[lxc/lxc] 60052c: cgroups: populate hierarchy for device cgroup
0 views
Skip to first unread message
Christian Brauner
Jul 20, 2021, 11:57:56 AM7/20/21
to lxc-...@lists.linuxcontainers.org
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 60052c3be7ea39832fb95b96e26215ed3bc35f6b
https://github.com/lxc/lxc/commit/60052c3be7ea39832fb95b96e26215ed3bc35f6b
Author: Stoiko Ivanov <s.iv...@proxmox.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: populate hierarchy for device cgroup
With the changes introduced in:
b7b1e3a34ce28b01206c48227930ff83d399e7b6
the hierarchy-struct did not have the path_lim set anymore, which is
needed by setup_limits_legacy (->cg_legacy_set_data->lxc_write_openat)
to actually access the cgroup directory.
The issue can be reproduced with a container config having
```
lxc.cgroup.devices.deny = a
```
(or any lxc.cgroup.devices entry) set on a system booted with
systemd.unified_cgroup_hierarchy=0.
This affects all privileged containers on PVE (due to the default
devices.deny entry).
Signed-off-by: Stoiko Ivanov <s.iv...@proxmox.com>
Commit: eece10d519a7a92f315d68fd074bcbef9b08abc7
https://github.com/lxc/lxc/commit/eece10d519a7a92f315d68fd074bcbef9b08abc7
Author: Stoiko Ivanov <s.iv...@proxmox.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: remove unneeded variables from cgroup_tree_create
Signed-off-by: Stoiko Ivanov <s.iv...@proxmox.com>
Commit: 669953fbd16cbdc663dc5b8afdb57af89194fb10
https://github.com/lxc/lxc/commit/669953fbd16cbdc663dc5b8afdb57af89194fb10
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Merge pull request #3911 from siv0/fix_legacy_cgroup_devices
Fix legacy cgroup devices
Compare: https://github.com/lxc/lxc/compare/0a755306618f...669953fbd16c
Home: https://github.com/lxc/lxc
Commit: 60052c3be7ea39832fb95b96e26215ed3bc35f6b
https://github.com/lxc/lxc/commit/60052c3be7ea39832fb95b96e26215ed3bc35f6b
Author: Stoiko Ivanov <s.iv...@proxmox.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: populate hierarchy for device cgroup
With the changes introduced in:
b7b1e3a34ce28b01206c48227930ff83d399e7b6
the hierarchy-struct did not have the path_lim set anymore, which is
needed by setup_limits_legacy (->cg_legacy_set_data->lxc_write_openat)
to actually access the cgroup directory.
The issue can be reproduced with a container config having
```
lxc.cgroup.devices.deny = a
```
(or any lxc.cgroup.devices entry) set on a system booted with
systemd.unified_cgroup_hierarchy=0.
This affects all privileged containers on PVE (due to the default
devices.deny entry).
Signed-off-by: Stoiko Ivanov <s.iv...@proxmox.com>
Commit: eece10d519a7a92f315d68fd074bcbef9b08abc7
https://github.com/lxc/lxc/commit/eece10d519a7a92f315d68fd074bcbef9b08abc7
Author: Stoiko Ivanov <s.iv...@proxmox.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: remove unneeded variables from cgroup_tree_create
Signed-off-by: Stoiko Ivanov <s.iv...@proxmox.com>
Commit: 669953fbd16cbdc663dc5b8afdb57af89194fb10
https://github.com/lxc/lxc/commit/669953fbd16cbdc663dc5b8afdb57af89194fb10
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-07-20 (Tue, 20 Jul 2021)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Merge pull request #3911 from siv0/fix_legacy_cgroup_devices
Fix legacy cgroup devices
Compare: https://github.com/lxc/lxc/compare/0a755306618f...669953fbd16c
Reply all
Reply to author
Forward
0 new messages