The change in is_virtualized_cgroot makes cgroup-v2 "virtualized" only when it has enabled subsystems in it. And "virtualized" means that it will be: a) shown in different cgroup related proc files in container, b) allowed to be mounted in container and c) required to have separate root directory for container
Note: we don't expect cgroup-v2 root to change enabled controllers, it either has no controllers or has at least one all the way. Note: cgroup-v2 has one hierarchy for all controllers, so skipping misc and debug for vzctl is not required anymore. Add FS_VIRTUALIZED to cgroup2 to allow mounting in container. https://jira.vzint.dev/browse/PSBM-149975 Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> --- kernel/cgroup/cgroup.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 945130057a30..d902e675598d 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -2060,18 +2060,16 @@ struct ve_struct *get_curr_ve(void) */ static inline bool is_virtualized_cgroot(struct cgroup_root *cgroot) { - /* Cgroup v2 */ - if (cgroot == &cgrp_dfl_root) - return false; - + if (cgroot != &cgrp_dfl_root) { #if IS_ENABLED(CONFIG_CGROUP_DEBUG) - if (cgroot->subsys_mask & (1 << debug_cgrp_id)) - return false; + if (cgroot->subsys_mask & (1 << debug_cgrp_id)) + return false; #endif #if IS_ENABLED(CONFIG_CGROUP_MISC) - if (cgroot->subsys_mask & (1 << misc_cgrp_id)) - return false; + if (cgroot->subsys_mask & (1 << misc_cgrp_id)) + return false; #endif + } if (cgroot->subsys_mask) return true; @@ -2628,7 +2626,7 @@ static struct file_system_type cgroup2_fs_type = { .init_fs_context = cgroup_init_fs_context, .parameters = cgroup2_fs_parameters, .kill_sb = cgroup_kill_sb, - .fs_flags = FS_USERNS_MOUNT, + .fs_flags = FS_USERNS_MOUNT | FS_VIRTUALIZED, }; #ifdef CONFIG_CPUSETS -- 2.41.0 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
