counting correct unless we save this bit of information
in skcd->val. So, add a new bit there to record whether the socket
has already taken the reference counts. This obviously relies on
kmalloc() to align cgroup pointers to at least 4 bytes,
ARCH_KMALLOC_MINALIGN is certainly larger than that.
This bug seems to be introduced since the beginning, commit
d979a39d7242 ("cgroup: duplicate cgroup reference when cloning sockets")
tried to fix it but not compeletely. It seems not easy to trigger until
the recent commit 090e28b229af
("netprio_cgroup: Fix unlimited memory leak of v2 cgroups") was merged.
Fixes: bd1060a1d671 ("sock, cgroup: add sock->sk_cgroup")
Reported-by: Cameron Berkenpas <cam@neo-zeon.de>
Reported-by: Peter Geis <pgwipeout@gmail.com>
Reported-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Reported-by: Daniël Sonck <dsonck92@gmail.com>
Reported-by: Zhang Qiang <qiang.zhang@windriver.com>
Tested-by: Cameron Berkenpas <cam@neo-zeon.de>
Tested-by: Peter Geis <pgwipeout@gmail.com>
Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Zefan Li <lizefan@huawei.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Roman Gushchin <guro@fb.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-03 03:52:56 +09:00
|
|
|
if (v & 3)
|
sock, cgroup: add sock->sk_cgroup
In cgroup v1, dealing with cgroup membership was difficult because the
number of membership associations was unbound. As a result, cgroup v1
grew several controllers whose primary purpose is either tagging
membership or pull in configuration knobs from other subsystems so
that cgroup membership test can be avoided.
net_cls and net_prio controllers are examples of the latter. They
allow configuring network-specific attributes from cgroup side so that
network subsystem can avoid testing cgroup membership; unfortunately,
these are not only cumbersome but also problematic.
Both net_cls and net_prio aren't properly hierarchical. Both inherit
configuration from the parent on creation but there's no interaction
afterwards. An ancestor doesn't restrict the behavior in its subtree
in anyway and configuration changes aren't propagated downwards.
Especially when combined with cgroup delegation, this is problematic
because delegatees can mess up whatever network configuration
implemented at the system level. net_prio would allow the delegatees
to set whatever priority value regardless of CAP_NET_ADMIN and net_cls
the same for classid.
While it is possible to solve these issues from controller side by
implementing hierarchical allowable ranges in both controllers, it
would involve quite a bit of complexity in the controllers and further
obfuscate network configuration as it becomes even more difficult to
tell what's actually being configured looking from the network side.
While not much can be done for v1 at this point, as membership
handling is sane on cgroup v2, it'd be better to make cgroup matching
behave like other network matches and classifiers than introducing
further complications.
In preparation, this patch updates sock->sk_cgrp_data handling so that
it points to the v2 cgroup that sock was created in until either
net_prio or net_cls is used. Once either of the two is used,
sock->sk_cgrp_data reverts to its previous role of carrying prioidx
and classid. This is to avoid adding yet another cgroup related field
to struct sock.
As the mode switching can happen at most once per boot, the switching
mechanism is aimed at lowering hot path overhead. It may leak a
finite, likely small, number of cgroup refs and report spurious
prioidx or classid on switching; however, dynamic updates of prioidx
and classid have always been racy and lossy - socks between creation
and fd installation are never updated, config changes don't update
existing sockets at all, and prioidx may index with dead and recycled
cgroup IDs. Non-critical inaccuracies from small race windows won't
make any noticeable difference.
This patch doesn't make use of the pointer yet. The following patch
will implement netfilter match for cgroup2 membership.
v2: Use sock_cgroup_data to avoid inflating struct sock w/ another
cgroup specific field.
v3: Add comments explaining why sock_data_prioidx() and
sock_data_classid() use different fallback values.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Daniel Wagner <daniel.wagner@bmw-carit.de>
CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-08 07:38:53 +09:00
|
|
|
return &cgrp_dfl_root.cgrp;
|
|
|
|
|
|
|
|
|
|
return (struct cgroup *)(unsigned long)v ?: &cgrp_dfl_root.cgrp;
|
|
|
|
|
#else
|
|
|
|
|
return (struct cgroup *)(unsigned long)skcd->val;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else /* CONFIG_CGROUP_DATA */
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_sk_alloc(struct sock_cgroup_data *skcd) {}
|
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
[ Upstream commit ad0f75e5f57ccbceec13274e1e242f2b5a6397ed ]
When we clone a socket in sk_clone_lock(), its sk_cgrp_data is
copied, so the cgroup refcnt must be taken too. And, unlike the
sk_alloc() path, sock_update_netprioidx() is not called here.
