diff options
| author | gVisor bot <gvisor-bot@google.com> | 2020-05-27 17:51:40 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-05-27 17:51:40 +0000 |
| commit | 84452958e1397b337a806f815e07ae69c4f4c896 (patch) | |
| tree | 138422671bc14bd0c66f83c31be1a991888f3359 /runsc | |
| parent | bae1520437ecbd3dd217880cb51eb24b59d26f51 (diff) | |
| parent | 0bc022b7f3c13bb7c5c8d47d1781820161e7b1ad (diff) | |
Merge release-20200518.0-45-g0bc022b7 (automated)
Diffstat (limited to 'runsc')
40 files changed, 33 insertions, 17 deletions
diff --git a/runsc/boot/boot_amd64_state_autogen.go b/runsc/boot/boot_amd64_state_autogen.go index 23dd4b7b3..23dd4b7b3 100755..100644 --- a/runsc/boot/boot_amd64_state_autogen.go +++ b/runsc/boot/boot_amd64_state_autogen.go diff --git a/runsc/boot/boot_arm64_state_autogen.go b/runsc/boot/boot_arm64_state_autogen.go index 23dd4b7b3..23dd4b7b3 100755..100644 --- a/runsc/boot/boot_arm64_state_autogen.go +++ b/runsc/boot/boot_arm64_state_autogen.go diff --git a/runsc/boot/boot_state_autogen.go b/runsc/boot/boot_state_autogen.go index 167d1cf02..167d1cf02 100755..100644 --- a/runsc/boot/boot_state_autogen.go +++ b/runsc/boot/boot_state_autogen.go diff --git a/runsc/boot/compat_arm64.go b/runsc/boot/compat_arm64.go index bce9d95b3..bce9d95b3 100755..100644 --- a/runsc/boot/compat_arm64.go +++ b/runsc/boot/compat_arm64.go diff --git a/runsc/boot/filter/config_amd64.go b/runsc/boot/filter/config_amd64.go index 5335ff82c..5335ff82c 100755..100644 --- a/runsc/boot/filter/config_amd64.go +++ b/runsc/boot/filter/config_amd64.go diff --git a/runsc/boot/filter/config_arm64.go b/runsc/boot/filter/config_arm64.go index 7fa9bbda3..7fa9bbda3 100755..100644 --- a/runsc/boot/filter/config_arm64.go +++ b/runsc/boot/filter/config_arm64.go diff --git a/runsc/boot/filter/config_profile.go b/runsc/boot/filter/config_profile.go index 194952a7b..194952a7b 100755..100644 --- a/runsc/boot/filter/config_profile.go +++ b/runsc/boot/filter/config_profile.go diff --git a/runsc/boot/filter/filter_amd64_state_autogen.go b/runsc/boot/filter/filter_amd64_state_autogen.go index 0f27e5568..0f27e5568 100755..100644 --- a/runsc/boot/filter/filter_amd64_state_autogen.go +++ b/runsc/boot/filter/filter_amd64_state_autogen.go diff --git a/runsc/boot/filter/filter_arm64_state_autogen.go b/runsc/boot/filter/filter_arm64_state_autogen.go index e87cf5af7..e87cf5af7 100755..100644 --- a/runsc/boot/filter/filter_arm64_state_autogen.go +++ b/runsc/boot/filter/filter_arm64_state_autogen.go diff --git a/runsc/boot/filter/filter_race_state_autogen.go b/runsc/boot/filter/filter_race_state_autogen.go index c4a858e80..c4a858e80 100755..100644 --- a/runsc/boot/filter/filter_race_state_autogen.go +++ b/runsc/boot/filter/filter_race_state_autogen.go diff --git a/runsc/boot/filter/filter_state_autogen.go b/runsc/boot/filter/filter_state_autogen.go index 41ff99424..41ff99424 100755..100644 --- a/runsc/boot/filter/filter_state_autogen.go +++ b/runsc/boot/filter/filter_state_autogen.go diff --git a/runsc/boot/platforms/platforms_state_autogen.go