cgroup: Introduce restore_special_propery()

To reduce restore_special_props() size - let's factor a new function for restoring one special property. No functional change expected. Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

cgroup: Introduce restore_special_propery()
To reduce restore_special_props() size - let's factor a new function for restoring one special property. No functional change expected. Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
f14cdada · Dmitry Safonov · Andrei Vagin · 16683565 · f14cdada
Commit f14cdada authored Jul 25, 2017 by Dmitry Safonov Committed by Andrei Vagin Nov 21, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 82 additions and 84 deletions

cgroup.c criu/cgroup.c +82 -84

No files found.
--- a/criu/cgroup.c
+++ b/criu/cgroup.c
@@ -1371,100 +1371,98 @@ int prepare_cgroup_properties(void)
 	return 0;
 }

-static int restore_special_props(char *paux, size_t off, CgroupDirEntry *e)
+static int restore_special_property(char *paux, size_t off, CgroupPropEntry *pr)
 {
-	int j;
+	/*
+	 * XXX: we can drop this hack and make memory.swappiness and
+	 * memory.oom_control regular properties when we drop support for
+	 * kernels < 3.16. See 3dae7fec5.
+	 */
+	if (!strcmp(pr->name, "memory.swappiness") && !strcmp(pr->value, "60"))
+		return 0;
+	if (!strcmp(pr->name, "memory.oom_control") && !strcmp(pr->value, "0"))
+		return 0;

-	pr_info("Restore special props\n");
+	if (!strcmp(pr->name, "devices.list")) {
+		/*
+		 * The devices cgroup must be restored in a special way:
+		 * only the contents of devices.list can be read, and it
+		 * is a whitelist of all the devices the cgroup is allowed
+		 * to create. To re-create this whitelist, we firstly deny
+		 * everything via devices.deny, and then write the list back
+		 * into devices.allow.
+		 *
+		 * Further, we must have a write() call for each line,
+		 * because the kernel only parses the first line of
+		 * any write().
+		 */
+		CgroupPropEntry *pe = pr;
+		char *old_val = pe->value, *old_name = pe->name;
+		int ret;
+		char *pos;

-	{
+		/*
+		 * A bit of a fudge here. These are write only by owner
+		 * by default, but the container engine could have changed
+		 * the perms. We should come up with a better way to
+		 * restore all of this stuff.
+		 */
+		pe->perms->mode = 0200;

-		for (j = 0; j < e->n_properties; j++) {
-			CgroupPropEntry *prop = e->properties[j];
+		pe->name = "devices.deny";
+		pe->value = "a";
+		ret = restore_cgroup_prop(pr, paux, off);
+		pe->name = old_name;
+		pe->value = old_val;

-			if (is_special_property(prop->name)) {
-				/* XXX: we can drop this hack and make
-				 * memory.swappiness and memory.oom_control
-				 * regular properties when we drop support for
-				 * kernels < 3.16. See 3dae7fec5.
-				 */
-				if (!strcmp(prop->name, "memory.swappiness") &&
-						!strcmp(prop->value, "60")) {
-					continue;
-				} else if (!strcmp(prop->name, "memory.oom_control") &&
-						!strcmp(prop->value, "0")) {
-					continue;
-				}
+		/*
+		 * An emptry string here means nothing is allowed,
+		 * and the kernel disallows writing an "" to devices.allow,
+		 * so let's just keep going.
+		 */
+		if (!strcmp(pe->value, ""))
+			return 0;

-				if (!strcmp(prop->name, "devices.list")) {
-					/* The devices cgroup must be restored in a
-					 * special way: only the contents of
-					 * devices.list can be read, and it is a
-					 * whitelist of all the devices the cgroup is
-					 * allowed to create. To re-creat this
-					 * whitelist, we first deny everything via
-					 * devices.deny, and then write the list back
-					 * into devices.allow.
-					 *
-					 * Further, we must have a write() call for
-					 * each line, because the kernel only parses
-					 * the first line of any write().
-					 */
-					CgroupPropEntry *pe = prop;
-					char *old_val = pe->value, *old_name = pe->name;
-					int ret;
-					char *pos;
-
-					/* A bit of a fudge here. These are
-					 * write only by owner by default, but
-					 * the container engine could have
-					 * changed the perms. We should come up
-					 * with a better way to restore all of
-					 * this stuff.
-					 */
-					pe->perms->mode = 0200;
-
-					pe->name = "devices.deny";
-					pe->value = "a";
-					ret = restore_cgroup_prop(prop, paux, off);
-					pe->name = old_name;
-					pe->value = old_val;
-
-					/* an emptry string here means nothing
-					 * is allowed, and the kernel disallows
-					 * writing an "" to devices.allow, so
-					 * let's just keep going.
-					 */
-					if (!strcmp(pe->value, ""))
-						continue;
+		if (ret < 0)
+			return -1;

-					if (ret < 0)
-						return -1;
+		pe->name = "devices.allow";

-					pe->name = "devices.allow";
-
-					pos = pe->value;
-					while (*pos) {
-						int offset = next_device_entry(pos);
-						pe->value = pos;
-						ret = restore_cgroup_prop(pe, paux, off);
-						if (ret < 0) {
-							pe->name = old_name;
-							pe->value = old_val;
-							return -1;
-						}
-						pos += offset;
-					}
-					pe->value = old_val;
-					pe->name = old_name;
-					continue;
+		pos = pe->value;
+		while (*pos) {
+			int offset = next_device_entry(pos);
+			pe->value = pos;
+			ret = restore_cgroup_prop(pe, paux, off);
+			if (ret < 0) {
+				pe->name = old_name;
+				pe->value = old_val;
+				return -1;
+			}
+			pos += offset;
+		}
+		pe->value = old_val;
+		pe->name = old_name;
+		return 0;
+	}

-				}
+	return restore_cgroup_prop(pr, paux, off);
+}

-				if (restore_cgroup_prop(prop, paux, off) < 0) {
-					return -1;
-				}
-			}
+static int restore_special_props(char *paux, size_t off, CgroupDirEntry *e)
+{
+	unsigned int j;
+
+	pr_info("Restore special props\n");
+
+	for (j = 0; j < e->n_properties; j++) {
+		CgroupPropEntry *prop = e->properties[j];
+
+		if (!is_special_property(prop->name))
+			continue;
+
+		if (restore_special_property(paux, off, prop) < 0) {
+			pr_err("Restoring %s special property failed\n", prop->name);
+			return -1;
 		}
 	}