Therefore, it is safe and necessary to grab the cgroup refcnt
even when cgroup_sk_alloc is disabled.
sk_clone_lock() is in BH context anyway, the in_interrupt()
would terminate this function if called there. And for sk_alloc()
skcd->val is always zero. So it's safe to factor out the code
to make it more readable.
The global variable 'cgroup_sk_alloc_disabled' is used to determine
whether to take these reference counts. It is impossible to make
the reference counting correct unless we save this bit of information
in skcd->val. So, add a new bit there to record whether the socket
has already taken the reference counts. This obviously relies on
kmalloc() to align cgroup pointers to at least 4 bytes,
ARCH_KMALLOC_MINALIGN is certainly larger than that.
This bug seems to be introduced since the beginning, commit
d979a39d7242 ("cgroup: duplicate cgroup reference when cloning sockets")
tried to fix it but not compeletely. It seems not easy to trigger until
the recent commit 090e28b229af
("netprio_cgroup: Fix unlimited memory leak of v2 cgroups") was merged.
Fixes: bd1060a1d671 ("sock, cgroup: add sock->sk_cgroup")
Reported-by: Cameron Berkenpas <cam@neo-zeon.de>
Reported-by: Peter Geis <pgwipeout@gmail.com>
Reported-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Reported-by: Daniël Sonck <dsonck92@gmail.com>
Reported-by: Zhang Qiang <qiang.zhang@windriver.com>
Tested-by: Cameron Berkenpas <cam@neo-zeon.de>
Tested-by: Peter Geis <pgwipeout@gmail.com>
Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Zefan Li <lizefan@huawei.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Roman Gushchin <guro@fb.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-03 03:52:56 +09:00
|
|
|
static inline void cgroup_sk_clone(struct sock_cgroup_data *skcd) {}
|
sock, cgroup: add sock->sk_cgroup
In cgroup v1, dealing with cgroup membership was difficult because the
number of membership associations was unbound. As a result, cgroup v1
grew several controllers whose primary purpose is either tagging
membership or pull in configuration knobs from other subsystems so
that cgroup membership test can be avoided.
net_cls and net_prio controllers are examples of the latter. They
allow configuring network-specific attributes from cgroup side so that
network subsystem can avoid testing cgroup membership; unfortunately,
these are not only cumbersome but also problematic.
Both net_cls and net_prio aren't properly hierarchical. Both inherit
configuration from the parent on creation but there's no interaction
afterwards. An ancestor doesn't restrict the behavior in its subtree
in anyway and configuration changes aren't propagated downwards.
Especially when combined with cgroup delegation, this is problematic
because delegatees can mess up whatever network configuration
implemented at the system level. net_prio would allow the delegatees
to set whatever priority value regardless of CAP_NET_ADMIN and net_cls
the same for classid.
While it is possible to solve these issues from controller side by
implementing hierarchical allowable ranges in both controllers, it
would involve quite a bit of complexity in the controllers and further
obfuscate network configuration as it becomes even more difficult to
tell what's actually being configured looking from the network side.
While not much can be done for v1 at this point, as membership
handling is sane on cgroup v2, it'd be better to make cgroup matching
behave like other network matches and classifiers than introducing
further complications.
In preparation, this patch updates sock->sk_cgrp_data handling so that
it points to the v2 cgroup that sock was created in until either
net_prio or net_cls is used. Once either of the two is used,
sock->sk_cgrp_data reverts to its previous role of carrying prioidx
and classid. This is to avoid adding yet another cgroup related field
to struct sock.
As the mode switching can happen at most once per boot, the switching
mechanism is aimed at lowering hot path overhead. It may leak a
finite, likely small, number of cgroup refs and report spurious
prioidx or classid on switching; however, dynamic updates of prioidx
and classid have always been racy and lossy - socks between creation
and fd installation are never updated, config changes don't update
existing sockets at all, and prioidx may index with dead and recycled
cgroup IDs. Non-critical inaccuracies from small race windows won't
make any noticeable difference.
