cgroup: disallow xattr, release_agent and name if sane_behavior
Disallow more mount options if sane_behavior. Note that xattr used to generate warning. While at it, simplify option check in cgroup_mount() and update sane_behavior comment in cgroup.h. Signed-off-by: Tejun Heo <tj@kernel.org> Acked-by: Li Zefan <lizefan@huawei.com>
This commit is contained in:
Tejun Heo
Родитель
a755180bab
Коммит
d3ba07c3aa
|
|
@ -227,8 +227,8 @@ enum {
|
||||||
*
|
*
|
||||||
* The followings are the behaviors currently affected this flag.
|
* The followings are the behaviors currently affected this flag.
|
||||||
*
|
*
|
||||||
* - Mount options "noprefix" and "clone_children" are disallowed.
|
* - Mount options "noprefix", "xattr", "clone_children",
|
||||||
* Also, cgroupfs file cgroup.clone_children is not created.
|
* "release_agent" and "name" are disallowed.
|
||||||
*
|
*
|
||||||
* - When mounting an existing superblock, mount options should
|
* - When mounting an existing superblock, mount options should
|
||||||
* match.
|
* match.
|
||||||
|
|
@ -246,7 +246,7 @@ enum {
|
||||||
* - "release_agent" and "notify_on_release" are removed.
|
* - "release_agent" and "notify_on_release" are removed.
|
||||||
* Replacement notification mechanism will be implemented.
|
* Replacement notification mechanism will be implemented.
|
||||||
*
|
*
|
||||||
* - "xattr" mount option is deprecated. kernfs always enables it.
|
* - "cgroup.clone_children" is removed.
|
||||||
*
|
*
|
||||||
* - cpuset: tasks will be kept in empty cpusets when hotplug happens
|
* - cpuset: tasks will be kept in empty cpusets when hotplug happens
|
||||||
* and take masks of ancestors with non-empty cpus/mems, instead of
|
* and take masks of ancestors with non-empty cpus/mems, instead of
|
||||||
|
|
|
||||||
|
|
@ -1226,18 +1226,12 @@ static int parse_cgroupfs_options(char *data, struct cgroup_sb_opts *opts)
|
||||||
if (opts->flags & CGRP_ROOT_SANE_BEHAVIOR) {
|
if (opts->flags & CGRP_ROOT_SANE_BEHAVIOR) {
|
||||||
pr_warning("cgroup: sane_behavior: this is still under development and its behaviors will change, proceed at your own risk\n");
|
pr_warning("cgroup: sane_behavior: this is still under development and its behaviors will change, proceed at your own risk\n");
|
||||||
|
|
||||||
if (opts->flags & CGRP_ROOT_NOPREFIX) {
|
if ((opts->flags & (CGRP_ROOT_NOPREFIX | CGRP_ROOT_XATTR)) ||
|
||||||
pr_err("cgroup: sane_behavior: noprefix is not allowed\n");
|
opts->cpuset_clone_children || opts->release_agent ||
|
||||||
|
opts->name) {
|
||||||
|
pr_err("cgroup: sane_behavior: noprefix, xattr, clone_children, release_agent and name are not allowed\n");
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (opts->cpuset_clone_children) {
|
|
||||||
pr_err("cgroup: sane_behavior: clone_children is not allowed\n");
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (opts->flags & CGRP_ROOT_XATTR)
|
|
||||||
pr_warning("cgroup: sane_behavior: xattr is always available, flag unnecessary\n");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче