2 * Generic process-grouping system.
4 * Based originally on the cpuset system, extracted by Paul Menage
5 * Copyright (C) 2006 Google, Inc
7 * Notifications support
8 * Copyright (C) 2009 Nokia Corporation
9 * Author: Kirill A. Shutemov
11 * Copyright notices from the original cpuset code:
12 * --------------------------------------------------
13 * Copyright (C) 2003 BULL SA.
14 * Copyright (C) 2004-2006 Silicon Graphics, Inc.
16 * Portions derived from Patrick Mochel's sysfs code.
17 * sysfs is Copyright (c) 2001-3 Patrick Mochel
19 * 2003-10-10 Written by Simon Derr.
20 * 2003-10-22 Updates by Stephen Hemminger.
21 * 2004 May-July Rework by Paul Jackson.
22 * ---------------------------------------------------
24 * This file is subject to the terms and conditions of the GNU General Public
25 * License. See the file COPYING in the main directory of the Linux
26 * distribution for more details.
29 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
31 #include <linux/cgroup.h>
32 #include <linux/cred.h>
33 #include <linux/ctype.h>
34 #include <linux/errno.h>
35 #include <linux/init_task.h>
36 #include <linux/kernel.h>
37 #include <linux/list.h>
38 #include <linux/magic.h>
40 #include <linux/mutex.h>
41 #include <linux/mount.h>
42 #include <linux/pagemap.h>
43 #include <linux/proc_fs.h>
44 #include <linux/rcupdate.h>
45 #include <linux/sched.h>
46 #include <linux/slab.h>
47 #include <linux/spinlock.h>
48 #include <linux/percpu-rwsem.h>
49 #include <linux/string.h>
50 #include <linux/sort.h>
51 #include <linux/kmod.h>
52 #include <linux/delayacct.h>
53 #include <linux/cgroupstats.h>
54 #include <linux/hashtable.h>
55 #include <linux/pid_namespace.h>
56 #include <linux/idr.h>
57 #include <linux/vmalloc.h> /* TODO: replace with more sophisticated array */
58 #include <linux/kthread.h>
59 #include <linux/delay.h>
60 #include <linux/atomic.h>
61 #include <linux/cpuset.h>
65 * pidlists linger the following amount before being destroyed. The goal
66 * is avoiding frequent destruction in the middle of consecutive read calls
67 * Expiring in the middle is a performance problem not a correctness one.
68 * 1 sec should be enough.
70 #define CGROUP_PIDLIST_DESTROY_DELAY HZ
72 #define CGROUP_FILE_NAME_MAX (MAX_CGROUP_TYPE_NAMELEN + \
76 * cgroup_mutex is the master lock. Any modification to cgroup or its
77 * hierarchy must be performed while holding it.
79 * css_set_lock protects task->cgroups pointer, the list of css_set
80 * objects, and the chain of tasks off each css_set.
82 * These locks are exported if CONFIG_PROVE_RCU so that accessors in
83 * cgroup.h can use them for lockdep annotations.
85 #ifdef CONFIG_PROVE_RCU
86 DEFINE_MUTEX(cgroup_mutex);
87 DEFINE_SPINLOCK(css_set_lock);
88 EXPORT_SYMBOL_GPL(cgroup_mutex);
89 EXPORT_SYMBOL_GPL(css_set_lock);
91 static DEFINE_MUTEX(cgroup_mutex);
92 static DEFINE_SPINLOCK(css_set_lock);
96 * Protects cgroup_idr and css_idr so that IDs can be released without
97 * grabbing cgroup_mutex.
99 static DEFINE_SPINLOCK(cgroup_idr_lock);
102 * Protects cgroup_file->kn for !self csses. It synchronizes notifications
103 * against file removal/re-creation across css hiding.
105 static DEFINE_SPINLOCK(cgroup_file_kn_lock);
108 * Protects cgroup_subsys->release_agent_path. Modifying it also requires
109 * cgroup_mutex. Reading requires either cgroup_mutex or this spinlock.
111 static DEFINE_SPINLOCK(release_agent_path_lock);
113 struct percpu_rw_semaphore cgroup_threadgroup_rwsem;
115 #define cgroup_assert_mutex_or_rcu_locked() \
116 RCU_LOCKDEP_WARN(!rcu_read_lock_held() && \
117 !lockdep_is_held(&cgroup_mutex), \
118 "cgroup_mutex or RCU read lock required");
121 * cgroup destruction makes heavy use of work items and there can be a lot
122 * of concurrent destructions. Use a separate workqueue so that cgroup
123 * destruction work items don't end up filling up max_active of system_wq
124 * which may lead to deadlock.
126 static struct workqueue_struct *cgroup_destroy_wq;
129 * pidlist destructions need to be flushed on cgroup destruction. Use a
130 * separate workqueue as flush domain.
132 static struct workqueue_struct *cgroup_pidlist_destroy_wq;
134 /* generate an array of cgroup subsystem pointers */
135 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys,
136 static struct cgroup_subsys *cgroup_subsys[] = {
137 #include <linux/cgroup_subsys.h>
141 /* array of cgroup subsystem names */
142 #define SUBSYS(_x) [_x ## _cgrp_id] = #_x,
143 static const char *cgroup_subsys_name[] = {
144 #include <linux/cgroup_subsys.h>
148 /* array of static_keys for cgroup_subsys_enabled() and cgroup_subsys_on_dfl() */
150 DEFINE_STATIC_KEY_TRUE(_x ## _cgrp_subsys_enabled_key); \
151 DEFINE_STATIC_KEY_TRUE(_x ## _cgrp_subsys_on_dfl_key); \
152 EXPORT_SYMBOL_GPL(_x ## _cgrp_subsys_enabled_key); \
153 EXPORT_SYMBOL_GPL(_x ## _cgrp_subsys_on_dfl_key);
154 #include <linux/cgroup_subsys.h>
157 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys_enabled_key,
158 static struct static_key_true *cgroup_subsys_enabled_key[] = {
159 #include <linux/cgroup_subsys.h>
163 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys_on_dfl_key,
164 static struct static_key_true *cgroup_subsys_on_dfl_key[] = {
165 #include <linux/cgroup_subsys.h>
170 * The default hierarchy, reserved for the subsystems that are otherwise
171 * unattached - it never has more than a single cgroup, and all tasks are
172 * part of that cgroup.
174 struct cgroup_root cgrp_dfl_root;
175 EXPORT_SYMBOL_GPL(cgrp_dfl_root);
178 * The default hierarchy always exists but is hidden until mounted for the
179 * first time. This is for backward compatibility.
181 static bool cgrp_dfl_visible;
183 /* Controllers blocked by the commandline in v1 */
184 static u16 cgroup_no_v1_mask;
186 /* some controllers are not supported in the default hierarchy */
187 static u16 cgrp_dfl_inhibit_ss_mask;
189 /* some controllers are implicitly enabled on the default hierarchy */
190 static unsigned long cgrp_dfl_implicit_ss_mask;
192 /* The list of hierarchy roots */
194 static LIST_HEAD(cgroup_roots);
195 static int cgroup_root_count;
197 /* hierarchy ID allocation and mapping, protected by cgroup_mutex */
198 static DEFINE_IDR(cgroup_hierarchy_idr);
201 * Assign a monotonically increasing serial number to csses. It guarantees
202 * cgroups with bigger numbers are newer than those with smaller numbers.
203 * Also, as csses are always appended to the parent's ->children list, it
204 * guarantees that sibling csses are always sorted in the ascending serial
205 * number order on the list. Protected by cgroup_mutex.
207 static u64 css_serial_nr_next = 1;
210 * These bitmask flags indicate whether tasks in the fork and exit paths have
211 * fork/exit handlers to call. This avoids us having to do extra work in the
212 * fork/exit path to check which subsystems have fork/exit callbacks.
214 static u16 have_fork_callback __read_mostly;
215 static u16 have_exit_callback __read_mostly;
216 static u16 have_free_callback __read_mostly;
218 /* Ditto for the can_fork callback. */
219 static u16 have_canfork_callback __read_mostly;
221 static struct file_system_type cgroup2_fs_type;
222 static struct cftype cgroup_dfl_base_files[];
223 static struct cftype cgroup_legacy_base_files[];
225 static int rebind_subsystems(struct cgroup_root *dst_root, u16 ss_mask);
226 static void cgroup_lock_and_drain_offline(struct cgroup *cgrp);
227 static int cgroup_apply_control(struct cgroup *cgrp);
228 static void cgroup_finalize_control(struct cgroup *cgrp, int ret);
229 static void css_task_iter_advance(struct css_task_iter *it);
230 static int cgroup_destroy_locked(struct cgroup *cgrp);
231 static struct cgroup_subsys_state *css_create(struct cgroup *cgrp,
232 struct cgroup_subsys *ss);
233 static void css_release(struct percpu_ref *ref);
234 static void kill_css(struct cgroup_subsys_state *css);
235 static int cgroup_addrm_files(struct cgroup_subsys_state *css,
236 struct cgroup *cgrp, struct cftype cfts[],
240 * cgroup_ssid_enabled - cgroup subsys enabled test by subsys ID
241 * @ssid: subsys ID of interest
243 * cgroup_subsys_enabled() can only be used with literal subsys names which
244 * is fine for individual subsystems but unsuitable for cgroup core. This
245 * is slower static_key_enabled() based test indexed by @ssid.
247 static bool cgroup_ssid_enabled(int ssid)
249 return static_key_enabled(cgroup_subsys_enabled_key[ssid]);
252 static bool cgroup_ssid_no_v1(int ssid)
254 return cgroup_no_v1_mask & (1 << ssid);
258 * cgroup_on_dfl - test whether a cgroup is on the default hierarchy
259 * @cgrp: the cgroup of interest
261 * The default hierarchy is the v2 interface of cgroup and this function
262 * can be used to test whether a cgroup is on the default hierarchy for
263 * cases where a subsystem should behave differnetly depending on the
266 * The set of behaviors which change on the default hierarchy are still
267 * being determined and the mount option is prefixed with __DEVEL__.
269 * List of changed behaviors:
271 * - Mount options "noprefix", "xattr", "clone_children", "release_agent"
272 * and "name" are disallowed.
274 * - When mounting an existing superblock, mount options should match.
276 * - Remount is disallowed.
278 * - rename(2) is disallowed.
280 * - "tasks" is removed. Everything should be at process granularity. Use
281 * "cgroup.procs" instead.
283 * - "cgroup.procs" is not sorted. pids will be unique unless they got
284 * recycled inbetween reads.
286 * - "release_agent" and "notify_on_release" are removed. Replacement
287 * notification mechanism will be implemented.
289 * - "cgroup.clone_children" is removed.
291 * - "cgroup.subtree_populated" is available. Its value is 0 if the cgroup
292 * and its descendants contain no task; otherwise, 1. The file also
293 * generates kernfs notification which can be monitored through poll and
294 * [di]notify when the value of the file changes.
296 * - cpuset: tasks will be kept in empty cpusets when hotplug happens and
297 * take masks of ancestors with non-empty cpus/mems, instead of being
298 * moved to an ancestor.
300 * - cpuset: a task can be moved into an empty cpuset, and again it takes
301 * masks of ancestors.
303 * - memcg: use_hierarchy is on by default and the cgroup file for the flag
306 * - blkcg: blk-throttle becomes properly hierarchical.
308 * - debug: disallowed on the default hierarchy.
310 static bool cgroup_on_dfl(const struct cgroup *cgrp)
312 return cgrp->root == &cgrp_dfl_root;
315 /* IDR wrappers which synchronize using cgroup_idr_lock */
316 static int cgroup_idr_alloc(struct idr *idr, void *ptr, int start, int end,
321 idr_preload(gfp_mask);
322 spin_lock_bh(&cgroup_idr_lock);
323 ret = idr_alloc(idr, ptr, start, end, gfp_mask & ~__GFP_DIRECT_RECLAIM);
324 spin_unlock_bh(&cgroup_idr_lock);
329 static void *cgroup_idr_replace(struct idr *idr, void *ptr, int id)
333 spin_lock_bh(&cgroup_idr_lock);
334 ret = idr_replace(idr, ptr, id);
335 spin_unlock_bh(&cgroup_idr_lock);
339 static void cgroup_idr_remove(struct idr *idr, int id)
341 spin_lock_bh(&cgroup_idr_lock);
343 spin_unlock_bh(&cgroup_idr_lock);
346 static struct cgroup *cgroup_parent(struct cgroup *cgrp)
348 struct cgroup_subsys_state *parent_css = cgrp->self.parent;
351 return container_of(parent_css, struct cgroup, self);
355 /* subsystems visibly enabled on a cgroup */
356 static u16 cgroup_control(struct cgroup *cgrp)
358 struct cgroup *parent = cgroup_parent(cgrp);
359 u16 root_ss_mask = cgrp->root->subsys_mask;
362 return parent->subtree_control;
364 if (cgroup_on_dfl(cgrp))
365 root_ss_mask &= ~(cgrp_dfl_inhibit_ss_mask |
366 cgrp_dfl_implicit_ss_mask);
370 /* subsystems enabled on a cgroup */
371 static u16 cgroup_ss_mask(struct cgroup *cgrp)
373 struct cgroup *parent = cgroup_parent(cgrp);
376 return parent->subtree_ss_mask;
378 return cgrp->root->subsys_mask;
382 * cgroup_css - obtain a cgroup's css for the specified subsystem
383 * @cgrp: the cgroup of interest
384 * @ss: the subsystem of interest (%NULL returns @cgrp->self)
386 * Return @cgrp's css (cgroup_subsys_state) associated with @ss. This
387 * function must be called either under cgroup_mutex or rcu_read_lock() and
388 * the caller is responsible for pinning the returned css if it wants to
389 * keep accessing it outside the said locks. This function may return
390 * %NULL if @cgrp doesn't have @subsys_id enabled.
392 static struct cgroup_subsys_state *cgroup_css(struct cgroup *cgrp,
393 struct cgroup_subsys *ss)
396 return rcu_dereference_check(cgrp->subsys[ss->id],
397 lockdep_is_held(&cgroup_mutex));
403 * cgroup_e_css - obtain a cgroup's effective css for the specified subsystem
404 * @cgrp: the cgroup of interest
405 * @ss: the subsystem of interest (%NULL returns @cgrp->self)
407 * Similar to cgroup_css() but returns the effective css, which is defined
408 * as the matching css of the nearest ancestor including self which has @ss
409 * enabled. If @ss is associated with the hierarchy @cgrp is on, this
410 * function is guaranteed to return non-NULL css.
412 static struct cgroup_subsys_state *cgroup_e_css(struct cgroup *cgrp,
413 struct cgroup_subsys *ss)
415 lockdep_assert_held(&cgroup_mutex);
421 * This function is used while updating css associations and thus
422 * can't test the csses directly. Test ss_mask.
424 while (!(cgroup_ss_mask(cgrp) & (1 << ss->id))) {
425 cgrp = cgroup_parent(cgrp);
430 return cgroup_css(cgrp, ss);
434 * cgroup_get_e_css - get a cgroup's effective css for the specified subsystem
435 * @cgrp: the cgroup of interest
436 * @ss: the subsystem of interest
438 * Find and get the effective css of @cgrp for @ss. The effective css is
439 * defined as the matching css of the nearest ancestor including self which
440 * has @ss enabled. If @ss is not mounted on the hierarchy @cgrp is on,
441 * the root css is returned, so this function always returns a valid css.
442 * The returned css must be put using css_put().
444 struct cgroup_subsys_state *cgroup_get_e_css(struct cgroup *cgrp,
445 struct cgroup_subsys *ss)
447 struct cgroup_subsys_state *css;
452 css = cgroup_css(cgrp, ss);
454 if (css && css_tryget_online(css))
456 cgrp = cgroup_parent(cgrp);
459 css = init_css_set.subsys[ss->id];
466 /* convenient tests for these bits */
467 static inline bool cgroup_is_dead(const struct cgroup *cgrp)
469 return !(cgrp->self.flags & CSS_ONLINE);
472 static void cgroup_get(struct cgroup *cgrp)
474 WARN_ON_ONCE(cgroup_is_dead(cgrp));
475 css_get(&cgrp->self);
478 static bool cgroup_tryget(struct cgroup *cgrp)
480 return css_tryget(&cgrp->self);
483 struct cgroup_subsys_state *of_css(struct kernfs_open_file *of)
485 struct cgroup *cgrp = of->kn->parent->priv;
486 struct cftype *cft = of_cft(of);
489 * This is open and unprotected implementation of cgroup_css().