This patch doesn't make use of the pointer yet. The following patch
will implement netfilter match for cgroup2 membership.
v2: Use sock_cgroup_data to avoid inflating struct sock w/ another
cgroup specific field.
v3: Add comments explaining why sock_data_prioidx() and
sock_data_classid() use different fallback values.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Daniel Wagner <daniel.wagner@bmw-carit.de>
CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-08 07:38:53 +09:00
|
|
|
static inline void cgroup_sk_free(struct sock_cgroup_data *skcd) {}
|
|
|
|
|
|
|
|
|
|
#endif /* CONFIG_CGROUP_DATA */
|
|
|
|
|
|
2016-01-29 17:54:06 +09:00
|
|
|
struct cgroup_namespace {
|
2017-02-20 19:19:00 +09:00
|
|
|
refcount_t count;
|
2016-01-29 17:54:06 +09:00
|
|
|
struct ns_common ns;
|
|
|
|
|
struct user_namespace *user_ns;
|
2016-08-09 04:25:30 +09:00
|
|
|
struct ucounts *ucounts;
|
2016-01-29 17:54:06 +09:00
|
|
|
struct css_set *root_cset;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
extern struct cgroup_namespace init_cgroup_ns;
|
|
|
|
|
|
|
|
|
|
#ifdef CONFIG_CGROUPS
|
|
|
|
|
|
|
|
|
|
void free_cgroup_ns(struct cgroup_namespace *ns);
|
|
|
|
|
|
|
|
|
|
struct cgroup_namespace *copy_cgroup_ns(unsigned long flags,
|
|
|
|
|
struct user_namespace *user_ns,
|
|
|
|
|
struct cgroup_namespace *old_ns);
|
|
|
|
|
|
2016-08-11 00:23:44 +09:00
|
|
|
int cgroup_path_ns(struct cgroup *cgrp, char *buf, size_t buflen,
|
|
|
|
|
struct cgroup_namespace *ns);
|
2016-01-29 17:54:06 +09:00
|
|
|
|
|
|
|
|
#else /* !CONFIG_CGROUPS */
|
|
|
|
|
|
|
|
|
|
static inline void free_cgroup_ns(struct cgroup_namespace *ns) { }
|
|
|
|
|
static inline struct cgroup_namespace *
|
|
|
|
|
copy_cgroup_ns(unsigned long flags, struct user_namespace *user_ns,
|
|
|
|
|
struct cgroup_namespace *old_ns)
|
|
|
|
|
{
|
|
|
|
|
return old_ns;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* !CONFIG_CGROUPS */
|
|
|
|
|
|
|
|
|
|
static inline void get_cgroup_ns(struct cgroup_namespace *ns)
|
|
|
|
|
{
|
|
|
|
|
if (ns)
|
2017-02-20 19:19:00 +09:00
|
|
|
refcount_inc(&ns->count);
|
2016-01-29 17:54:06 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void put_cgroup_ns(struct cgroup_namespace *ns)
|
|
|
|
|
{
|
2017-02-20 19:19:00 +09:00
|
|
|
if (ns && refcount_dec_and_test(&ns->count))
|
2016-01-29 17:54:06 +09:00
|
|
|
free_cgroup_ns(ns);
|
|
|
|
|
}
|
|
|
|
|
|
cgroup: cgroup v2 freezer
Cgroup v1 implements the freezer controller, which provides an ability
to stop the workload in a cgroup and temporarily free up some
resources (cpu, io, network bandwidth and, potentially, memory)
for some other tasks. Cgroup v2 lacks this functionality.
This patch implements freezer for cgroup v2.
Cgroup v2 freezer tries to put tasks into a state similar to jobctl
stop. This means that tasks can be killed, ptraced (using
PTRACE_SEIZE*), and interrupted. It is possible to attach to
a frozen task, get some information (e.g. read registers) and detach.
It's also possible to migrate a frozen tasks to another cgroup.
This differs cgroup v2 freezer from cgroup v1 freezer, which mostly
tried to imitate the system-wide freezer. However uninterruptible
sleep is fine when all tasks are going to be frozen (hibernation case),
it's not the acceptable state for some subset of the system.