b/runsc/boot/platforms/platforms_state_autogen.go index 8676d25c1..8676d25c1 100755..100644 --- a/runsc/boot/platforms/platforms_state_autogen.go +++ b/runsc/boot/platforms/platforms_state_autogen.go diff --git a/runsc/boot/pprof/pprof.go b/runsc/boot/pprof/pprof.go index 1ded20dee..1ded20dee 100755..100644 --- a/runsc/boot/pprof/pprof.go +++ b/runsc/boot/pprof/pprof.go diff --git a/runsc/boot/pprof/pprof_state_autogen.go b/runsc/boot/pprof/pprof_state_autogen.go index cabd43173..cabd43173 100755..100644 --- a/runsc/boot/pprof/pprof_state_autogen.go +++ b/runsc/boot/pprof/pprof_state_autogen.go diff --git a/runsc/boot/vfs.go b/runsc/boot/vfs.go index 147c901c4..147c901c4 100755..100644 --- a/runsc/boot/vfs.go +++ b/runsc/boot/vfs.go diff --git a/runsc/cgroup/cgroup.go b/runsc/cgroup/cgroup.go index fa40ee509..19c8b0db6 100644 --- a/runsc/cgroup/cgroup.go +++ b/runsc/cgroup/cgroup.go @@ -19,6 +19,7 @@ package cgroup import ( "bufio" "context" + "errors" "fmt" "io/ioutil" "os" @@ -38,21 +39,23 @@ const ( cgroupRoot = "/sys/fs/cgroup" ) -var controllers = map[string]controller{ - "blkio": &blockIO{}, - "cpu": &cpu{}, - "cpuset": &cpuSet{}, - "memory": &memory{}, - "net_cls": &networkClass{}, - "net_prio": &networkPrio{}, - "pids": &pids{}, +var controllers = map[string]config{ + "blkio": config{ctrlr: &blockIO{}}, + "cpu": config{ctrlr: &cpu{}}, + "cpuset": config{ctrlr: &cpuSet{}}, + "memory": config{ctrlr: &memory{}}, + "net_cls": config{ctrlr: &networkClass{}}, + "net_prio": config{ctrlr: &networkPrio{}}, + "pids": config{ctrlr: &pids{}}, // These controllers either don't have anything in the OCI spec or is // irrelevant for a sandbox. - "devices": &noop{}, - "freezer": &noop{}, - "perf_event": &noop{}, - "systemd": &noop{}, + "devices": config{ctrlr: &noop{}}, + "freezer": config{ctrlr: &noop{}}, + "hugetlb": config{ctrlr: &noop{}, optional: true}, + "perf_event": config{ctrlr: &noop{}}, + "rdma": config{ctrlr: &noop{}, optional: true}, + "systemd": config{ctrlr: &noop{}}, } func setOptionalValueInt(path, name string, val *int64) error { @@ -196,8 +199,9 @@ func LoadPaths(pid string) (map[string]string, error) { return paths, nil } -// Cgroup represents a group inside all controllers. For example: Name='/foo/bar' -// maps to /sys/fs/cgroup/<controller>/foo/bar on all controllers. +// Cgroup represents a group inside all controllers. For example: +// Name='/foo/bar' maps to /sys/fs/cgroup/<controller>/foo/bar on +// all controllers. type Cgroup struct { Name string `json:"name"` Parents map[string]string `json:"parents"` @@ -245,13 +249,17 @@ func (c *Cgroup) Install(res *specs.LinuxResources) error { clean := specutils.MakeCleanup(func() { _ = c.Uninstall() }) defer clean.Clean() - for key, ctrl := range controllers { + for key, cfg := range controllers { path := c.makePath(key) if err := os.MkdirAll(path, 0755); err != nil { + if cfg.optional && errors.Is(err, syscall.EROFS) { + log.Infof("Skipping cgroup %q", key) + continue + } return err } if res != nil { - if err := ctrl.set(res, path); err != nil { + if err := cfg.ctrlr.set(res, path); err != nil { return err } } @@ -321,10 +329,13 @@ func (c *Cgroup) Join() (func(), error) { } // Now join the cgroups. - for key := range controllers { + for key, cfg := range controllers { path := c.makePath(key) log.Debugf("Joining cgroup %q", path) if err := setValue(path, "cgroup.procs", "0"); err != nil { + if cfg.optional && os.IsNotExist(err) { + continue + } return undo, err } } @@ -375,6 +386,11 @@ func (c *Cgroup) makePath(controllerName string) string { return filepath.Join(cgroupRoot, controllerName, path) } +type config struct { + ctrlr controller + optional bool +} + type controller interface { set(*specs.LinuxResources, string) error } diff --git a/runsc/cgroup/cgroup_state_autogen.go b/runsc/cgroup/cgroup_state_autogen.go index 934ed169b..934ed169b 100755..100644 --- a/runsc/cgroup/cgroup_state_autogen.go +++ b/runsc/cgroup/cgroup_state_autogen.go diff --git a/runsc/cmd/cmd_state_autogen.go b/runsc/cmd/cmd_state_autogen.go index de8aa267b..de8aa267b 100755..100644 --- a/runsc/cmd/cmd_state_autogen.go +++ b/runsc/cmd/cmd_state_autogen.go diff --git a/runsc/cmd/statefile.go b/runsc/cmd/statefile.go index e6f1907da..e6f1907da 100755..100644 --- a/runsc/cmd/statefile.go +++ b/runsc/cmd/statefile.go diff --git a/runsc/console/console_state_autogen.go b/runsc/console/console_state_autogen.go index 80521cdb7..80521cdb7 100755..100644 --- a/runsc/console/console_state_autogen.go +++ b/runsc/console/console_state_autogen.go diff --git a/runsc/container/container_state_autogen.go b/runsc/container/container_state_autogen.go index 5bc1c1aff..5bc1c1aff 100755..100644 --- a/runsc/container/container_state_autogen.go +++ b/runsc/container/container_state_autogen.go diff --git a/runsc/container/state_file.go b/runsc/container/state_file.go index 17a251530..17a251530 100755..100644 --- a/runsc/container/state_file.go +++ b/runsc/container/state_file.go diff --git a/runsc/flag/flag.go b/runsc/flag/flag.go index 0ca4829d7..0ca4829d7 100755..100644 --- a/runsc/flag/flag.go +++ b/runsc/flag/flag.go diff --git a/runsc/flag/flag_state_autogen.go b/runsc/flag/flag_state_autogen.go index 933063e6c..933063e6c 100755..100644 --- a/runsc/flag/flag_state_autogen.go +++ b/runsc/flag/flag_state_autogen.go diff --git a/runsc/fsgofer/filter/config_amd64.go b/runsc/fsgofer/filter/config_amd64.go index a4b28cb8b..a4b28cb8b 100755..100644 --- a/runsc/fsgofer/filter/config_amd64.go +++ b/runsc/fsgofer/filter/config_amd64.go diff --git a/runsc/fsgofer/filter/config_arm64.go b/runsc/fsgofer/filter/config_arm64.go index d2697deb7..d2697deb7 100755..100644 --- a/runsc/fsgofer/filter/config_arm64.go +++ b/runsc/fsgofer/filter/config_arm64.go diff --git a/runsc/fsgofer/filter/filter_amd64_state_autogen.go b/runsc/fsgofer/filter/filter_amd64_state_autogen.go index 0f27e5568..0f27e5568 100755..100644 --- a/runsc/fsgofer/filter/filter_amd64_state_autogen.go +++ b/runsc/fsgofer/filter/filter_amd64_state_autogen.go diff --git a/runsc/fsgofer/filter/filter_arm64_state_autogen.go