490 * seq_css() is only called from a kernfs file operation which has
491 * an active reference on the file. Because all the subsystem
492 * files are drained before a css is disassociated with a cgroup,
493 * the matching css from the cgroup's subsys table is guaranteed to
494 * be and stay valid until the enclosing operation is complete.
497 return rcu_dereference_raw(cgrp->subsys[cft->ss->id]);
501 EXPORT_SYMBOL_GPL(of_css);
503 static int notify_on_release(const struct cgroup *cgrp)
505 return test_bit(CGRP_NOTIFY_ON_RELEASE, &cgrp->flags);
509 * for_each_css - iterate all css's of a cgroup
510 * @css: the iteration cursor
511 * @ssid: the index of the subsystem, CGROUP_SUBSYS_COUNT after reaching the end
512 * @cgrp: the target cgroup to iterate css's of
514 * Should be called under cgroup_[tree_]mutex.
516 #define for_each_css(css, ssid, cgrp) \
517 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT; (ssid)++) \
518 if (!((css) = rcu_dereference_check( \
519 (cgrp)->subsys[(ssid)], \
520 lockdep_is_held(&cgroup_mutex)))) { } \
524 * for_each_e_css - iterate all effective css's of a cgroup
525 * @css: the iteration cursor
526 * @ssid: the index of the subsystem, CGROUP_SUBSYS_COUNT after reaching the end
527 * @cgrp: the target cgroup to iterate css's of
529 * Should be called under cgroup_[tree_]mutex.
531 #define for_each_e_css(css, ssid, cgrp) \
532 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT; (ssid)++) \
533 if (!((css) = cgroup_e_css(cgrp, cgroup_subsys[(ssid)]))) \
538 * for_each_subsys - iterate all enabled cgroup subsystems
539 * @ss: the iteration cursor
540 * @ssid: the index of @ss, CGROUP_SUBSYS_COUNT after reaching the end
542 #define for_each_subsys(ss, ssid) \
543 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT && \
544 (((ss) = cgroup_subsys[ssid]) || true); (ssid)++)
547 * do_each_subsys_mask - filter for_each_subsys with a bitmask
548 * @ss: the iteration cursor
549 * @ssid: the index of @ss, CGROUP_SUBSYS_COUNT after reaching the end
550 * @ss_mask: the bitmask
552 * The block will only run for cases where the ssid-th bit (1 << ssid) of
555 #define do_each_subsys_mask(ss, ssid, ss_mask) do { \
556 unsigned long __ss_mask = (ss_mask); \
557 if (!CGROUP_SUBSYS_COUNT) { /* to avoid spurious gcc warning */ \
561 for_each_set_bit(ssid, &__ss_mask, CGROUP_SUBSYS_COUNT) { \
562 (ss) = cgroup_subsys[ssid]; \
565 #define while_each_subsys_mask() \
570 /* iterate across the hierarchies */
571 #define for_each_root(root) \
572 list_for_each_entry((root), &cgroup_roots, root_list)
574 /* iterate over child cgrps, lock should be held throughout iteration */
575 #define cgroup_for_each_live_child(child, cgrp) \
576 list_for_each_entry((child), &(cgrp)->self.children, self.sibling) \
577 if (({ lockdep_assert_held(&cgroup_mutex); \
578 cgroup_is_dead(child); })) \
582 /* walk live descendants in preorder */
583 #define cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) \
584 css_for_each_descendant_pre((d_css), cgroup_css((cgrp), NULL)) \
585 if (({ lockdep_assert_held(&cgroup_mutex); \
586 (dsct) = (d_css)->cgroup; \
587 cgroup_is_dead(dsct); })) \
591 /* walk live descendants in postorder */
592 #define cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) \
593 css_for_each_descendant_post((d_css), cgroup_css((cgrp), NULL)) \
594 if (({ lockdep_assert_held(&cgroup_mutex); \
595 (dsct) = (d_css)->cgroup; \
596 cgroup_is_dead(dsct); })) \
600 static void cgroup_release_agent(struct work_struct *work);
601 static void check_for_release(struct cgroup *cgrp);
604 * A cgroup can be associated with multiple css_sets as different tasks may
605 * belong to different cgroups on different hierarchies. In the other
606 * direction, a css_set is naturally associated with multiple cgroups.
607 * This M:N relationship is represented by the following link structure
608 * which exists for each association and allows traversing the associations
611 struct cgrp_cset_link {
612 /* the cgroup and css_set this link associates */
614 struct css_set *cset;
616 /* list of cgrp_cset_links anchored at cgrp->cset_links */
617 struct list_head cset_link;
619 /* list of cgrp_cset_links anchored at css_set->cgrp_links */
620 struct list_head cgrp_link;
624 * The default css_set - used by init and its children prior to any
625 * hierarchies being mounted. It contains a pointer to the root state
626 * for each subsystem. Also used to anchor the list of css_sets. Not
627 * reference-counted, to improve performance when child cgroups
628 * haven't been created.
630 struct css_set init_css_set = {
631 .refcount = ATOMIC_INIT(1),
632 .cgrp_links = LIST_HEAD_INIT(init_css_set.cgrp_links),
633 .tasks = LIST_HEAD_INIT(init_css_set.tasks),
634 .mg_tasks = LIST_HEAD_INIT(init_css_set.mg_tasks),
635 .mg_preload_node = LIST_HEAD_INIT(init_css_set.mg_preload_node),
636 .mg_node = LIST_HEAD_INIT(init_css_set.mg_node),
637 .task_iters = LIST_HEAD_INIT(init_css_set.task_iters),
640 static int css_set_count = 1; /* 1 for init_css_set */
643 * css_set_populated - does a css_set contain any tasks?
644 * @cset: target css_set
646 static bool css_set_populated(struct css_set *cset)
648 lockdep_assert_held(&css_set_lock);
650 return !list_empty(&cset->tasks) || !list_empty(&cset->mg_tasks);
654 * cgroup_update_populated - updated populated count of a cgroup
655 * @cgrp: the target cgroup
656 * @populated: inc or dec populated count
658 * One of the css_sets associated with @cgrp is either getting its first
659 * task or losing the last. Update @cgrp->populated_cnt accordingly. The
660 * count is propagated towards root so that a given cgroup's populated_cnt
661 * is zero iff the cgroup and all its descendants don't contain any tasks.
663 * @cgrp's interface file "cgroup.populated" is zero if
664 * @cgrp->populated_cnt is zero and 1 otherwise. When @cgrp->populated_cnt
665 * changes from or to zero, userland is notified that the content of the
666 * interface file has changed. This can be used to detect when @cgrp and
667 * its descendants become populated or empty.
669 static void cgroup_update_populated(struct cgroup *cgrp, bool populated)
671 lockdep_assert_held(&css_set_lock);
677 trigger = !cgrp->populated_cnt++;
679 trigger = !--cgrp->populated_cnt;
684 check_for_release(cgrp);
685 cgroup_file_notify(&cgrp->events_file);
687 cgrp = cgroup_parent(cgrp);
692 * css_set_update_populated - update populated state of a css_set
693 * @cset: target css_set
694 * @populated: whether @cset is populated or depopulated
696 * @cset is either getting the first task or losing the last. Update the
697 * ->populated_cnt of all associated cgroups accordingly.
699 static void css_set_update_populated(struct css_set *cset, bool populated)
701 struct cgrp_cset_link *link;
703 lockdep_assert_held(&css_set_lock);
705 list_for_each_entry(link, &cset->cgrp_links, cgrp_link)
706 cgroup_update_populated(link->cgrp, populated);
710 * css_set_move_task - move a task from one css_set to another
711 * @task: task being moved
712 * @from_cset: css_set @task currently belongs to (may be NULL)
713 * @to_cset: new css_set @task is being moved to (may be NULL)
714 * @use_mg_tasks: move to @to_cset->mg_tasks instead of ->tasks
716 * Move @task from @from_cset to @to_cset. If @task didn't belong to any
717 * css_set, @from_cset can be NULL. If @task is being disassociated
718 * instead of moved, @to_cset can be NULL.
720 * This function automatically handles populated_cnt updates and
721 * css_task_iter adjustments but the caller is responsible for managing
722 * @from_cset and @to_cset's reference counts.
724 static void css_set_move_task(struct task_struct *task,
725 struct css_set *from_cset, struct css_set *to_cset,
728 lockdep_assert_held(&css_set_lock);
730 if (to_cset && !css_set_populated(to_cset))
731 css_set_update_populated(to_cset, true);
734 struct css_task_iter *it, *pos;
736 WARN_ON_ONCE(list_empty(&task->cg_list));
739 * @task is leaving, advance task iterators which are
740 * pointing to it so that they can resume at the next
741 * position. Advancing an iterator might remove it from
742 * the list, use safe walk. See css_task_iter_advance*()
745 list_for_each_entry_safe(it, pos, &from_cset->task_iters,
747 if (it->task_pos == &task->cg_list)
748 css_task_iter_advance(it);
750 list_del_init(&task->cg_list);
751 if (!css_set_populated(from_cset))
752 css_set_update_populated(from_cset, false);
754 WARN_ON_ONCE(!list_empty(&task->cg_list));
759 * We are synchronized through cgroup_threadgroup_rwsem
760 * against PF_EXITING setting such that we can't race
761 * against cgroup_exit() changing the css_set to
762 * init_css_set and dropping the old one.
764 WARN_ON_ONCE(task->flags & PF_EXITING);
766 rcu_assign_pointer(task->cgroups, to_cset);
767 list_add_tail(&task->cg_list, use_mg_tasks ? &to_cset->mg_tasks :
773 * hash table for cgroup groups. This improves the performance to find
774 * an existing css_set. This hash doesn't (currently) take into
775 * account cgroups in empty hierarchies.
777 #define CSS_SET_HASH_BITS 7
778 static DEFINE_HASHTABLE(css_set_table, CSS_SET_HASH_BITS);
780 static unsigned long css_set_hash(struct cgroup_subsys_state *css[])
782 unsigned long key = 0UL;
783 struct cgroup_subsys *ss;
786 for_each_subsys(ss, i)
787 key += (unsigned long)css[i];
788 key = (key >> 16) ^ key;
793 static void put_css_set_locked(struct css_set *cset)
795 struct cgrp_cset_link *link, *tmp_link;
796 struct cgroup_subsys *ss;
799 lockdep_assert_held(&css_set_lock);
801 if (!atomic_dec_and_test(&cset->refcount))
804 /* This css_set is dead. unlink it and release cgroup and css refs */
805 for_each_subsys(ss, ssid) {
806 list_del(&cset->e_cset_node[ssid]);
807 css_put(cset->subsys[ssid]);
809 hash_del(&cset->hlist);
812 list_for_each_entry_safe(link, tmp_link, &cset->cgrp_links, cgrp_link) {
813 list_del(&link->cset_link);
814 list_del(&link->cgrp_link);
815 if (cgroup_parent(link->cgrp))
816 cgroup_put(link->cgrp);
820 kfree_rcu(cset, rcu_head);
823 static void put_css_set(struct css_set *cset)
826 * Ensure that the refcount doesn't hit zero while any readers
827 * can see it. Similar to atomic_dec_and_lock(), but for an
830 if (atomic_add_unless(&cset->refcount, -1, 1))
833 spin_lock_bh(&css_set_lock);
834 put_css_set_locked(cset);
835 spin_unlock_bh(&css_set_lock);
839 * refcounted get/put for css_set objects
841 static inline void get_css_set(struct css_set *cset)
843 atomic_inc(&cset->refcount);
847 * compare_css_sets - helper function for find_existing_css_set().
848 * @cset: candidate css_set being tested
849 * @old_cset: existing css_set for a task
850 * @new_cgrp: cgroup that's being entered by the task
851 * @template: desired set of css pointers in css_set (pre-calculated)
853 * Returns true if "cset" matches "old_cset" except for the hierarchy
854 * which "new_cgrp" belongs to, for which it should match "new_cgrp".
856 static bool compare_css_sets(struct css_set *cset,
857 struct css_set *old_cset,
858 struct cgroup *new_cgrp,
859 struct cgroup_subsys_state *template[])
861 struct list_head *l1, *l2;
864 * On the default hierarchy, there can be csets which are
865 * associated with the same set of cgroups but different csses.
866 * Let's first ensure that csses match.
868 if (memcmp(template, cset->subsys, sizeof(cset->subsys)))
872 * Compare cgroup pointers in order to distinguish between
873 * different cgroups in hierarchies. As different cgroups may
874 * share the same effective css, this comparison is always
877 l1 = &cset->cgrp_links;
878 l2 = &old_cset->cgrp_links;
880 struct cgrp_cset_link *link1, *link2;
881 struct cgroup *cgrp1, *cgrp2;
885 /* See if we reached the end - both lists are equal length. */
886 if (l1 == &cset->cgrp_links) {
887 BUG_ON(l2 != &old_cset->cgrp_links);
890 BUG_ON(l2 == &old_cset->cgrp_links);
892 /* Locate the cgroups associated with these links. */
893 link1 = list_entry(l1, struct cgrp_cset_link, cgrp_link);
894 link2 = list_entry(l2, struct cgrp_cset_link, cgrp_link);
897 /* Hierarchies should be linked in the same order. */
898 BUG_ON(cgrp1->root != cgrp2->root);
901 * If this hierarchy is the hierarchy of the cgroup
902 * that's changing, then we need to check that this
903 * css_set points to the new cgroup; if it's any other
904 * hierarchy, then this css_set should point to the
905 * same cgroup as the old css_set.
907 if (cgrp1->root == new_cgrp->root) {
908 if (cgrp1 != new_cgrp)
919 * find_existing_css_set - init css array and find the matching css_set
920 * @old_cset: the css_set that we're using before the cgroup transition
921 * @cgrp: the cgroup that we're moving into
922 * @template: out param for the new set of csses, should be clear on entry
924 static struct css_set *find_existing_css_set(struct css_set *old_cset,
926 struct cgroup_subsys_state *template[])
928 struct cgroup_root *root = cgrp->root;
929 struct cgroup_subsys *ss;
930 struct css_set *cset;
935 * Build the set of subsystem state objects that we want to see in the
936 * new css_set. while subsystems can change globally, the entries here
937 * won't change, so no need for locking.
939 for_each_subsys(ss, i) {
940 if (root->subsys_mask & (1UL << i)) {
942 * @ss is in this hierarchy, so we want the
943 * effective css from @cgrp.
945 template[i] = cgroup_e_css(cgrp, ss);
948 * @ss is not in this hierarchy, so we don't want
951 template[i] = old_cset->subsys[i];
955 key = css_set_hash(template);
956 hash_for_each_possible(css_set_table, cset, hlist, key) {
957 if (!compare_css_sets(cset, old_cset, cgrp, template))
960 /* This css_set matches what we need */
964 /* No existing cgroup group matched */
968 static void free_cgrp_cset_links(struct list_head *links_to_free)
970 struct cgrp_cset_link *link, *tmp_link;
972 list_for_each_entry_safe(link, tmp_link, links_to_free, cset_link) {
973 list_del(&link->cset_link);
979 * allocate_cgrp_cset_links - allocate cgrp_cset_links
980 * @count: the number of links to allocate
981 * @tmp_links: list_head the allocated links are put on
983 * Allocate @count cgrp_cset_link structures and chain them on @tmp_links
984 * through ->cset_link. Returns 0 on success or -errno.