Cgroup v2 freezer is not supporting freezing kthreads.
If a non-root cgroup contains kthread, the cgroup still can be frozen,
but the kthread will remain running, the cgroup will be shown
as non-frozen, and the notification will not be delivered.
* PTRACE_ATTACH is not working because non-fatal signal delivery
is blocked in frozen state.
There are some interface differences between cgroup v1 and cgroup v2
freezer too, which are required to conform the cgroup v2 interface
design principles:
1) There is no separate controller, which has to be turned on:
the functionality is always available and is represented by
cgroup.freeze and cgroup.events cgroup control files.
2) The desired state is defined by the cgroup.freeze control file.
Any hierarchical configuration is allowed.
3) The interface is asynchronous. The actual state is available
using cgroup.events control file ("frozen" field). There are no
dedicated transitional states.
4) It's allowed to make any changes with the cgroup hierarchy
(create new cgroups, remove old cgroups, move tasks between cgroups)
no matter if some cgroups are frozen.
Signed-off-by: Roman Gushchin <guro@fb.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
No-objection-from-me-by: Oleg Nesterov <oleg@redhat.com>
Cc: kernel-team@fb.com
2019-04-20 02:03:04 +09:00
|
|
|
#ifdef CONFIG_CGROUPS
|
|
|
|
|
|
|
|
|
|
void cgroup_enter_frozen(void);
|
|
|
|
|
void cgroup_leave_frozen(bool always_leave);
|
|
|
|
|
void cgroup_update_frozen(struct cgroup *cgrp);
|
|
|
|
|
void cgroup_freeze(struct cgroup *cgrp, bool freeze);
|
|
|
|
|
void cgroup_freezer_migrate_task(struct task_struct *task, struct cgroup *src,
|
|
|
|
|
struct cgroup *dst);
|
2019-04-27 02:59:45 +09:00
|
|
|
|
cgroup: cgroup v2 freezer
Cgroup v1 implements the freezer controller, which provides an ability
to stop the workload in a cgroup and temporarily free up some
resources (cpu, io, network bandwidth and, potentially, memory)
for some other tasks. Cgroup v2 lacks this functionality.
This patch implements freezer for cgroup v2.
Cgroup v2 freezer tries to put tasks into a state similar to jobctl
stop. This means that tasks can be killed, ptraced (using
PTRACE_SEIZE*), and interrupted. It is possible to attach to
a frozen task, get some information (e.g. read registers) and detach.
It's also possible to migrate a frozen tasks to another cgroup.
This differs cgroup v2 freezer from cgroup v1 freezer, which mostly
tried to imitate the system-wide freezer. However uninterruptible
sleep is fine when all tasks are going to be frozen (hibernation case),
it's not the acceptable state for some subset of the system.
Cgroup v2 freezer is not supporting freezing kthreads.
If a non-root cgroup contains kthread, the cgroup still can be frozen,
but the kthread will remain running, the cgroup will be shown
as non-frozen, and the notification will not be delivered.
* PTRACE_ATTACH is not working because non-fatal signal delivery
is blocked in frozen state.
There are some interface differences between cgroup v1 and cgroup v2
freezer too, which are required to conform the cgroup v2 interface
design principles:
1) There is no separate controller, which has to be turned on:
the functionality is always available and is represented by
cgroup.freeze and cgroup.events cgroup control files.
2) The desired state is defined by the cgroup.freeze control file.
Any hierarchical configuration is allowed.
3) The interface is asynchronous. The actual state is available
using cgroup.events control file ("frozen" field). There are no
dedicated transitional states.
4) It's allowed to make any changes with the cgroup hierarchy
(create new cgroups, remove old cgroups, move tasks between cgroups)
no matter if some cgroups are frozen.
Signed-off-by: Roman Gushchin <guro@fb.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
No-objection-from-me-by: Oleg Nesterov <oleg@redhat.com>
Cc: kernel-team@fb.com
2019-04-20 02:03:04 +09:00
|
|
|
static inline bool cgroup_task_freeze(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
bool ret;
|
|
|
|
|
|
|
|
|
|
if (task->flags & PF_KTHREAD)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
|
ret = test_bit(CGRP_FREEZE, &task_dfl_cgroup(task)->flags);
|
|
|
|
|
rcu_read_unlock();
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline bool cgroup_task_frozen(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
return task->frozen;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else /* !CONFIG_CGROUPS */
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_enter_frozen(void) { }
|
|
|
|
|
static inline void cgroup_leave_frozen(bool always_leave) { }
|
|
|
|
|
static inline bool cgroup_task_freeze(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
static inline bool cgroup_task_frozen(struct task_struct *task)
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* !CONFIG_CGROUPS */
|
|
|
|
|
|
bpf: decouple the lifetime of cgroup_bpf from cgroup itself
Currently the lifetime of bpf programs attached to a cgroup is bound
to the lifetime of the cgroup itself. It means that if a user
forgets (or intentionally avoids) to detach a bpf program before
removing the cgroup, it will stay attached up to the release of the
cgroup. Since the cgroup can stay in the dying state (the state
between being rmdir()'ed and being released) for a very long time, it
leads to a waste of memory. Also, it blocks a possibility to implement
the memcg-based memory accounting for bpf objects, because a circular
reference dependency will occur. Charged memory pages are pinning the
corresponding memory cgroup, and if the memory cgroup is pinning
the attached bpf program, nothing will be ever released.
A dying cgroup can not contain any processes, so the only chance for
an attached bpf program to be executed is a live socket associated
with the cgroup. So in order to release all bpf data early, let's
count associated sockets using a new percpu refcounter. On cgroup
removal the counter is transitioned to the atomic mode, and as soon
as it reaches 0, all bpf programs are detached.
Because cgroup_bpf_release() can block, it can't be called from
the percpu ref counter callback directly, so instead an asynchronous
work is scheduled.
The reference counter is not socket specific, and can be used for any
other types of programs, which can be executed from a cgroup-bpf hook
outside of the process context, had such a need arise in the future.
Signed-off-by: Roman Gushchin <guro@fb.com>
Cc: jolsa@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2019-05-26 01:37:39 +09:00
|
|
|
#ifdef CONFIG_CGROUP_BPF
|
|
|
|
|
static inline void cgroup_bpf_get(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
percpu_ref_get(&cgrp->bpf.refcnt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_bpf_put(struct cgroup *cgrp)
|
|
|
|
|
{
|
|
|
|
|
percpu_ref_put(&cgrp->bpf.refcnt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else /* CONFIG_CGROUP_BPF */
|
|
|
|
|
|
|
|
|
|
static inline void cgroup_bpf_get(struct cgroup *cgrp) {}
|
|
|
|
|
static inline void cgroup_bpf_put(struct cgroup *cgrp) {}
|
|
|
|
|
|
|
|
|
|
#endif /* CONFIG_CGROUP_BPF */
|
|
|
|
|
|
Task Control Groups: basic task cgroup framework
Generic Process Control Groups
--------------------------
There have recently been various proposals floating around for
resource management/accounting and other task grouping subsystems in
the kernel, including ResGroups, User BeanCounters, NSProxy
cgroups, and others. These all need the basic abstraction of being
able to group together multiple processes in an aggregate, in order to
track/limit the resources permitted to those processes, or control
other behaviour of the processes, and all implement this grouping in
different ways.
This patchset provides a framework for tracking and grouping processes
into arbitrary "cgroups" and assigning arbitrary state to those
groupings, in order to control the behaviour of the cgroup as an
aggregate.
The intention is that the various resource management and
virtualization/cgroup efforts can also become task cgroup
clients, with the result that:
- the userspace APIs are (somewhat) normalised
- it's easier to test e.g. the ResGroups CPU controller in
conjunction with the BeanCounters memory controller, or use either of
them as the resource-control portion of a virtual server system.
- the additional kernel footprint of any of the competing resource
management systems is substantially reduced, since it doesn't need
to provide process grouping/containment, hence improving their
chances of getting into the kernel
This patch:
Add the main task cgroups framework - the cgroup filesystem, and the
basic structures for tracking membership and associating subsystem state
objects to tasks.
Signed-off-by: Paul Menage <menage@google.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Kirill Korotaev <dev@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 15:39:30 +09:00
|
|
|
#endif /* _LINUX_CGROUP_H */
|