b/runsc/fsgofer/filter/filter_arm64_state_autogen.go index e87cf5af7..e87cf5af7 100755..100644 --- a/runsc/fsgofer/filter/filter_arm64_state_autogen.go +++ b/runsc/fsgofer/filter/filter_arm64_state_autogen.go diff --git a/runsc/fsgofer/filter/filter_race_state_autogen.go b/runsc/fsgofer/filter/filter_race_state_autogen.go index c4a858e80..c4a858e80 100755..100644 --- a/runsc/fsgofer/filter/filter_race_state_autogen.go +++ b/runsc/fsgofer/filter/filter_race_state_autogen.go diff --git a/runsc/fsgofer/filter/filter_state_autogen.go b/runsc/fsgofer/filter/filter_state_autogen.go index 41ff99424..41ff99424 100755..100644 --- a/runsc/fsgofer/filter/filter_state_autogen.go +++ b/runsc/fsgofer/filter/filter_state_autogen.go diff --git a/runsc/fsgofer/fsgofer_amd64_unsafe.go b/runsc/fsgofer/fsgofer_amd64_unsafe.go index 5d4aab597..5d4aab597 100755..100644 --- a/runsc/fsgofer/fsgofer_amd64_unsafe.go +++ b/runsc/fsgofer/fsgofer_amd64_unsafe.go diff --git a/runsc/fsgofer/fsgofer_amd64_unsafe_state_autogen.go b/runsc/fsgofer/fsgofer_amd64_unsafe_state_autogen.go index df6721aaa..df6721aaa 100755..100644 --- a/runsc/fsgofer/fsgofer_amd64_unsafe_state_autogen.go +++ b/runsc/fsgofer/fsgofer_amd64_unsafe_state_autogen.go diff --git a/runsc/fsgofer/fsgofer_arm64_unsafe.go b/runsc/fsgofer/fsgofer_arm64_unsafe.go index 8041fd352..8041fd352 100755..100644 --- a/runsc/fsgofer/fsgofer_arm64_unsafe.go +++ b/runsc/fsgofer/fsgofer_arm64_unsafe.go diff --git a/runsc/fsgofer/fsgofer_arm64_unsafe_state_autogen.go b/runsc/fsgofer/fsgofer_arm64_unsafe_state_autogen.go index d2a18c61c..d2a18c61c 100755..100644 --- a/runsc/fsgofer/fsgofer_arm64_unsafe_state_autogen.go +++ b/runsc/fsgofer/fsgofer_arm64_unsafe_state_autogen.go diff --git a/runsc/fsgofer/fsgofer_state_autogen.go b/runsc/fsgofer/fsgofer_state_autogen.go index d2f978fb9..d2f978fb9 100755..100644 --- a/runsc/fsgofer/fsgofer_state_autogen.go +++ b/runsc/fsgofer/fsgofer_state_autogen.go diff --git a/runsc/fsgofer/fsgofer_unsafe_state_autogen.go b/runsc/fsgofer/fsgofer_unsafe_state_autogen.go index d2f978fb9..d2f978fb9 100755..100644 --- a/runsc/fsgofer/fsgofer_unsafe_state_autogen.go +++ b/runsc/fsgofer/fsgofer_unsafe_state_autogen.go diff --git a/runsc/sandbox/sandbox_state_autogen.go b/runsc/sandbox/sandbox_state_autogen.go index 79ebc2220..79ebc2220 100755..100644 --- a/runsc/sandbox/sandbox_state_autogen.go +++ b/runsc/sandbox/sandbox_state_autogen.go diff --git a/runsc/sandbox/sandbox_unsafe_state_autogen.go b/runsc/sandbox/sandbox_unsafe_state_autogen.go index 79ebc2220..79ebc2220 100755..100644 --- a/runsc/sandbox/sandbox_unsafe_state_autogen.go +++ b/runsc/sandbox/sandbox_unsafe_state_autogen.go diff --git a/runsc/specutils/cri.go b/runsc/specutils/cri.go index 9c5877cd5..9c5877cd5 100755..100644 --- a/runsc/specutils/cri.go +++ b/runsc/specutils/cri.go diff --git a/runsc/specutils/specutils_state_autogen.go b/runsc/specutils/specutils_state_autogen.go index 11eefbaa2..11eefbaa2 100755..100644 --- a/runsc/specutils/specutils_state_autogen.go +++ b/runsc/specutils/specutils_state_autogen.go |