summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fsimpl/cgroupfs/cgroupfs.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/fsimpl/cgroupfs/cgroupfs.go')
-rw-r--r--pkg/sentry/fsimpl/cgroupfs/cgroupfs.go24
1 files changed, 22 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/cgroupfs/cgroupfs.go b/pkg/sentry/fsimpl/cgroupfs/cgroupfs.go
index 3d4005fd8..6061bace2 100644
--- a/pkg/sentry/fsimpl/cgroupfs/cgroupfs.go
+++ b/pkg/sentry/fsimpl/cgroupfs/cgroupfs.go
@@ -94,6 +94,14 @@ var SupportedMountOptions = []string{"all", "cpu", "cpuacct", "cpuset", "memory"
// +stateify savable
type FilesystemType struct{}
+// InternalData contains internal data passed in to the cgroupfs mount via
+// vfs.GetFilesystemOptions.InternalData.
+//
+// +stateify savable
+type InternalData struct {
+ DefaultControlValues map[string]int64
+}
+
// filesystem implements vfs.FilesystemImpl.
//
// +stateify savable
@@ -218,13 +226,19 @@ func (fsType FilesystemType) GetFilesystem(ctx context.Context, vfsObj *vfs.Virt
fs.MaxCachedDentries = maxCachedDentries
fs.VFSFilesystem().Init(vfsObj, &fsType, fs)
+ var defaults map[string]int64
+ if opts.InternalData != nil {
+ ctx.Debugf("cgroupfs.FilesystemType.GetFilesystem: default control values: %v", defaults)
+ defaults = opts.InternalData.(*InternalData).DefaultControlValues
+ }
+
for _, ty := range wantControllers {
var c controller
switch ty {
case controllerMemory:
- c = newMemoryController(fs)
+ c = newMemoryController(fs, defaults)
case controllerCPU:
- c = newCPUController(fs)
+ c = newCPUController(fs, defaults)
case controllerCPUAcct:
c = newCPUAcctController(fs)
case controllerCPUSet:
@@ -235,6 +249,12 @@ func (fsType FilesystemType) GetFilesystem(ctx context.Context, vfsObj *vfs.Virt
fs.controllers = append(fs.controllers, c)
}
+ if len(defaults) != 0 {
+ // Internal data is always provided at sentry startup and unused values
+ // indicate a problem with the sandbox config. Fail fast.
+ panic(fmt.Sprintf("cgroupfs.FilesystemType.GetFilesystem: unknown internal mount data: %v", defaults))
+ }
+
// Controllers usually appear in alphabetical order when displayed. Sort it
// here now, so it never needs to be sorted elsewhere.
sort.Slice(fs.controllers, func(i, j int) bool { return fs.controllers[i].Type() < fs.controllers[j].Type() })
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 01:07:38 +0000