986 static int allocate_cgrp_cset_links(int count, struct list_head *tmp_links)
988 struct cgrp_cset_link *link;
991 INIT_LIST_HEAD(tmp_links);
993 for (i = 0; i < count; i++) {
994 link = kzalloc(sizeof(*link), GFP_KERNEL);
996 free_cgrp_cset_links(tmp_links);
999 list_add(&link->cset_link, tmp_links);
1005 * link_css_set - a helper function to link a css_set to a cgroup
1006 * @tmp_links: cgrp_cset_link objects allocated by allocate_cgrp_cset_links()
1007 * @cset: the css_set to be linked
1008 * @cgrp: the destination cgroup
1010 static void link_css_set(struct list_head *tmp_links, struct css_set *cset,
1011 struct cgroup *cgrp)
1013 struct cgrp_cset_link *link;
1015 BUG_ON(list_empty(tmp_links));
1017 if (cgroup_on_dfl(cgrp))
1018 cset->dfl_cgrp = cgrp;
1020 link = list_first_entry(tmp_links, struct cgrp_cset_link, cset_link);
1025 * Always add links to the tail of the lists so that the lists are
1026 * in choronological order.
1028 list_move_tail(&link->cset_link, &cgrp->cset_links);
1029 list_add_tail(&link->cgrp_link, &cset->cgrp_links);
1031 if (cgroup_parent(cgrp))
1036 * find_css_set - return a new css_set with one cgroup updated
1037 * @old_cset: the baseline css_set
1038 * @cgrp: the cgroup to be updated
1040 * Return a new css_set that's equivalent to @old_cset, but with @cgrp
1041 * substituted into the appropriate hierarchy.
1043 static struct css_set *find_css_set(struct css_set *old_cset,
1044 struct cgroup *cgrp)
1046 struct cgroup_subsys_state *template[CGROUP_SUBSYS_COUNT] = { };
1047 struct css_set *cset;
1048 struct list_head tmp_links;
1049 struct cgrp_cset_link *link;
1050 struct cgroup_subsys *ss;
1054 lockdep_assert_held(&cgroup_mutex);
1056 /* First see if we already have a cgroup group that matches
1057 * the desired set */
1058 spin_lock_bh(&css_set_lock);
1059 cset = find_existing_css_set(old_cset, cgrp, template);
1062 spin_unlock_bh(&css_set_lock);
1067 cset = kzalloc(sizeof(*cset), GFP_KERNEL);
1071 /* Allocate all the cgrp_cset_link objects that we'll need */
1072 if (allocate_cgrp_cset_links(cgroup_root_count, &tmp_links) < 0) {
1077 atomic_set(&cset->refcount, 1);
1078 INIT_LIST_HEAD(&cset->cgrp_links);
1079 INIT_LIST_HEAD(&cset->tasks);
1080 INIT_LIST_HEAD(&cset->mg_tasks);
1081 INIT_LIST_HEAD(&cset->mg_preload_node);
1082 INIT_LIST_HEAD(&cset->mg_node);
1083 INIT_LIST_HEAD(&cset->task_iters);
1084 INIT_HLIST_NODE(&cset->hlist);
1086 /* Copy the set of subsystem state objects generated in
1087 * find_existing_css_set() */
1088 memcpy(cset->subsys, template, sizeof(cset->subsys));
1090 spin_lock_bh(&css_set_lock);
1091 /* Add reference counts and links from the new css_set. */
1092 list_for_each_entry(link, &old_cset->cgrp_links, cgrp_link) {
1093 struct cgroup *c = link->cgrp;
1095 if (c->root == cgrp->root)
1097 link_css_set(&tmp_links, cset, c);
1100 BUG_ON(!list_empty(&tmp_links));
1104 /* Add @cset to the hash table */
1105 key = css_set_hash(cset->subsys);
1106 hash_add(css_set_table, &cset->hlist, key);
1108 for_each_subsys(ss, ssid) {
1109 struct cgroup_subsys_state *css = cset->subsys[ssid];
1111 list_add_tail(&cset->e_cset_node[ssid],
1112 &css->cgroup->e_csets[ssid]);
1116 spin_unlock_bh(&css_set_lock);
1121 static struct cgroup_root *cgroup_root_from_kf(struct kernfs_root *kf_root)
1123 struct cgroup *root_cgrp = kf_root->kn->priv;
1125 return root_cgrp->root;
1128 static int cgroup_init_root_id(struct cgroup_root *root)
1132 lockdep_assert_held(&cgroup_mutex);
1134 id = idr_alloc_cyclic(&cgroup_hierarchy_idr, root, 0, 0, GFP_KERNEL);
1138 root->hierarchy_id = id;
1142 static void cgroup_exit_root_id(struct cgroup_root *root)
1144 lockdep_assert_held(&cgroup_mutex);
1146 if (root->hierarchy_id) {
1147 idr_remove(&cgroup_hierarchy_idr, root->hierarchy_id);
1148 root->hierarchy_id = 0;
1152 static void cgroup_free_root(struct cgroup_root *root)
1155 /* hierarchy ID should already have been released */
1156 WARN_ON_ONCE(root->hierarchy_id);
1158 idr_destroy(&root->cgroup_idr);
1163 static void cgroup_destroy_root(struct cgroup_root *root)
1165 struct cgroup *cgrp = &root->cgrp;
1166 struct cgrp_cset_link *link, *tmp_link;
1168 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
1170 BUG_ON(atomic_read(&root->nr_cgrps));
1171 BUG_ON(!list_empty(&cgrp->self.children));
1173 /* Rebind all subsystems back to the default hierarchy */
1174 WARN_ON(rebind_subsystems(&cgrp_dfl_root, root->subsys_mask));
1177 * Release all the links from cset_links to this hierarchy's
1180 spin_lock_bh(&css_set_lock);
1182 list_for_each_entry_safe(link, tmp_link, &cgrp->cset_links, cset_link) {
1183 list_del(&link->cset_link);
1184 list_del(&link->cgrp_link);
1188 spin_unlock_bh(&css_set_lock);
1190 if (!list_empty(&root->root_list)) {
1191 list_del(&root->root_list);
1192 cgroup_root_count--;
1195 cgroup_exit_root_id(root);
1197 mutex_unlock(&cgroup_mutex);
1199 kernfs_destroy_root(root->kf_root);
1200 cgroup_free_root(root);
1203 /* look up cgroup associated with given css_set on the specified hierarchy */
1204 static struct cgroup *cset_cgroup_from_root(struct css_set *cset,
1205 struct cgroup_root *root)
1207 struct cgroup *res = NULL;
1209 lockdep_assert_held(&cgroup_mutex);
1210 lockdep_assert_held(&css_set_lock);
1212 if (cset == &init_css_set) {
1215 struct cgrp_cset_link *link;
1217 list_for_each_entry(link, &cset->cgrp_links, cgrp_link) {
1218 struct cgroup *c = link->cgrp;
1220 if (c->root == root) {
1232 * Return the cgroup for "task" from the given hierarchy. Must be
1233 * called with cgroup_mutex and css_set_lock held.
1235 static struct cgroup *task_cgroup_from_root(struct task_struct *task,
1236 struct cgroup_root *root)
1239 * No need to lock the task - since we hold cgroup_mutex the
1240 * task can't change groups, so the only thing that can happen
1241 * is that it exits and its css is set back to init_css_set.
1243 return cset_cgroup_from_root(task_css_set(task), root);
1247 * A task must hold cgroup_mutex to modify cgroups.
1249 * Any task can increment and decrement the count field without lock.
1250 * So in general, code holding cgroup_mutex can't rely on the count
1251 * field not changing. However, if the count goes to zero, then only
1252 * cgroup_attach_task() can increment it again. Because a count of zero
1253 * means that no tasks are currently attached, therefore there is no
1254 * way a task attached to that cgroup can fork (the other way to
1255 * increment the count). So code holding cgroup_mutex can safely
1256 * assume that if the count is zero, it will stay zero. Similarly, if
1257 * a task holds cgroup_mutex on a cgroup with zero count, it
1258 * knows that the cgroup won't be removed, as cgroup_rmdir()
1261 * A cgroup can only be deleted if both its 'count' of using tasks
1262 * is zero, and its list of 'children' cgroups is empty. Since all
1263 * tasks in the system use _some_ cgroup, and since there is always at
1264 * least one task in the system (init, pid == 1), therefore, root cgroup
1265 * always has either children cgroups and/or using tasks. So we don't
1266 * need a special hack to ensure that root cgroup cannot be deleted.
1268 * P.S. One more locking exception. RCU is used to guard the
1269 * update of a tasks cgroup pointer by cgroup_attach_task()
1272 static struct kernfs_syscall_ops cgroup_kf_syscall_ops;
1273 static const struct file_operations proc_cgroupstats_operations;
1275 static char *cgroup_file_name(struct cgroup *cgrp, const struct cftype *cft,
1278 struct cgroup_subsys *ss = cft->ss;
1280 if (cft->ss && !(cft->flags & CFTYPE_NO_PREFIX) &&
1281 !(cgrp->root->flags & CGRP_ROOT_NOPREFIX))
1282 snprintf(buf, CGROUP_FILE_NAME_MAX, "%s.%s",
1283 cgroup_on_dfl(cgrp) ? ss->name : ss->legacy_name,
1286 strncpy(buf, cft->name, CGROUP_FILE_NAME_MAX);
1291 * cgroup_file_mode - deduce file mode of a control file
1292 * @cft: the control file in question
1294 * S_IRUGO for read, S_IWUSR for write.
1296 static umode_t cgroup_file_mode(const struct cftype *cft)
1300 if (cft->read_u64 || cft->read_s64 || cft->seq_show)
1303 if (cft->write_u64 || cft->write_s64 || cft->write) {
1304 if (cft->flags & CFTYPE_WORLD_WRITABLE)
1314 * cgroup_calc_subtree_ss_mask - calculate subtree_ss_mask
1315 * @subtree_control: the new subtree_control mask to consider
1316 * @this_ss_mask: available subsystems
1318 * On the default hierarchy, a subsystem may request other subsystems to be
1319 * enabled together through its ->depends_on mask. In such cases, more
1320 * subsystems than specified in "cgroup.subtree_control" may be enabled.
1322 * This function calculates which subsystems need to be enabled if
1323 * @subtree_control is to be applied while restricted to @this_ss_mask.
1325 static u16 cgroup_calc_subtree_ss_mask(u16 subtree_control, u16 this_ss_mask)
1327 u16 cur_ss_mask = subtree_control;
1328 struct cgroup_subsys *ss;
1331 lockdep_assert_held(&cgroup_mutex);
1333 cur_ss_mask |= cgrp_dfl_implicit_ss_mask;
1336 u16 new_ss_mask = cur_ss_mask;
1338 do_each_subsys_mask(ss, ssid, cur_ss_mask) {
1339 new_ss_mask |= ss->depends_on;
1340 } while_each_subsys_mask();
1343 * Mask out subsystems which aren't available. This can
1344 * happen only if some depended-upon subsystems were bound
1345 * to non-default hierarchies.
1347 new_ss_mask &= this_ss_mask;
1349 if (new_ss_mask == cur_ss_mask)
1351 cur_ss_mask = new_ss_mask;
1358 * cgroup_kn_unlock - unlocking helper for cgroup kernfs methods
1359 * @kn: the kernfs_node being serviced
1361 * This helper undoes cgroup_kn_lock_live() and should be invoked before
1362 * the method finishes if locking succeeded. Note that once this function
1363 * returns the cgroup returned by cgroup_kn_lock_live() may become
1364 * inaccessible any time. If the caller intends to continue to access the
1365 * cgroup, it should pin it before invoking this function.
1367 static void cgroup_kn_unlock(struct kernfs_node *kn)
1369 struct cgroup *cgrp;
1371 if (kernfs_type(kn) == KERNFS_DIR)
1374 cgrp = kn->parent->priv;
1376 mutex_unlock(&cgroup_mutex);
1378 kernfs_unbreak_active_protection(kn);
1383 * cgroup_kn_lock_live - locking helper for cgroup kernfs methods
1384 * @kn: the kernfs_node being serviced
1385 * @drain_offline: perform offline draining on the cgroup
1387 * This helper is to be used by a cgroup kernfs method currently servicing
1388 * @kn. It breaks the active protection, performs cgroup locking and
1389 * verifies that the associated cgroup is alive. Returns the cgroup if
1390 * alive; otherwise, %NULL. A successful return should be undone by a
1391 * matching cgroup_kn_unlock() invocation. If @drain_offline is %true, the
1392 * cgroup is drained of offlining csses before return.
1394 * Any cgroup kernfs method implementation which requires locking the
1395 * associated cgroup should use this helper. It avoids nesting cgroup
1396 * locking under kernfs active protection and allows all kernfs operations
1397 * including self-removal.
1399 static struct cgroup *cgroup_kn_lock_live(struct kernfs_node *kn,
1402 struct cgroup *cgrp;
1404 if (kernfs_type(kn) == KERNFS_DIR)
1407 cgrp = kn->parent->priv;
1410 * We're gonna grab cgroup_mutex which nests outside kernfs
1411 * active_ref. cgroup liveliness check alone provides enough
1412 * protection against removal. Ensure @cgrp stays accessible and
1413 * break the active_ref protection.
1415 if (!cgroup_tryget(cgrp))
1417 kernfs_break_active_protection(kn);
1420 cgroup_lock_and_drain_offline(cgrp);
1422 mutex_lock(&cgroup_mutex);
1424 if (!cgroup_is_dead(cgrp))
1427 cgroup_kn_unlock(kn);
1431 static void cgroup_rm_file(struct cgroup *cgrp, const struct cftype *cft)
1433 char name[CGROUP_FILE_NAME_MAX];
1435 lockdep_assert_held(&cgroup_mutex);
1437 if (cft->file_offset) {
1438 struct cgroup_subsys_state *css = cgroup_css(cgrp, cft->ss);
1439 struct cgroup_file *cfile = (void *)css + cft->file_offset;
1441 spin_lock_irq(&cgroup_file_kn_lock);
1443 spin_unlock_irq(&cgroup_file_kn_lock);
1446 kernfs_remove_by_name(cgrp->kn, cgroup_file_name(cgrp, cft, name));
1450 * css_clear_dir - remove subsys files in a cgroup directory
1453 static void css_clear_dir(struct cgroup_subsys_state *css)
1455 struct cgroup *cgrp = css->cgroup;
1456 struct cftype *cfts;
1458 if (!(css->flags & CSS_VISIBLE))
1461 css->flags &= ~CSS_VISIBLE;
1463 list_for_each_entry(cfts, &css->ss->cfts, node)
1464 cgroup_addrm_files(css, cgrp, cfts, false);
1468 * css_populate_dir - create subsys files in a cgroup directory
1471 * On failure, no file is added.
1473 static int css_populate_dir(struct cgroup_subsys_state *css)
1475 struct cgroup *cgrp = css->cgroup;
1476 struct cftype *cfts, *failed_cfts;
1479 if ((css->flags & CSS_VISIBLE) || !cgrp->kn)
1483 if (cgroup_on_dfl(cgrp))
1484 cfts = cgroup_dfl_base_files;
1486 cfts = cgroup_legacy_base_files;
1488 return cgroup_addrm_files(&cgrp->self, cgrp, cfts, true);
1491 list_for_each_entry(cfts, &css->ss->cfts, node) {
1492 ret = cgroup_addrm_files(css, cgrp, cfts, true);
1499 css->flags |= CSS_VISIBLE;
1503 list_for_each_entry(cfts, &css->ss->cfts, node) {
1504 if (cfts == failed_cfts)
1506 cgroup_addrm_files(css, cgrp, cfts, false);
1511 static int rebind_subsystems(struct cgroup_root *dst_root, u16 ss_mask)
1513 struct cgroup *dcgrp = &dst_root->cgrp;
1514 struct cgroup_subsys *ss;
1517 lockdep_assert_held(&cgroup_mutex);
1519 do_each_subsys_mask(ss, ssid, ss_mask) {
1521 * If @ss has non-root csses attached to it, can't move.
1522 * If @ss is an implicit controller, it is exempt from this
1523 * rule and can be stolen.
1525 if (css_next_child(NULL, cgroup_css(&ss->root->cgrp, ss)) &&
1526 !ss->implicit_on_dfl)
1529 /* can't move between two non-dummy roots either */
1530 if (ss->root != &cgrp_dfl_root && dst_root != &cgrp_dfl_root)
1532 } while_each_subsys_mask();
1534 do_each_subsys_mask(ss, ssid, ss_mask) {
1535 struct cgroup_root *src_root = ss->root;
1536 struct cgroup *scgrp = &src_root->cgrp;
1537 struct cgroup_subsys_state *css = cgroup_css(scgrp, ss);
1538 struct css_set *cset;
1540 WARN_ON(!css || cgroup_css(dcgrp, ss));
1542 /* disable from the source */
1543 src_root->subsys_mask &= ~(1 << ssid);
1544 WARN_ON(cgroup_apply_control(scgrp));
1545 cgroup_finalize_control(scgrp, 0);
1548 RCU_INIT_POINTER(scgrp->subsys[ssid], NULL);
1549 rcu_assign_pointer(dcgrp->subsys[ssid], css);
1550 ss->root = dst_root;
1551 css->cgroup = dcgrp;
1553 spin_lock_bh(&css_set_lock);
1554 hash_for_each(css_set_table, i, cset, hlist)
1555 list_move_tail(&cset->e_cset_node[ss->id],
1556 &dcgrp->e_csets[ss->id]);
1557 spin_unlock_bh(&css_set_lock);
1559 /* default hierarchy doesn't enable controllers by default */
1560 dst_root->subsys_mask |= 1 << ssid;
1561 if (dst_root == &cgrp_dfl_root) {
1562 static_branch_enable(cgroup_subsys_on_dfl_key[ssid]);
1564 dcgrp->subtree_control |= 1 << ssid;
1565 static_branch_disable(cgroup_subsys_on_dfl_key[ssid]);
1568 ret = cgroup_apply_control(dcgrp);
1570 pr_warn("partial failure to rebind %s controller (err=%d)\n",
1575 } while_each_subsys_mask();
1577 kernfs_activate(dcgrp->kn);
1581 static int cgroup_show_options(struct seq_file *seq,
1582 struct kernfs_root *kf_root)
1584 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
1585 struct cgroup_subsys *ss;
1588 if (root != &cgrp_dfl_root)
1589 for_each_subsys(ss, ssid)
1590 if (root->subsys_mask & (1 << ssid))
1591 seq_show_option(seq, ss->legacy_name, NULL);
1592 if (root->flags & CGRP_ROOT_NOPREFIX)
1593 seq_puts(seq, ",noprefix");
1594 if (root->flags & CGRP_ROOT_XATTR)
1595 seq_puts(seq, ",xattr");
1597 spin_lock(&release_agent_path_lock);
1598 if (strlen(root->release_agent_path))
1599 seq_show_option(seq, "release_agent",
1600 root->release_agent_path);
1601 spin_unlock(&release_agent_path_lock);
1603 if (test_bit(CGRP_CPUSET_CLONE_CHILDREN, &root->cgrp.flags))
1604 seq_puts(seq, ",clone_children");
1605 if (strlen(root->name))
1606 seq_show_option(seq, "name", root->name);
1610 struct cgroup_sb_opts {
1613 char *release_agent;
1614 bool cpuset_clone_children;
1616 /* User explicitly requested empty subsystem */
1620 static int parse_cgroupfs_options(char *data, struct cgroup_sb_opts *opts)
1622 char *token, *o = data;
1623 bool all_ss = false, one_ss = false;
1625 struct cgroup_subsys *ss;
1629 #ifdef CONFIG_CPUSETS
1630 mask = ~((u16)1 << cpuset_cgrp_id);
1633 memset(opts, 0, sizeof(*opts));
1635 while ((token = strsep(&o, ",")) != NULL) {
1640 if (!strcmp(token, "none")) {
1641 /* Explicitly have no subsystems */
1645 if (!strcmp(token, "all")) {
1646 /* Mutually exclusive option 'all' + subsystem name */
1652 if (!strcmp(token, "noprefix")) {
1653 opts->flags |= CGRP_ROOT_NOPREFIX;
1656 if (!strcmp(token, "clone_children")) {
1657 opts->cpuset_clone_children = true;
1660 if (!strcmp(token, "xattr")) {
1661 opts->flags |= CGRP_ROOT_XATTR;
1664 if (!strncmp(token, "release_agent=", 14)) {
1665 /* Specifying two release agents is forbidden */
1666 if (opts->release_agent)
1668 opts->release_agent =
1669 kstrndup(token + 14, PATH_MAX - 1, GFP_KERNEL);
1670 if (!opts->release_agent)
1674 if (!strncmp(token, "name=", 5)) {
1675 const char *name = token + 5;
1676 /* Can't specify an empty name */
1679 /* Must match [\w.-]+ */
1680 for (i = 0; i < strlen(name); i++) {
1684 if ((c == '.') || (c == '-') || (c == '_'))
1688 /* Specifying two names is forbidden */
1691 opts->name = kstrndup(name,
1692 MAX_CGROUP_ROOT_NAMELEN - 1,
1700 for_each_subsys(ss, i) {
1701 if (strcmp(token, ss->legacy_name))
1703 if (!cgroup_ssid_enabled(i))
1705 if (cgroup_ssid_no_v1(i))
1708 /* Mutually exclusive option 'all' + subsystem name */
1711 opts->subsys_mask |= (1 << i);
1716 if (i == CGROUP_SUBSYS_COUNT)
1721 * If the 'all' option was specified select all the subsystems,
1722 * otherwise if 'none', 'name=' and a subsystem name options were
1723 * not specified, let's default to 'all'
1725 if (all_ss || (!one_ss && !opts->none && !opts->name))
1726 for_each_subsys(ss, i)
1727 if (cgroup_ssid_enabled(i) && !cgroup_ssid_no_v1(i))
1728 opts->subsys_mask |= (1 << i);
1731 * We either have to specify by name or by subsystems. (So all
1732 * empty hierarchies must have a name).
1734 if (!opts->subsys_mask && !opts->name)
1738 * Option noprefix was introduced just for backward compatibility
1739 * with the old cpuset, so we allow noprefix only if mounting just
1740 * the cpuset subsystem.
1742 if ((opts->flags & CGRP_ROOT_NOPREFIX) && (opts->subsys_mask & mask))
1745 /* Can't specify "none" and some subsystems */
1746 if (opts->subsys_mask && opts->none)
1752 static int cgroup_remount(struct kernfs_root *kf_root, int *flags, char *data)
1755 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
1756 struct cgroup_sb_opts opts;
1757 u16 added_mask, removed_mask;
1759 if (root == &cgrp_dfl_root) {
1760 pr_err("remount is not allowed\n");
1764 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
1766 /* See what subsystems are wanted */
1767 ret = parse_cgroupfs_options(data, &opts);
1771 if (opts.subsys_mask != root->subsys_mask || opts.release_agent)
1772 pr_warn("option changes via remount are deprecated (pid=%d comm=%s)\n",
1773 task_tgid_nr(current), current->comm);
1775 added_mask = opts.subsys_mask & ~root->subsys_mask;
1776 removed_mask = root->subsys_mask & ~opts.subsys_mask;
1778 /* Don't allow flags or name to change at remount */
1779 if ((opts.flags ^ root->flags) ||
1780 (opts.name && strcmp(opts.name, root->name))) {
1781 pr_err("option or name mismatch, new: 0x%x \"%s\", old: 0x%x \"%s\"\n",
1782 opts.flags, opts.name ?: "", root->flags, root->name);
1787 /* remounting is not allowed for populated hierarchies */
1788 if (!list_empty(&root->cgrp.self.children)) {
1793 ret = rebind_subsystems(root, added_mask);
1797 WARN_ON(rebind_subsystems(&cgrp_dfl_root, removed_mask));
1799 if (opts.release_agent) {
1800 spin_lock(&release_agent_path_lock);
1801 strcpy(root->release_agent_path, opts.release_agent);
1802 spin_unlock(&release_agent_path_lock);
1805 kfree(opts.release_agent);
1807 mutex_unlock(&cgroup_mutex);
1812 * To reduce the fork() overhead for systems that are not actually using
1813 * their cgroups capability, we don't maintain the lists running through
1814 * each css_set to its tasks until we see the list actually used - in other
1815 * words after the first mount.
1817 static bool use_task_css_set_links __read_mostly;
1819 static void cgroup_enable_task_cg_lists(void)
1821 struct task_struct *p, *g;
1823 spin_lock_bh(&css_set_lock);
1825 if (use_task_css_set_links)
1828 use_task_css_set_links = true;
1831 * We need tasklist_lock because RCU is not safe against
1832 * while_each_thread(). Besides, a forking task that has passed
1833 * cgroup_post_fork() without seeing use_task_css_set_links = 1
1834 * is not guaranteed to have its child immediately visible in the
1835 * tasklist if we walk through it with RCU.
1837 read_lock(&tasklist_lock);
1838 do_each_thread(g, p) {
1839 WARN_ON_ONCE(!list_empty(&p->cg_list) ||
1840 task_css_set(p) != &init_css_set);
1843 * We should check if the process is exiting, otherwise
1844 * it will race with cgroup_exit() in that the list
1845 * entry won't be deleted though the process has exited.
1846 * Do it while holding siglock so that we don't end up
1847 * racing against cgroup_exit().
1849 spin_lock_irq(&p->sighand->siglock);
1850 if (!(p->flags & PF_EXITING)) {
1851 struct css_set *cset = task_css_set(p);
1853 if (!css_set_populated(cset))
1854 css_set_update_populated(cset, true);
1855 list_add_tail(&p->cg_list, &cset->tasks);
1858 spin_unlock_irq(&p->sighand->siglock);
1859 } while_each_thread(g, p);
1860 read_unlock(&tasklist_lock);
1862 spin_unlock_bh(&css_set_lock);
1865 static void init_cgroup_housekeeping(struct cgroup *cgrp)
1867 struct cgroup_subsys *ss;
1870 INIT_LIST_HEAD(&cgrp->self.sibling);
1871 INIT_LIST_HEAD(&cgrp->self.children);
1872 INIT_LIST_HEAD(&cgrp->cset_links);
1873 INIT_LIST_HEAD(&cgrp->pidlists);
1874 mutex_init(&cgrp->pidlist_mutex);
1875 cgrp->self.cgroup = cgrp;
1876 cgrp->self.flags |= CSS_ONLINE;
1878 for_each_subsys(ss, ssid)
1879 INIT_LIST_HEAD(&cgrp->e_csets[ssid]);
1881 init_waitqueue_head(&cgrp->offline_waitq);
1882 INIT_WORK(&cgrp->release_agent_work, cgroup_release_agent);
1885 static void init_cgroup_root(struct cgroup_root *root,
1886 struct cgroup_sb_opts *opts)
1888 struct cgroup *cgrp = &root->cgrp;
1890 INIT_LIST_HEAD(&root->root_list);
1891 atomic_set(&root->nr_cgrps, 1);
1893 init_cgroup_housekeeping(cgrp);
1894 idr_init(&root->cgroup_idr);
1896 root->flags = opts->flags;
1897 if (opts->release_agent)
1898 strcpy(root->release_agent_path, opts->release_agent);
1900 strcpy(root->name, opts->name);
1901 if (opts->cpuset_clone_children)
1902 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &root->cgrp.flags);
1905 static int cgroup_setup_root(struct cgroup_root *root, u16 ss_mask)
1907 LIST_HEAD(tmp_links);
1908 struct cgroup *root_cgrp = &root->cgrp;
1909 struct css_set *cset;
1912 lockdep_assert_held(&cgroup_mutex);
1914 ret = cgroup_idr_alloc(&root->cgroup_idr, root_cgrp, 1, 2, GFP_KERNEL);
1917 root_cgrp->id = ret;
1918 root_cgrp->ancestor_ids[0] = ret;
1920 ret = percpu_ref_init(&root_cgrp->self.refcnt, css_release, 0,
1926 * We're accessing css_set_count without locking css_set_lock here,
1927 * but that's OK - it can only be increased by someone holding
1928 * cgroup_lock, and that's us. Later rebinding may disable
1929 * controllers on the default hierarchy and thus create new csets,
1930 * which can't be more than the existing ones. Allocate 2x.
1932 ret = allocate_cgrp_cset_links(2 * css_set_count, &tmp_links);
1936 ret = cgroup_init_root_id(root);
1940 root->kf_root = kernfs_create_root(&cgroup_kf_syscall_ops,
1941 KERNFS_ROOT_CREATE_DEACTIVATED,
1943 if (IS_ERR(root->kf_root)) {
1944 ret = PTR_ERR(root->kf_root);
1947 root_cgrp->kn = root->kf_root->kn;
1949 ret = css_populate_dir(&root_cgrp->self);
1953 ret = rebind_subsystems(root, ss_mask);
1958 * There must be no failure case after here, since rebinding takes
1959 * care of subsystems' refcounts, which are explicitly dropped in
1960 * the failure exit path.
1962 list_add(&root->root_list, &cgroup_roots);
1963 cgroup_root_count++;
1966 * Link the root cgroup in this hierarchy into all the css_set
1969 spin_lock_bh(&css_set_lock);
1970 hash_for_each(css_set_table, i, cset, hlist) {
1971 link_css_set(&tmp_links, cset, root_cgrp);
1972 if (css_set_populated(cset))
1973 cgroup_update_populated(root_cgrp, true);
1975 spin_unlock_bh(&css_set_lock);
1977 BUG_ON(!list_empty(&root_cgrp->self.children));
1978 BUG_ON(atomic_read(&root->nr_cgrps) != 1);
1980 kernfs_activate(root_cgrp->kn);
1985 kernfs_destroy_root(root->kf_root);
1986 root->kf_root = NULL;
1988 cgroup_exit_root_id(root);
1990 percpu_ref_exit(&root_cgrp->self.refcnt);
1992 free_cgrp_cset_links(&tmp_links);
1996 static struct dentry *cgroup_mount(struct file_system_type *fs_type,
1997 int flags, const char *unused_dev_name,
2000 bool is_v2 = fs_type == &cgroup2_fs_type;
2001 struct super_block *pinned_sb = NULL;
2002 struct cgroup_subsys *ss;
2003 struct cgroup_root *root;
2004 struct cgroup_sb_opts opts;
2005 struct dentry *dentry;
2011 * The first time anyone tries to mount a cgroup, enable the list
2012 * linking each css_set to its tasks and fix up all existing tasks.
2014 if (!use_task_css_set_links)
2015 cgroup_enable_task_cg_lists();
2019 pr_err("cgroup2: unknown option \"%s\"\n", (char *)data);
2020 return ERR_PTR(-EINVAL);
2022 cgrp_dfl_visible = true;
2023 root = &cgrp_dfl_root;
2024 cgroup_get(&root->cgrp);
2028 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
2030 /* First find the desired set of subsystems */
2031 ret = parse_cgroupfs_options(data, &opts);
2036 * Destruction of cgroup root is asynchronous, so subsystems may
2037 * still be dying after the previous unmount. Let's drain the
2038 * dying subsystems. We just need to ensure that the ones
2039 * unmounted previously finish dying and don't care about new ones
2040 * starting. Testing ref liveliness is good enough.
2042 for_each_subsys(ss, i) {
2043 if (!(opts.subsys_mask & (1 << i)) ||
2044 ss->root == &cgrp_dfl_root)
2047 if (!percpu_ref_tryget_live(&ss->root->cgrp.self.refcnt)) {
2048 mutex_unlock(&cgroup_mutex);
2050 ret = restart_syscall();
2053 cgroup_put(&ss->root->cgrp);
2056 for_each_root(root) {
2057 bool name_match = false;
2059 if (root == &cgrp_dfl_root)
2063 * If we asked for a name then it must match. Also, if
2064 * name matches but sybsys_mask doesn't, we should fail.
2065 * Remember whether name matched.
2068 if (strcmp(opts.name, root->name))
2074 * If we asked for subsystems (or explicitly for no
2075 * subsystems) then they must match.
2077 if ((opts.subsys_mask || opts.none) &&
2078 (opts.subsys_mask != root->subsys_mask)) {
2085 if (root->flags ^ opts.flags)
2086 pr_warn("new mount options do not match the existing superblock, will be ignored\n");
2089 * We want to reuse @root whose lifetime is governed by its
2090 * ->cgrp. Let's check whether @root is alive and keep it
2091 * that way. As cgroup_kill_sb() can happen anytime, we
2092 * want to block it by pinning the sb so that @root doesn't
2093 * get killed before mount is complete.
2095 * With the sb pinned, tryget_live can reliably indicate
2096 * whether @root can be reused. If it's being killed,
2097 * drain it. We can use wait_queue for the wait but this
2098 * path is super cold. Let's just sleep a bit and retry.
2100 pinned_sb = kernfs_pin_sb(root->kf_root, NULL);
2101 if (IS_ERR(pinned_sb) ||
2102 !percpu_ref_tryget_live(&root->cgrp.self.refcnt)) {
2103 mutex_unlock(&cgroup_mutex);
2104 if (!IS_ERR_OR_NULL(pinned_sb))
2105 deactivate_super(pinned_sb);
2107 ret = restart_syscall();
2116 * No such thing, create a new one. name= matching without subsys
2117 * specification is allowed for already existing hierarchies but we
2118 * can't create new one without subsys specification.
2120 if (!opts.subsys_mask && !opts.none) {
2125 root = kzalloc(sizeof(*root), GFP_KERNEL);
2131 init_cgroup_root(root, &opts);
2133 ret = cgroup_setup_root(root, opts.subsys_mask);
2135 cgroup_free_root(root);
2138 mutex_unlock(&cgroup_mutex);
2140 kfree(opts.release_agent);
2144 return ERR_PTR(ret);
2146 dentry = kernfs_mount(fs_type, flags, root->kf_root,
2147 is_v2 ? CGROUP2_SUPER_MAGIC : CGROUP_SUPER_MAGIC,
2149 if (IS_ERR(dentry) || !new_sb)
2150 cgroup_put(&root->cgrp);
2153 * If @pinned_sb, we're reusing an existing root and holding an
2154 * extra ref on its sb. Mount is complete. Put the extra ref.
2158 deactivate_super(pinned_sb);
2164 static void cgroup_kill_sb(struct super_block *sb)
2166 struct kernfs_root *kf_root = kernfs_root_from_sb(sb);
2167 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
2170 * If @root doesn't have any mounts or children, start killing it.
2171 * This prevents new mounts by disabling percpu_ref_tryget_live().
2172 * cgroup_mount() may wait for @root's release.
2174 * And don't kill the default root.
2176 if (!list_empty(&root->cgrp.self.children) ||
2177 root == &cgrp_dfl_root)
2178 cgroup_put(&root->cgrp);
2180 percpu_ref_kill(&root->cgrp.self.refcnt);
2185 static struct file_system_type cgroup_fs_type = {
2187 .mount = cgroup_mount,
2188 .kill_sb = cgroup_kill_sb,
2191 static struct file_system_type cgroup2_fs_type = {
2193 .mount = cgroup_mount,
2194 .kill_sb = cgroup_kill_sb,
2198 * task_cgroup_path - cgroup path of a task in the first cgroup hierarchy
2199 * @task: target task
2200 * @buf: the buffer to write the path into
2201 * @buflen: the length of the buffer
2203 * Determine @task's cgroup on the first (the one with the lowest non-zero
2204 * hierarchy_id) cgroup hierarchy and copy its path into @buf. This
2205 * function grabs cgroup_mutex and shouldn't be used inside locks used by
2206 * cgroup controller callbacks.
2208 * Return value is the same as kernfs_path().
2210 char *task_cgroup_path(struct task_struct *task, char *buf, size_t buflen)
2212 struct cgroup_root *root;
2213 struct cgroup *cgrp;
2214 int hierarchy_id = 1;
2217 mutex_lock(&cgroup_mutex);
2218 spin_lock_bh(&css_set_lock);
2220 root = idr_get_next(&cgroup_hierarchy_idr, &hierarchy_id);
2223 cgrp = task_cgroup_from_root(task, root);
2224 path = cgroup_path(cgrp, buf, buflen);
2226 /* if no hierarchy exists, everyone is in "/" */
2227 if (strlcpy(buf, "/", buflen) < buflen)
2231 spin_unlock_bh(&css_set_lock);
2232 mutex_unlock(&cgroup_mutex);
2235 EXPORT_SYMBOL_GPL(task_cgroup_path);
2237 /* used to track tasks and other necessary states during migration */
2238 struct cgroup_taskset {
2239 /* the src and dst cset list running through cset->mg_node */
2240 struct list_head src_csets;
2241 struct list_head dst_csets;
2243 /* the subsys currently being processed */
2247 * Fields for cgroup_taskset_*() iteration.
2249 * Before migration is committed, the target migration tasks are on
2250 * ->mg_tasks of the csets on ->src_csets. After, on ->mg_tasks of
2251 * the csets on ->dst_csets. ->csets point to either ->src_csets
2252 * or ->dst_csets depending on whether migration is committed.
2254 * ->cur_csets and ->cur_task point to the current task position
2257 struct list_head *csets;
2258 struct css_set *cur_cset;
2259 struct task_struct *cur_task;
2262 #define CGROUP_TASKSET_INIT(tset) (struct cgroup_taskset){ \
2263 .src_csets = LIST_HEAD_INIT(tset.src_csets), \
2264 .dst_csets = LIST_HEAD_INIT(tset.dst_csets), \
2265 .csets = &tset.src_csets, \
2269 * cgroup_taskset_add - try to add a migration target task to a taskset
2270 * @task: target task
2271 * @tset: target taskset
2273 * Add @task, which is a migration target, to @tset. This function becomes
2274 * noop if @task doesn't need to be migrated. @task's css_set should have
2275 * been added as a migration source and @task->cg_list will be moved from
2276 * the css_set's tasks list to mg_tasks one.
2278 static void cgroup_taskset_add(struct task_struct *task,
2279 struct cgroup_taskset *tset)
2281 struct css_set *cset;
2283 lockdep_assert_held(&css_set_lock);
2285 /* @task either already exited or can't exit until the end */
2286 if (task->flags & PF_EXITING)
2289 /* leave @task alone if post_fork() hasn't linked it yet */
2290 if (list_empty(&task->cg_list))
2293 cset = task_css_set(task);
2294 if (!cset->mg_src_cgrp)
2297 list_move_tail(&task->cg_list, &cset->mg_tasks);
2298 if (list_empty(&cset->mg_node))
2299 list_add_tail(&cset->mg_node, &tset->src_csets);
2300 if (list_empty(&cset->mg_dst_cset->mg_node))
2301 list_move_tail(&cset->mg_dst_cset->mg_node,
2306 * cgroup_taskset_first - reset taskset and return the first task
2307 * @tset: taskset of interest
2308 * @dst_cssp: output variable for the destination css
2310 * @tset iteration is initialized and the first task is returned.
2312 struct task_struct *cgroup_taskset_first(struct cgroup_taskset *tset,
2313 struct cgroup_subsys_state **dst_cssp)
2315 tset->cur_cset = list_first_entry(tset->csets, struct css_set, mg_node);
2316 tset->cur_task = NULL;
2318 return cgroup_taskset_next(tset, dst_cssp);
2322 * cgroup_taskset_next - iterate to the next task in taskset
2323 * @tset: taskset of interest
2324 * @dst_cssp: output variable for the destination css
2326 * Return the next task in @tset. Iteration must have been initialized
2327 * with cgroup_taskset_first().
2329 struct task_struct *cgroup_taskset_next(struct cgroup_taskset *tset,
2330 struct cgroup_subsys_state **dst_cssp)
2332 struct css_set *cset = tset->cur_cset;
2333 struct task_struct *task = tset->cur_task;
2335 while (&cset->mg_node != tset->csets) {
2337 task = list_first_entry(&cset->mg_tasks,
2338 struct task_struct, cg_list);
2340 task = list_next_entry(task, cg_list);
2342 if (&task->cg_list != &cset->mg_tasks) {
2343 tset->cur_cset = cset;
2344 tset->cur_task = task;
2347 * This function may be called both before and
2348 * after cgroup_taskset_migrate(). The two cases
2349 * can be distinguished by looking at whether @cset
2350 * has its ->mg_dst_cset set.
2352 if (cset->mg_dst_cset)
2353 *dst_cssp = cset->mg_dst_cset->subsys[tset->ssid];
2355 *dst_cssp = cset->subsys[tset->ssid];
2360 cset = list_next_entry(cset, mg_node);
2368 * cgroup_taskset_migrate - migrate a taskset
2369 * @tset: taget taskset
2370 * @root: cgroup root the migration is taking place on
2372 * Migrate tasks in @tset as setup by migration preparation functions.
2373 * This function fails iff one of the ->can_attach callbacks fails and
2374 * guarantees that either all or none of the tasks in @tset are migrated.
2375 * @tset is consumed regardless of success.
2377 static int cgroup_taskset_migrate(struct cgroup_taskset *tset,
2378 struct cgroup_root *root)
2380 struct cgroup_subsys *ss;
2381 struct task_struct *task, *tmp_task;
2382 struct css_set *cset, *tmp_cset;
2383 int ssid, failed_ssid, ret;
2385 /* methods shouldn't be called if no task is actually migrating */
2386 if (list_empty(&tset->src_csets))
2389 /* check that we can legitimately attach to the cgroup */
2390 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2391 if (ss->can_attach) {
2393 ret = ss->can_attach(tset);
2396 goto out_cancel_attach;
2399 } while_each_subsys_mask();
2402 * Now that we're guaranteed success, proceed to move all tasks to
2403 * the new cgroup. There are no failure cases after here, so this
2404 * is the commit point.
2406 spin_lock_bh(&css_set_lock);
2407 list_for_each_entry(cset, &tset->src_csets, mg_node) {
2408 list_for_each_entry_safe(task, tmp_task, &cset->mg_tasks, cg_list) {
2409 struct css_set *from_cset = task_css_set(task);
2410 struct css_set *to_cset = cset->mg_dst_cset;
2412 get_css_set(to_cset);
2413 css_set_move_task(task, from_cset, to_cset, true);
2414 put_css_set_locked(from_cset);
2417 spin_unlock_bh(&css_set_lock);
2420 * Migration is committed, all target tasks are now on dst_csets.
2421 * Nothing is sensitive to fork() after this point. Notify
2422 * controllers that migration is complete.
2424 tset->csets = &tset->dst_csets;
2426 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2431 } while_each_subsys_mask();
2434 goto out_release_tset;
2437 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2438 if (ssid == failed_ssid)
2440 if (ss->cancel_attach) {
2442 ss->cancel_attach(tset);
2444 } while_each_subsys_mask();
2446 spin_lock_bh(&css_set_lock);
2447 list_splice_init(&tset->dst_csets, &tset->src_csets);
2448 list_for_each_entry_safe(cset, tmp_cset, &tset->src_csets, mg_node) {
2449 list_splice_tail_init(&cset->mg_tasks, &cset->tasks);
2450 list_del_init(&cset->mg_node);
2452 spin_unlock_bh(&css_set_lock);
2457 * cgroup_may_migrate_to - verify whether a cgroup can be migration destination
2458 * @dst_cgrp: destination cgroup to test
2460 * On the default hierarchy, except for the root, subtree_control must be
2461 * zero for migration destination cgroups with tasks so that child cgroups
2462 * don't compete against tasks.
2464 static bool cgroup_may_migrate_to(struct cgroup *dst_cgrp)
2466 return !cgroup_on_dfl(dst_cgrp) || !cgroup_parent(dst_cgrp) ||
2467 !dst_cgrp->subtree_control;
2471 * cgroup_migrate_finish - cleanup after attach
2472 * @preloaded_csets: list of preloaded css_sets
2474 * Undo cgroup_migrate_add_src() and cgroup_migrate_prepare_dst(). See
2475 * those functions for details.
2477 static void cgroup_migrate_finish(struct list_head *preloaded_csets)
2479 struct css_set *cset, *tmp_cset;
2481 lockdep_assert_held(&cgroup_mutex);
2483 spin_lock_bh(&css_set_lock);
2484 list_for_each_entry_safe(cset, tmp_cset, preloaded_csets, mg_preload_node) {
2485 cset->mg_src_cgrp = NULL;
2486 cset->mg_dst_cgrp = NULL;
2487 cset->mg_dst_cset = NULL;
2488 list_del_init(&cset->mg_preload_node);
2489 put_css_set_locked(cset);
2491 spin_unlock_bh(&css_set_lock);
2495 * cgroup_migrate_add_src - add a migration source css_set
2496 * @src_cset: the source css_set to add
2497 * @dst_cgrp: the destination cgroup
2498 * @preloaded_csets: list of preloaded css_sets
2500 * Tasks belonging to @src_cset are about to be migrated to @dst_cgrp. Pin
2501 * @src_cset and add it to @preloaded_csets, which should later be cleaned
2502 * up by cgroup_migrate_finish().
2504 * This function may be called without holding cgroup_threadgroup_rwsem
2505 * even if the target is a process. Threads may be created and destroyed
2506 * but as long as cgroup_mutex is not dropped, no new css_set can be put
2507 * into play and the preloaded css_sets are guaranteed to cover all
2510 static void cgroup_migrate_add_src(struct css_set *src_cset,
2511 struct cgroup *dst_cgrp,
2512 struct list_head *preloaded_csets)
2514 struct cgroup *src_cgrp;
2516 lockdep_assert_held(&cgroup_mutex);
2517 lockdep_assert_held(&css_set_lock);
2520 * If ->dead, @src_set is associated with one or more dead cgroups
2521 * and doesn't contain any migratable tasks. Ignore it early so
2522 * that the rest of migration path doesn't get confused by it.
2527 src_cgrp = cset_cgroup_from_root(src_cset, dst_cgrp->root);
2529 if (!list_empty(&src_cset->mg_preload_node))
2532 WARN_ON(src_cset->mg_src_cgrp);
2533 WARN_ON(src_cset->mg_dst_cgrp);
2534 WARN_ON(!list_empty(&src_cset->mg_tasks));
2535 WARN_ON(!list_empty(&src_cset->mg_node));
2537 src_cset->mg_src_cgrp = src_cgrp;
2538 src_cset->mg_dst_cgrp = dst_cgrp;
2539 get_css_set(src_cset);
2540 list_add(&src_cset->mg_preload_node, preloaded_csets);
2544 * cgroup_migrate_prepare_dst - prepare destination css_sets for migration
2545 * @preloaded_csets: list of preloaded source css_sets
2547 * Tasks are about to be moved and all the source css_sets have been
2548 * preloaded to @preloaded_csets. This function looks up and pins all
2549 * destination css_sets, links each to its source, and append them to
2552 * This function must be called after cgroup_migrate_add_src() has been
2553 * called on each migration source css_set. After migration is performed
2554 * using cgroup_migrate(), cgroup_migrate_finish() must be called on
2557 static int cgroup_migrate_prepare_dst(struct list_head *preloaded_csets)
2560 struct css_set *src_cset, *tmp_cset;
2562 lockdep_assert_held(&cgroup_mutex);
2564 /* look up the dst cset for each src cset and link it to src */
2565 list_for_each_entry_safe(src_cset, tmp_cset, preloaded_csets, mg_preload_node) {
2566 struct css_set *dst_cset;
2568 dst_cset = find_css_set(src_cset, src_cset->mg_dst_cgrp);
2572 WARN_ON_ONCE(src_cset->mg_dst_cset || dst_cset->mg_dst_cset);
2575 * If src cset equals dst, it's noop. Drop the src.
2576 * cgroup_migrate() will skip the cset too. Note that we
2577 * can't handle src == dst as some nodes are used by both.
2579 if (src_cset == dst_cset) {
2580 src_cset->mg_src_cgrp = NULL;
2581 src_cset->mg_dst_cgrp = NULL;
2582 list_del_init(&src_cset->mg_preload_node);
2583 put_css_set(src_cset);
2584 put_css_set(dst_cset);
2588 src_cset->mg_dst_cset = dst_cset;
2590 if (list_empty(&dst_cset->mg_preload_node))
2591 list_add(&dst_cset->mg_preload_node, &csets);
2593 put_css_set(dst_cset);
2596 list_splice_tail(&csets, preloaded_csets);
2599 cgroup_migrate_finish(&csets);
2604 * cgroup_migrate - migrate a process or task to a cgroup
2605 * @leader: the leader of the process or the task to migrate
2606 * @threadgroup: whether @leader points to the whole process or a single task
2607 * @root: cgroup root migration is taking place on
2609 * Migrate a process or task denoted by @leader. If migrating a process,
2610 * the caller must be holding cgroup_threadgroup_rwsem. The caller is also
2611 * responsible for invoking cgroup_migrate_add_src() and
2612 * cgroup_migrate_prepare_dst() on the targets before invoking this
2613 * function and following up with cgroup_migrate_finish().
2615 * As long as a controller's ->can_attach() doesn't fail, this function is
2616 * guaranteed to succeed. This means that, excluding ->can_attach()
2617 * failure, when migrating multiple targets, the success or failure can be
2618 * decided for all targets by invoking group_migrate_prepare_dst() before
2619 * actually starting migrating.
2621 static int cgroup_migrate(struct task_struct *leader, bool threadgroup,
2622 struct cgroup_root *root)
2624 struct cgroup_taskset tset = CGROUP_TASKSET_INIT(tset);
2625 struct task_struct *task;
2628 * Prevent freeing of tasks while we take a snapshot. Tasks that are
2629 * already PF_EXITING could be freed from underneath us unless we
2630 * take an rcu_read_lock.
2632 spin_lock_bh(&css_set_lock);
2636 cgroup_taskset_add(task, &tset);
2639 } while_each_thread(leader, task);
2641 spin_unlock_bh(&css_set_lock);
2643 return cgroup_taskset_migrate(&tset, root);
2647 * cgroup_attach_task - attach a task or a whole threadgroup to a cgroup
2648 * @dst_cgrp: the cgroup to attach to
2649 * @leader: the task or the leader of the threadgroup to be attached
2650 * @threadgroup: attach the whole threadgroup?
2652 * Call holding cgroup_mutex and cgroup_threadgroup_rwsem.
2654 static int cgroup_attach_task(struct cgroup *dst_cgrp,
2655 struct task_struct *leader, bool threadgroup)
2657 LIST_HEAD(preloaded_csets);
2658 struct task_struct *task;
2661 if (!cgroup_may_migrate_to(dst_cgrp))
2664 /* look up all src csets */
2665 spin_lock_bh(&css_set_lock);
2669 cgroup_migrate_add_src(task_css_set(task), dst_cgrp,
2673 } while_each_thread(leader, task);
2675 spin_unlock_bh(&css_set_lock);
2677 /* prepare dst csets and commit */
2678 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
2680 ret = cgroup_migrate(leader, threadgroup, dst_cgrp->root);
2682 cgroup_migrate_finish(&preloaded_csets);
2686 static int cgroup_procs_write_permission(struct task_struct *task,
2687 struct cgroup *dst_cgrp,
2688 struct kernfs_open_file *of)
2690 const struct cred *cred = current_cred();
2691 const struct cred *tcred = get_task_cred(task);
2695 * even if we're attaching all tasks in the thread group, we only
2696 * need to check permissions on one of them.
2698 if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
2699 !uid_eq(cred->euid, tcred->uid) &&
2700 !uid_eq(cred->euid, tcred->suid))
2703 if (!ret && cgroup_on_dfl(dst_cgrp)) {
2704 struct super_block *sb = of->file->f_path.dentry->d_sb;
2705 struct cgroup *cgrp;
2706 struct inode *inode;
2708 spin_lock_bh(&css_set_lock);
2709 cgrp = task_cgroup_from_root(task, &cgrp_dfl_root);
2710 spin_unlock_bh(&css_set_lock);
2712 while (!cgroup_is_descendant(dst_cgrp, cgrp))
2713 cgrp = cgroup_parent(cgrp);
2716 inode = kernfs_get_inode(sb, cgrp->procs_file.kn);
2718 ret = inode_permission(inode, MAY_WRITE);
2728 * Find the task_struct of the task to attach by vpid and pass it along to the
2729 * function to attach either it or all tasks in its threadgroup. Will lock
2730 * cgroup_mutex and threadgroup.
2732 static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
2733 size_t nbytes, loff_t off, bool threadgroup)
2735 struct task_struct *tsk;
2736 struct cgroup *cgrp;
2740 if (kstrtoint(strstrip(buf), 0, &pid) || pid < 0)
2743 cgrp = cgroup_kn_lock_live(of->kn, false);
2747 percpu_down_write(&cgroup_threadgroup_rwsem);
2750 tsk = find_task_by_vpid(pid);
2753 goto out_unlock_rcu;
2760 tsk = tsk->group_leader;
2763 * Workqueue threads may acquire PF_NO_SETAFFINITY and become
2764 * trapped in a cpuset, or RT worker may be born in a cgroup
2765 * with no rt_runtime allocated. Just say no.
2767 if (tsk == kthreadd_task || (tsk->flags & PF_NO_SETAFFINITY)) {
2769 goto out_unlock_rcu;
2772 get_task_struct(tsk);
2775 ret = cgroup_procs_write_permission(tsk, cgrp, of);
2777 ret = cgroup_attach_task(cgrp, tsk, threadgroup);
2779 put_task_struct(tsk);
2780 goto out_unlock_threadgroup;
2784 out_unlock_threadgroup:
2785 percpu_up_write(&cgroup_threadgroup_rwsem);
2786 cgroup_kn_unlock(of->kn);
2787 cpuset_post_attach_flush();
2788 return ret ?: nbytes;
2792 * cgroup_attach_task_all - attach task 'tsk' to all cgroups of task 'from'
2793 * @from: attach to all cgroups of a given task
2794 * @tsk: the task to be attached
2796 int cgroup_attach_task_all(struct task_struct *from, struct task_struct *tsk)
2798 struct cgroup_root *root;
2801 mutex_lock(&cgroup_mutex);
2802 for_each_root(root) {
2803 struct cgroup *from_cgrp;
2805 if (root == &cgrp_dfl_root)
2808 spin_lock_bh(&css_set_lock);
2809 from_cgrp = task_cgroup_from_root(from, root);
2810 spin_unlock_bh(&css_set_lock);
2812 retval = cgroup_attach_task(from_cgrp, tsk, false);
2816 mutex_unlock(&cgroup_mutex);
2820 EXPORT_SYMBOL_GPL(cgroup_attach_task_all);
2822 static ssize_t cgroup_tasks_write(struct kernfs_open_file *of,
2823 char *buf, size_t nbytes, loff_t off)
2825 return __cgroup_procs_write(of, buf, nbytes, off, false);
2828 static ssize_t cgroup_procs_write(struct kernfs_open_file *of,
2829 char *buf, size_t nbytes, loff_t off)
2831 return __cgroup_procs_write(of, buf, nbytes, off, true);
2834 static ssize_t cgroup_release_agent_write(struct kernfs_open_file *of,
2835 char *buf, size_t nbytes, loff_t off)
2837 struct cgroup *cgrp;
2839 BUILD_BUG_ON(sizeof(cgrp->root->release_agent_path) < PATH_MAX);
2841 cgrp = cgroup_kn_lock_live(of->kn, false);
2844 spin_lock(&release_agent_path_lock);
2845 strlcpy(cgrp->root->release_agent_path, strstrip(buf),
2846 sizeof(cgrp->root->release_agent_path));
2847 spin_unlock(&release_agent_path_lock);
2848 cgroup_kn_unlock(of->kn);
2852 static int cgroup_release_agent_show(struct seq_file *seq, void *v)
2854 struct cgroup *cgrp = seq_css(seq)->cgroup;
2856 spin_lock(&release_agent_path_lock);
2857 seq_puts(seq, cgrp->root->release_agent_path);
2858 spin_unlock(&release_agent_path_lock);
2859 seq_putc(seq, '\n');
2863 static int cgroup_sane_behavior_show(struct seq_file *seq, void *v)
2865 seq_puts(seq, "0\n");
2869 static void cgroup_print_ss_mask(struct seq_file *seq, u16 ss_mask)
2871 struct cgroup_subsys *ss;
2872 bool printed = false;
2875 do_each_subsys_mask(ss, ssid, ss_mask) {
2878 seq_printf(seq, "%s", ss->name);
2880 } while_each_subsys_mask();
2882 seq_putc(seq, '\n');
2885 /* show controllers which are enabled from the parent */
2886 static int cgroup_controllers_show(struct seq_file *seq, void *v)
2888 struct cgroup *cgrp = seq_css(seq)->cgroup;
2890 cgroup_print_ss_mask(seq, cgroup_control(cgrp));
2894 /* show controllers which are enabled for a given cgroup's children */
2895 static int cgroup_subtree_control_show(struct seq_file *seq, void *v)
2897 struct cgroup *cgrp = seq_css(seq)->cgroup;
2899 cgroup_print_ss_mask(seq, cgrp->subtree_control);
2904 * cgroup_update_dfl_csses - update css assoc of a subtree in default hierarchy
2905 * @cgrp: root of the subtree to update csses for
2907 * @cgrp's control masks have changed and its subtree's css associations
2908 * need to be updated accordingly. This function looks up all css_sets
2909 * which are attached to the subtree, creates the matching updated css_sets
2910 * and migrates the tasks to the new ones.
2912 static int cgroup_update_dfl_csses(struct cgroup *cgrp)
2914 LIST_HEAD(preloaded_csets);
2915 struct cgroup_taskset tset = CGROUP_TASKSET_INIT(tset);
2916 struct cgroup_subsys_state *d_css;
2917 struct cgroup *dsct;
2918 struct css_set *src_cset;
2921 lockdep_assert_held(&cgroup_mutex);
2923 percpu_down_write(&cgroup_threadgroup_rwsem);
2925 /* look up all csses currently attached to @cgrp's subtree */
2926 spin_lock_bh(&css_set_lock);
2927 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
2928 struct cgrp_cset_link *link;
2930 list_for_each_entry(link, &dsct->cset_links, cset_link)
2931 cgroup_migrate_add_src(link->cset, dsct,
2934 spin_unlock_bh(&css_set_lock);
2936 /* NULL dst indicates self on default hierarchy */
2937 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
2941 spin_lock_bh(&css_set_lock);
2942 list_for_each_entry(src_cset, &preloaded_csets, mg_preload_node) {
2943 struct task_struct *task, *ntask;
2945 /* src_csets precede dst_csets, break on the first dst_cset */
2946 if (!src_cset->mg_src_cgrp)
2949 /* all tasks in src_csets need to be migrated */
2950 list_for_each_entry_safe(task, ntask, &src_cset->tasks, cg_list)
2951 cgroup_taskset_add(task, &tset);
2953 spin_unlock_bh(&css_set_lock);
2955 ret = cgroup_taskset_migrate(&tset, cgrp->root);
2957 cgroup_migrate_finish(&preloaded_csets);
2958 percpu_up_write(&cgroup_threadgroup_rwsem);
2963 * cgroup_lock_and_drain_offline - lock cgroup_mutex and drain offlined csses
2964 * @cgrp: root of the target subtree
2966 * Because css offlining is asynchronous, userland may try to re-enable a
2967 * controller while the previous css is still around. This function grabs
2968 * cgroup_mutex and drains the previous css instances of @cgrp's subtree.
2970 static void cgroup_lock_and_drain_offline(struct cgroup *cgrp)
2971 __acquires(&cgroup_mutex)
2973 struct cgroup *dsct;
2974 struct cgroup_subsys_state *d_css;
2975 struct cgroup_subsys *ss;
2979 mutex_lock(&cgroup_mutex);
2981 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
2982 for_each_subsys(ss, ssid) {
2983 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
2986 if (!css || !percpu_ref_is_dying(&css->refcnt))
2990 prepare_to_wait(&dsct->offline_waitq, &wait,
2991 TASK_UNINTERRUPTIBLE);
2993 mutex_unlock(&cgroup_mutex);
2995 finish_wait(&dsct->offline_waitq, &wait);
3004 * cgroup_save_control - save control masks of a subtree
3005 * @cgrp: root of the target subtree
3007 * Save ->subtree_control and ->subtree_ss_mask to the respective old_
3008 * prefixed fields for @cgrp's subtree including @cgrp itself.
3010 static void cgroup_save_control(struct cgroup *cgrp)
3012 struct cgroup *dsct;
3013 struct cgroup_subsys_state *d_css;
3015 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
3016 dsct->old_subtree_control = dsct->subtree_control;
3017 dsct->old_subtree_ss_mask = dsct->subtree_ss_mask;
3022 * cgroup_propagate_control - refresh control masks of a subtree
3023 * @cgrp: root of the target subtree
3025 * For @cgrp and its subtree, ensure ->subtree_ss_mask matches
3026 * ->subtree_control and propagate controller availability through the
3027 * subtree so that descendants don't have unavailable controllers enabled.
3029 static void cgroup_propagate_control(struct cgroup *cgrp)
3031 struct cgroup *dsct;
3032 struct cgroup_subsys_state *d_css;
3034 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
3035 dsct->subtree_control &= cgroup_control(dsct);
3036 dsct->subtree_ss_mask =
3037 cgroup_calc_subtree_ss_mask(dsct->subtree_control,
3038 cgroup_ss_mask(dsct));
3043 * cgroup_restore_control - restore control masks of a subtree
3044 * @cgrp: root of the target subtree
3046 * Restore ->subtree_control and ->subtree_ss_mask from the respective old_
3047 * prefixed fields for @cgrp's subtree including @cgrp itself.
3049 static void cgroup_restore_control(struct cgroup *cgrp)
3051 struct cgroup *dsct;
3052 struct cgroup_subsys_state *d_css;
3054 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
3055 dsct->subtree_control = dsct->old_subtree_control;
3056 dsct->subtree_ss_mask = dsct->old_subtree_ss_mask;
3060 static bool css_visible(struct cgroup_subsys_state *css)
3062 struct cgroup_subsys *ss = css->ss;
3063 struct cgroup *cgrp = css->cgroup;
3065 if (cgroup_control(cgrp) & (1 << ss->id))
3067 if (!(cgroup_ss_mask(cgrp) & (1 << ss->id)))
3069 return cgroup_on_dfl(cgrp) && ss->implicit_on_dfl;
3073 * cgroup_apply_control_enable - enable or show csses according to control
3074 * @cgrp: root of the target subtree
3076 * Walk @cgrp's subtree and create new csses or make the existing ones
3077 * visible. A css is created invisible if it's being implicitly enabled
3078 * through dependency. An invisible css is made visible when the userland
3079 * explicitly enables it.
3081 * Returns 0 on success, -errno on failure. On failure, csses which have
3082 * been processed already aren't cleaned up. The caller is responsible for
3083 * cleaning up with cgroup_apply_control_disble().
3085 static int cgroup_apply_control_enable(struct cgroup *cgrp)
3087 struct cgroup *dsct;
3088 struct cgroup_subsys_state *d_css;
3089 struct cgroup_subsys *ss;
3092 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
3093 for_each_subsys(ss, ssid) {
3094 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
3096 WARN_ON_ONCE(css && percpu_ref_is_dying(&css->refcnt));
3098 if (!(cgroup_ss_mask(dsct) & (1 << ss->id)))
3102 css = css_create(dsct, ss);
3104 return PTR_ERR(css);
3107 if (css_visible(css)) {
3108 ret = css_populate_dir(css);
3119 * cgroup_apply_control_disable - kill or hide csses according to control
3120 * @cgrp: root of the target subtree
3122 * Walk @cgrp's subtree and kill and hide csses so that they match
3123 * cgroup_ss_mask() and cgroup_visible_mask().
3125 * A css is hidden when the userland requests it to be disabled while other
3126 * subsystems are still depending on it. The css must not actively control
3127 * resources and be in the vanilla state if it's made visible again later.
3128 * Controllers which may be depended upon should provide ->css_reset() for
3131 static void cgroup_apply_control_disable(struct cgroup *cgrp)
3133 struct cgroup *dsct;
3134 struct cgroup_subsys_state *d_css;
3135 struct cgroup_subsys *ss;
3138 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
3139 for_each_subsys(ss, ssid) {
3140 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
3142 WARN_ON_ONCE(css && percpu_ref_is_dying(&css->refcnt));
3148 !(cgroup_ss_mask(dsct) & (1 << ss->id))) {
3150 } else if (!css_visible(css)) {
3160 * cgroup_apply_control - apply control mask updates to the subtree
3161 * @cgrp: root of the target subtree
3163 * subsystems can be enabled and disabled in a subtree using the following
3166 * 1. Call cgroup_save_control() to stash the current state.
3167 * 2. Update ->subtree_control masks in the subtree as desired.
3168 * 3. Call cgroup_apply_control() to apply the changes.
3169 * 4. Optionally perform other related operations.
3170 * 5. Call cgroup_finalize_control() to finish up.
3172 * This function implements step 3 and propagates the mask changes
3173 * throughout @cgrp's subtree, updates csses accordingly and perform
3174 * process migrations.
3176 static int cgroup_apply_control(struct cgroup *cgrp)
3180 cgroup_propagate_control(cgrp);
3182 ret = cgroup_apply_control_enable(cgrp);
3187 * At this point, cgroup_e_css() results reflect the new csses
3188 * making the following cgroup_update_dfl_csses() properly update
3189 * css associations of all tasks in the subtree.
3191 ret = cgroup_update_dfl_csses(cgrp);
3199 * cgroup_finalize_control - finalize control mask update
3200 * @cgrp: root of the target subtree
3201 * @ret: the result of the update
3203 * Finalize control mask update. See cgroup_apply_control() for more info.
3205 static void cgroup_finalize_control(struct cgroup *cgrp, int ret)
3208 cgroup_restore_control(cgrp);
3209 cgroup_propagate_control(cgrp);
3212 cgroup_apply_control_disable(cgrp);
3215 /* change the enabled child controllers for a cgroup in the default hierarchy */
3216 static ssize_t cgroup_subtree_control_write(struct kernfs_open_file *of,
3217 char *buf, size_t nbytes,
3220 u16 enable = 0, disable = 0;
3221 struct cgroup *cgrp, *child;
3222 struct cgroup_subsys *ss;
3227 * Parse input - space separated list of subsystem names prefixed
3228 * with either + or -.
3230 buf = strstrip(buf);
3231 while ((tok = strsep(&buf, " "))) {
3234 do_each_subsys_mask(ss, ssid, ~cgrp_dfl_inhibit_ss_mask) {
3235 if (!cgroup_ssid_enabled(ssid) ||
3236 strcmp(tok + 1, ss->name))
3240 enable |= 1 << ssid;
3241 disable &= ~(1 << ssid);
3242 } else if (*tok == '-') {
3243 disable |= 1 << ssid;
3244 enable &= ~(1 << ssid);
3249 } while_each_subsys_mask();
3250 if (ssid == CGROUP_SUBSYS_COUNT)
3254 cgrp = cgroup_kn_lock_live(of->kn, true);
3258 for_each_subsys(ss, ssid) {
3259 if (enable & (1 << ssid)) {
3260 if (cgrp->subtree_control & (1 << ssid)) {
3261 enable &= ~(1 << ssid);
3265 if (!(cgroup_control(cgrp) & (1 << ssid))) {
3269 } else if (disable & (1 << ssid)) {
3270 if (!(cgrp->subtree_control & (1 << ssid))) {
3271 disable &= ~(1 << ssid);
3275 /* a child has it enabled? */
3276 cgroup_for_each_live_child(child, cgrp) {
3277 if (child->subtree_control & (1 << ssid)) {
3285 if (!enable && !disable) {
3291 * Except for the root, subtree_control must be zero for a cgroup
3292 * with tasks so that child cgroups don't compete against tasks.
3294 if (enable && cgroup_parent(cgrp) && !list_empty(&cgrp->cset_links)) {
3299 /* save and update control masks and prepare csses */
3300 cgroup_save_control(cgrp);
3302 cgrp->subtree_control |= enable;
3303 cgrp->subtree_control &= ~disable;
3305 ret = cgroup_apply_control(cgrp);
3307 cgroup_finalize_control(cgrp, ret);
3309 kernfs_activate(cgrp->kn);
3312 cgroup_kn_unlock(of->kn);
3313 return ret ?: nbytes;
3316 static int cgroup_events_show(struct seq_file *seq, void *v)
3318 seq_printf(seq, "populated %d\n",
3319 cgroup_is_populated(seq_css(seq)->cgroup));
3323 static ssize_t cgroup_file_write(struct kernfs_open_file *of, char *buf,
3324 size_t nbytes, loff_t off)
3326 struct cgroup *cgrp = of->kn->parent->priv;
3327 struct cftype *cft = of->kn->priv;
3328 struct cgroup_subsys_state *css;
3332 return cft->write(of, buf, nbytes, off);
3335 * kernfs guarantees that a file isn't deleted with operations in
3336 * flight, which means that the matching css is and stays alive and
3337 * doesn't need to be pinned. The RCU locking is not necessary
3338 * either. It's just for the convenience of using cgroup_css().
3341 css = cgroup_css(cgrp, cft->ss);
3344 if (cft->write_u64) {
3345 unsigned long long v;
3346 ret = kstrtoull(buf, 0, &v);
3348 ret = cft->write_u64(css, cft, v);
3349 } else if (cft->write_s64) {
3351 ret = kstrtoll(buf, 0, &v);
3353 ret = cft->write_s64(css, cft, v);
3358 return ret ?: nbytes;
3361 static void *cgroup_seqfile_start(struct seq_file *seq, loff_t *ppos)
3363 return seq_cft(seq)->seq_start(seq, ppos);
3366 static void *cgroup_seqfile_next(struct seq_file *seq, void *v, loff_t *ppos)
3368 return seq_cft(seq)->seq_next(seq, v, ppos);
3371 static void cgroup_seqfile_stop(struct seq_file *seq, void *v)
3373 seq_cft(seq)->seq_stop(seq, v);
3376 static int cgroup_seqfile_show(struct seq_file *m, void *arg)
3378 struct cftype *cft = seq_cft(m);
3379 struct cgroup_subsys_state *css = seq_css(m);
3382 return cft->seq_show(m, arg);
3385 seq_printf(m, "%llu\n", cft->read_u64(css, cft));
3386 else if (cft->read_s64)
3387 seq_printf(m, "%lld\n", cft->read_s64(css, cft));
3393 static struct kernfs_ops cgroup_kf_single_ops = {
3394 .atomic_write_len = PAGE_SIZE,
3395 .write = cgroup_file_write,
3396 .seq_show = cgroup_seqfile_show,
3399 static struct kernfs_ops cgroup_kf_ops = {
3400 .atomic_write_len = PAGE_SIZE,
3401 .write = cgroup_file_write,
3402 .seq_start = cgroup_seqfile_start,
3403 .seq_next = cgroup_seqfile_next,
3404 .seq_stop = cgroup_seqfile_stop,
3405 .seq_show = cgroup_seqfile_show,
3409 * cgroup_rename - Only allow simple rename of directories in place.
3411 static int cgroup_rename(struct kernfs_node *kn, struct kernfs_node *new_parent,
3412 const char *new_name_str)
3414 struct cgroup *cgrp = kn->priv;
3417 if (kernfs_type(kn) != KERNFS_DIR)
3419 if (kn->parent != new_parent)
3423 * This isn't a proper migration and its usefulness is very
3424 * limited. Disallow on the default hierarchy.
3426 if (cgroup_on_dfl(cgrp))
3430 * We're gonna grab cgroup_mutex which nests outside kernfs
3431 * active_ref. kernfs_rename() doesn't require active_ref
3432 * protection. Break them before grabbing cgroup_mutex.
3434 kernfs_break_active_protection(new_parent);
3435 kernfs_break_active_protection(kn);
3437 mutex_lock(&cgroup_mutex);
3439 ret = kernfs_rename(kn, new_parent, new_name_str);
3441 mutex_unlock(&cgroup_mutex);
3443 kernfs_unbreak_active_protection(kn);
3444 kernfs_unbreak_active_protection(new_parent);
3448 /* set uid and gid of cgroup dirs and files to that of the creator */
3449 static int cgroup_kn_set_ugid(struct kernfs_node *kn)
3451 struct iattr iattr = { .ia_valid = ATTR_UID | ATTR_GID,
3452 .ia_uid = current_fsuid(),
3453 .ia_gid = current_fsgid(), };
3455 if (uid_eq(iattr.ia_uid, GLOBAL_ROOT_UID) &&
3456 gid_eq(iattr.ia_gid, GLOBAL_ROOT_GID))
3459 return kernfs_setattr(kn, &iattr);
3462 static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp,
3465 char name[CGROUP_FILE_NAME_MAX];
3466 struct kernfs_node *kn;
3467 struct lock_class_key *key = NULL;
3470 #ifdef CONFIG_DEBUG_LOCK_ALLOC
3471 key = &cft->lockdep_key;
3473 kn = __kernfs_create_file(cgrp->kn, cgroup_file_name(cgrp, cft, name),
3474 cgroup_file_mode(cft), 0, cft->kf_ops, cft,
3479 ret = cgroup_kn_set_ugid(kn);
3485 if (cft->file_offset) {
3486 struct cgroup_file *cfile = (void *)css + cft->file_offset;
3488 spin_lock_irq(&cgroup_file_kn_lock);
3490 spin_unlock_irq(&cgroup_file_kn_lock);
3497 * cgroup_addrm_files - add or remove files to a cgroup directory
3498 * @css: the target css
3499 * @cgrp: the target cgroup (usually css->cgroup)
3500 * @cfts: array of cftypes to be added
3501 * @is_add: whether to add or remove
3503 * Depending on @is_add, add or remove files defined by @cfts on @cgrp.
3504 * For removals, this function never fails.
3506 static int cgroup_addrm_files(struct cgroup_subsys_state *css,
3507 struct cgroup *cgrp, struct cftype cfts[],
3510 struct cftype *cft, *cft_end = NULL;
3513 lockdep_assert_held(&cgroup_mutex);
3516 for (cft = cfts; cft != cft_end && cft->name[0] != '\0'; cft++) {
3517 /* does cft->flags tell us to skip this file on @cgrp? */
3518 if ((cft->flags & __CFTYPE_ONLY_ON_DFL) && !cgroup_on_dfl(cgrp))
3520 if ((cft->flags & __CFTYPE_NOT_ON_DFL) && cgroup_on_dfl(cgrp))
3522 if ((cft->flags & CFTYPE_NOT_ON_ROOT) && !cgroup_parent(cgrp))
3524 if ((cft->flags & CFTYPE_ONLY_ON_ROOT) && cgroup_parent(cgrp))
3528 ret = cgroup_add_file(css, cgrp, cft);
3530 pr_warn("%s: failed to add %s, err=%d\n",
3531 __func__, cft->name, ret);
3537 cgroup_rm_file(cgrp, cft);
3543 static int cgroup_apply_cftypes(struct cftype *cfts, bool is_add)
3546 struct cgroup_subsys *ss = cfts[0].ss;
3547 struct cgroup *root = &ss->root->cgrp;
3548 struct cgroup_subsys_state *css;
3551 lockdep_assert_held(&cgroup_mutex);
3553 /* add/rm files for all cgroups created before */
3554 css_for_each_descendant_pre(css, cgroup_css(root, ss)) {
3555 struct cgroup *cgrp = css->cgroup;
3557 if (!(css->flags & CSS_VISIBLE))
3560 ret = cgroup_addrm_files(css, cgrp, cfts, is_add);
3566 kernfs_activate(root->kn);
3570 static void cgroup_exit_cftypes(struct cftype *cfts)
3574 for (cft = cfts; cft->name[0] != '\0'; cft++) {
3575 /* free copy for custom atomic_write_len, see init_cftypes() */
3576 if (cft->max_write_len && cft->max_write_len != PAGE_SIZE)
3581 /* revert flags set by cgroup core while adding @cfts */
3582 cft->flags &= ~(__CFTYPE_ONLY_ON_DFL | __CFTYPE_NOT_ON_DFL);
3586 static int cgroup_init_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3590 for (cft = cfts; cft->name[0] != '\0'; cft++) {
3591 struct kernfs_ops *kf_ops;
3593 WARN_ON(cft->ss || cft->kf_ops);
3596 kf_ops = &cgroup_kf_ops;
3598 kf_ops = &cgroup_kf_single_ops;
3601 * Ugh... if @cft wants a custom max_write_len, we need to
3602 * make a copy of kf_ops to set its atomic_write_len.
3604 if (cft->max_write_len && cft->max_write_len != PAGE_SIZE) {
3605 kf_ops = kmemdup(kf_ops, sizeof(*kf_ops), GFP_KERNEL);
3607 cgroup_exit_cftypes(cfts);
3610 kf_ops->atomic_write_len = cft->max_write_len;
3613 cft->kf_ops = kf_ops;
3620 static int cgroup_rm_cftypes_locked(struct cftype *cfts)
3622 lockdep_assert_held(&cgroup_mutex);
3624 if (!cfts || !cfts[0].ss)
3627 list_del(&cfts->node);
3628 cgroup_apply_cftypes(cfts, false);
3629 cgroup_exit_cftypes(cfts);
3634 * cgroup_rm_cftypes - remove an array of cftypes from a subsystem
3635 * @cfts: zero-length name terminated array of cftypes
3637 * Unregister @cfts. Files described by @cfts are removed from all
3638 * existing cgroups and all future cgroups won't have them either. This
3639 * function can be called anytime whether @cfts' subsys is attached or not.
3641 * Returns 0 on successful unregistration, -ENOENT if @cfts is not
3644 int cgroup_rm_cftypes(struct cftype *cfts)
3648 mutex_lock(&cgroup_mutex);
3649 ret = cgroup_rm_cftypes_locked(cfts);
3650 mutex_unlock(&cgroup_mutex);
3655 * cgroup_add_cftypes - add an array of cftypes to a subsystem
3656 * @ss: target cgroup subsystem
3657 * @cfts: zero-length name terminated array of cftypes
3659 * Register @cfts to @ss. Files described by @cfts are created for all
3660 * existing cgroups to which @ss is attached and all future cgroups will
3661 * have them too. This function can be called anytime whether @ss is
3664 * Returns 0 on successful registration, -errno on failure. Note that this
3665 * function currently returns 0 as long as @cfts registration is successful
3666 * even if some file creation attempts on existing cgroups fail.
3668 static int cgroup_add_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3672 if (!cgroup_ssid_enabled(ss->id))
3675 if (!cfts || cfts[0].name[0] == '\0')
3678 ret = cgroup_init_cftypes(ss, cfts);
3682 mutex_lock(&cgroup_mutex);
3684 list_add_tail(&cfts->node, &ss->cfts);
3685 ret = cgroup_apply_cftypes(cfts, true);
3687 cgroup_rm_cftypes_locked(cfts);
3689 mutex_unlock(&cgroup_mutex);
3694 * cgroup_add_dfl_cftypes - add an array of cftypes for default hierarchy
3695 * @ss: target cgroup subsystem
3696 * @cfts: zero-length name terminated array of cftypes
3698 * Similar to cgroup_add_cftypes() but the added files are only used for
3699 * the default hierarchy.
3701 int cgroup_add_dfl_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3705 for (cft = cfts; cft && cft->name[0] != '\0'; cft++)
3706 cft->flags |= __CFTYPE_ONLY_ON_DFL;
3707 return cgroup_add_cftypes(ss, cfts);
3711 * cgroup_add_legacy_cftypes - add an array of cftypes for legacy hierarchies
3712 * @ss: target cgroup subsystem
3713 * @cfts: zero-length name terminated array of cftypes
3715 * Similar to cgroup_add_cftypes() but the added files are only used for
3716 * the legacy hierarchies.
3718 int cgroup_add_legacy_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3722 for (cft = cfts; cft && cft->name[0] != '\0'; cft++)
3723 cft->flags |= __CFTYPE_NOT_ON_DFL;
3724 return cgroup_add_cftypes(ss, cfts);
3728 * cgroup_file_notify - generate a file modified event for a cgroup_file
3729 * @cfile: target cgroup_file
3731 * @cfile must have been obtained by setting cftype->file_offset.
3733 void cgroup_file_notify(struct cgroup_file *cfile)
3735 unsigned long flags;
3737 spin_lock_irqsave(&cgroup_file_kn_lock, flags);
3739 kernfs_notify(cfile->kn);
3740 spin_unlock_irqrestore(&cgroup_file_kn_lock, flags);
3744 * cgroup_task_count - count the number of tasks in a cgroup.
3745 * @cgrp: the cgroup in question
3747 * Return the number of tasks in the cgroup.
3749 static int cgroup_task_count(const struct cgroup *cgrp)
3752 struct cgrp_cset_link *link;
3754 spin_lock_bh(&css_set_lock);
3755 list_for_each_entry(link, &cgrp->cset_links, cset_link)
3756 count += atomic_read(&link->cset->refcount);
3757 spin_unlock_bh(&css_set_lock);
3762 * css_next_child - find the next child of a given css
3763 * @pos: the current position (%NULL to initiate traversal)
3764 * @parent: css whose children to walk
3766 * This function returns the next child of @parent and should be called
3767 * under either cgroup_mutex or RCU read lock. The only requirement is
3768 * that @parent and @pos are accessible. The next sibling is guaranteed to
3769 * be returned regardless of their states.
3771 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3772 * css which finished ->css_online() is guaranteed to be visible in the
3773 * future iterations and will stay visible until the last reference is put.
3774 * A css which hasn't finished ->css_online() or already finished
3775 * ->css_offline() may show up during traversal. It's each subsystem's
3776 * responsibility to synchronize against on/offlining.
3778 struct cgroup_subsys_state *css_next_child(struct cgroup_subsys_state *pos,
3779 struct cgroup_subsys_state *parent)
3781 struct cgroup_subsys_state *next;
3783 cgroup_assert_mutex_or_rcu_locked();
3786 * @pos could already have been unlinked from the sibling list.
3787 * Once a cgroup is removed, its ->sibling.next is no longer
3788 * updated when its next sibling changes. CSS_RELEASED is set when
3789 * @pos is taken off list, at which time its next pointer is valid,
3790 * and, as releases are serialized, the one pointed to by the next
3791 * pointer is guaranteed to not have started release yet. This
3792 * implies that if we observe !CSS_RELEASED on @pos in this RCU
3793 * critical section, the one pointed to by its next pointer is
3794 * guaranteed to not have finished its RCU grace period even if we
3795 * have dropped rcu_read_lock() inbetween iterations.
3797 * If @pos has CSS_RELEASED set, its next pointer can't be
3798 * dereferenced; however, as each css is given a monotonically
3799 * increasing unique serial number and always appended to the
3800 * sibling list, the next one can be found by walking the parent's
3801 * children until the first css with higher serial number than
3802 * @pos's. While this path can be slower, it happens iff iteration
3803 * races against release and the race window is very small.
3806 next = list_entry_rcu(parent->children.next, struct cgroup_subsys_state, sibling);
3807 } else if (likely(!(pos->flags & CSS_RELEASED))) {
3808 next = list_entry_rcu(pos->sibling.next, struct cgroup_subsys_state, sibling);
3810 list_for_each_entry_rcu(next, &parent->children, sibling)
3811 if (next->serial_nr > pos->serial_nr)
3816 * @next, if not pointing to the head, can be dereferenced and is
3819 if (&next->sibling != &parent->children)
3825 * css_next_descendant_pre - find the next descendant for pre-order walk
3826 * @pos: the current position (%NULL to initiate traversal)
3827 * @root: css whose descendants to walk
3829 * To be used by css_for_each_descendant_pre(). Find the next descendant
3830 * to visit for pre-order traversal of @root's descendants. @root is
3831 * included in the iteration and the first node to be visited.
3833 * While this function requires cgroup_mutex or RCU read locking, it
3834 * doesn't require the whole traversal to be contained in a single critical
3835 * section. This function will return the correct next descendant as long
3836 * as both @pos and @root are accessible and @pos is a descendant of @root.
3838 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3839 * css which finished ->css_online() is guaranteed to be visible in the
3840 * future iterations and will stay visible until the last reference is put.
3841 * A css which hasn't finished ->css_online() or already finished
3842 * ->css_offline() may show up during traversal. It's each subsystem's
3843 * responsibility to synchronize against on/offlining.
3845 struct cgroup_subsys_state *
3846 css_next_descendant_pre(struct cgroup_subsys_state *pos,
3847 struct cgroup_subsys_state *root)
3849 struct cgroup_subsys_state *next;
3851 cgroup_assert_mutex_or_rcu_locked();
3853 /* if first iteration, visit @root */
3857 /* visit the first child if exists */
3858 next = css_next_child(NULL, pos);
3862 /* no child, visit my or the closest ancestor's next sibling */
3863 while (pos != root) {
3864 next = css_next_child(pos, pos->parent);
3874 * css_rightmost_descendant - return the rightmost descendant of a css
3875 * @pos: css of interest
3877 * Return the rightmost descendant of @pos. If there's no descendant, @pos
3878 * is returned. This can be used during pre-order traversal to skip
3881 * While this function requires cgroup_mutex or RCU read locking, it
3882 * doesn't require the whole traversal to be contained in a single critical
3883 * section. This function will return the correct rightmost descendant as
3884 * long as @pos is accessible.
3886 struct cgroup_subsys_state *
3887 css_rightmost_descendant(struct cgroup_subsys_state *pos)
3889 struct cgroup_subsys_state *last, *tmp;
3891 cgroup_assert_mutex_or_rcu_locked();
3895 /* ->prev isn't RCU safe, walk ->next till the end */
3897 css_for_each_child(tmp, last)
3904 static struct cgroup_subsys_state *
3905 css_leftmost_descendant(struct cgroup_subsys_state *pos)
3907 struct cgroup_subsys_state *last;
3911 pos = css_next_child(NULL, pos);
3918 * css_next_descendant_post - find the next descendant for post-order walk
3919 * @pos: the current position (%NULL to initiate traversal)
3920 * @root: css whose descendants to walk
3922 * To be used by css_for_each_descendant_post(). Find the next descendant
3923 * to visit for post-order traversal of @root's descendants. @root is
3924 * included in the iteration and the last node to be visited.
3926 * While this function requires cgroup_mutex or RCU read locking, it
3927 * doesn't require the whole traversal to be contained in a single critical
3928 * section. This function will return the correct next descendant as long
3929 * as both @pos and @cgroup are accessible and @pos is a descendant of
3932 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3933 * css which finished ->css_online() is guaranteed to be visible in the
3934 * future iterations and will stay visible until the last reference is put.
3935 * A css which hasn't finished ->css_online() or already finished
3936 * ->css_offline() may show up during traversal. It's each subsystem's
3937 * responsibility to synchronize against on/offlining.
3939 struct cgroup_subsys_state *
3940 css_next_descendant_post(struct cgroup_subsys_state *pos,
3941 struct cgroup_subsys_state *root)
3943 struct cgroup_subsys_state *next;
3945 cgroup_assert_mutex_or_rcu_locked();
3947 /* if first iteration, visit leftmost descendant which may be @root */
3949 return css_leftmost_descendant(root);
3951 /* if we visited @root, we're done */
3955 /* if there's an unvisited sibling, visit its leftmost descendant */
3956 next = css_next_child(pos, pos->parent);
3958 return css_leftmost_descendant(next);
3960 /* no sibling left, visit parent */
3965 * css_has_online_children - does a css have online children
3966 * @css: the target css
3968 * Returns %true if @css has any online children; otherwise, %false. This
3969 * function can be called from any context but the caller is responsible
3970 * for synchronizing against on/offlining as necessary.
3972 bool css_has_online_children(struct cgroup_subsys_state *css)
3974 struct cgroup_subsys_state *child;
3978 css_for_each_child(child, css) {
3979 if (child->flags & CSS_ONLINE) {
3989 * css_task_iter_advance_css_set - advance a task itererator to the next css_set
3990 * @it: the iterator to advance
3992 * Advance @it to the next css_set to walk.
3994 static void css_task_iter_advance_css_set(struct css_task_iter *it)
3996 struct list_head *l = it->cset_pos;
3997 struct cgrp_cset_link *link;
3998 struct css_set *cset;
4000 lockdep_assert_held(&css_set_lock);
4002 /* Advance to the next non-empty css_set */
4005 if (l == it->cset_head) {
4006 it->cset_pos = NULL;
4007 it->task_pos = NULL;
4012 cset = container_of(l, struct css_set,
4013 e_cset_node[it->ss->id]);
4015 link = list_entry(l, struct cgrp_cset_link, cset_link);
4018 } while (!css_set_populated(cset));
4022 if (!list_empty(&cset->tasks))
4023 it->task_pos = cset->tasks.next;
4025 it->task_pos = cset->mg_tasks.next;
4027 it->tasks_head = &cset->tasks;
4028 it->mg_tasks_head = &cset->mg_tasks;
4031 * We don't keep css_sets locked across iteration steps and thus
4032 * need to take steps to ensure that iteration can be resumed after
4033 * the lock is re-acquired. Iteration is performed at two levels -
4034 * css_sets and tasks in them.
4036 * Once created, a css_set never leaves its cgroup lists, so a
4037 * pinned css_set is guaranteed to stay put and we can resume
4038 * iteration afterwards.
4040 * Tasks may leave @cset across iteration steps. This is resolved
4041 * by registering each iterator with the css_set currently being
4042 * walked and making css_set_move_task() advance iterators whose
4043 * next task is leaving.
4046 list_del(&it->iters_node);
4047 put_css_set_locked(it->cur_cset);
4050 it->cur_cset = cset;
4051 list_add(&it->iters_node, &cset->task_iters);
4054 static void css_task_iter_advance(struct css_task_iter *it)
4056 struct list_head *l = it->task_pos;
4058 lockdep_assert_held(&css_set_lock);
4062 * Advance iterator to find next entry. cset->tasks is consumed
4063 * first and then ->mg_tasks. After ->mg_tasks, we move onto the
4068 if (l == it->tasks_head)
4069 l = it->mg_tasks_head->next;
4071 if (l == it->mg_tasks_head)
4072 css_task_iter_advance_css_set(it);
4078 * css_task_iter_start - initiate task iteration
4079 * @css: the css to walk tasks of
4080 * @it: the task iterator to use
4082 * Initiate iteration through the tasks of @css. The caller can call
4083 * css_task_iter_next() to walk through the tasks until the function
4084 * returns NULL. On completion of iteration, css_task_iter_end() must be
4087 void css_task_iter_start(struct cgroup_subsys_state *css,
4088 struct css_task_iter *it)
4090 /* no one should try to iterate before mounting cgroups */
4091 WARN_ON_ONCE(!use_task_css_set_links);
4093 memset(it, 0, sizeof(*it));
4095 spin_lock_bh(&css_set_lock);
4100 it->cset_pos = &css->cgroup->e_csets[css->ss->id];
4102 it->cset_pos = &css->cgroup->cset_links;
4104 it->cset_head = it->cset_pos;
4106 css_task_iter_advance_css_set(it);
4108 spin_unlock_bh(&css_set_lock);
4112 * css_task_iter_next - return the next task for the iterator
4113 * @it: the task iterator being iterated
4115 * The "next" function for task iteration. @it should have been
4116 * initialized via css_task_iter_start(). Returns NULL when the iteration
4119 struct task_struct *css_task_iter_next(struct css_task_iter *it)
4122 put_task_struct(it->cur_task);
4123 it->cur_task = NULL;
4126 spin_lock_bh(&css_set_lock);
4129 it->cur_task = list_entry(it->task_pos, struct task_struct,
4131 get_task_struct(it->cur_task);
4132 css_task_iter_advance(it);
4135 spin_unlock_bh(&css_set_lock);
4137 return it->cur_task;
4141 * css_task_iter_end - finish task iteration
4142 * @it: the task iterator to finish
4144 * Finish task iteration started by css_task_iter_start().
4146 void css_task_iter_end(struct css_task_iter *it)
4149 spin_lock_bh(&css_set_lock);
4150 list_del(&it->iters_node);
4151 put_css_set_locked(it->cur_cset);
4152 spin_unlock_bh(&css_set_lock);
4156 put_task_struct(it->cur_task);
4160 * cgroup_trasnsfer_tasks - move tasks from one cgroup to another
4161 * @to: cgroup to which the tasks will be moved
4162 * @from: cgroup in which the tasks currently reside
4164 * Locking rules between cgroup_post_fork() and the migration path
4165 * guarantee that, if a task is forking while being migrated, the new child
4166 * is guaranteed to be either visible in the source cgroup after the
4167 * parent's migration is complete or put into the target cgroup. No task
4168 * can slip out of migration through forking.
4170 int cgroup_transfer_tasks(struct cgroup *to, struct cgroup *from)
4172 LIST_HEAD(preloaded_csets);
4173 struct cgrp_cset_link *link;
4174 struct css_task_iter it;
4175 struct task_struct *task;
4178 if (!cgroup_may_migrate_to(to))
4181 mutex_lock(&cgroup_mutex);
4183 /* all tasks in @from are being moved, all csets are source */
4184 spin_lock_bh(&css_set_lock);
4185 list_for_each_entry(link, &from->cset_links, cset_link)
4186 cgroup_migrate_add_src(link->cset, to, &preloaded_csets);
4187 spin_unlock_bh(&css_set_lock);
4189 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
4194 * Migrate tasks one-by-one until @from is empty. This fails iff
4195 * ->can_attach() fails.
4198 css_task_iter_start(&from->self, &it);
4199 task = css_task_iter_next(&it);
4201 get_task_struct(task);
4202 css_task_iter_end(&it);
4205 ret = cgroup_migrate(task, false, to->root);
4206 put_task_struct(task);
4208 } while (task && !ret);
4210 cgroup_migrate_finish(&preloaded_csets);
4211 mutex_unlock(&cgroup_mutex);
4216 * Stuff for reading the 'tasks'/'procs' files.
4218 * Reading this file can return large amounts of data if a cgroup has
4219 * *lots* of attached tasks. So it may need several calls to read(),
4220 * but we cannot guarantee that the information we produce is correct
4221 * unless we produce it entirely atomically.
4225 /* which pidlist file are we talking about? */
4226 enum cgroup_filetype {
4232 * A pidlist is a list of pids that virtually represents the contents of one
4233 * of the cgroup files ("procs" or "tasks"). We keep a list of such pidlists,
4234 * a pair (one each for procs, tasks) for each pid namespace that's relevant
4237 struct cgroup_pidlist {
4239 * used to find which pidlist is wanted. doesn't change as long as
4240 * this particular list stays in the list.
4242 struct { enum cgroup_filetype type; struct pid_namespace *ns; } key;
4245 /* how many elements the above list has */
4247 /* each of these stored in a list by its cgroup */
4248 struct list_head links;
4249 /* pointer to the cgroup we belong to, for list removal purposes */
4250 struct cgroup *owner;
4251 /* for delayed destruction */
4252 struct delayed_work destroy_dwork;
4256 * The following two functions "fix" the issue where there are more pids
4257 * than kmalloc will give memory for; in such cases, we use vmalloc/vfree.
4258 * TODO: replace with a kernel-wide solution to this problem
4260 #define PIDLIST_TOO_LARGE(c) ((c) * sizeof(pid_t) > (PAGE_SIZE * 2))
4261 static void *pidlist_allocate(int count)
4263 if (PIDLIST_TOO_LARGE(count))
4264 return vmalloc(count * sizeof(pid_t));
4266 return kmalloc(count * sizeof(pid_t), GFP_KERNEL);
4269 static void pidlist_free(void *p)
4275 * Used to destroy all pidlists lingering waiting for destroy timer. None
4276 * should be left afterwards.
4278 static void cgroup_pidlist_destroy_all(struct cgroup *cgrp)
4280 struct cgroup_pidlist *l, *tmp_l;
4282 mutex_lock(&cgrp->pidlist_mutex);
4283 list_for_each_entry_safe(l, tmp_l, &cgrp->pidlists, links)
4284 mod_delayed_work(cgroup_pidlist_destroy_wq, &l->destroy_dwork, 0);
4285 mutex_unlock(&cgrp->pidlist_mutex);
4287 flush_workqueue(cgroup_pidlist_destroy_wq);
4288 BUG_ON(!list_empty(&cgrp->pidlists));
4291 static void cgroup_pidlist_destroy_work_fn(struct work_struct *work)
4293 struct delayed_work *dwork = to_delayed_work(work);
4294 struct cgroup_pidlist *l = container_of(dwork, struct cgroup_pidlist,
4296 struct cgroup_pidlist *tofree = NULL;
4298 mutex_lock(&l->owner->pidlist_mutex);
4301 * Destroy iff we didn't get queued again. The state won't change
4302 * as destroy_dwork can only be queued while locked.
4304 if (!delayed_work_pending(dwork)) {
4305 list_del(&l->links);
4306 pidlist_free(l->list);
4307 put_pid_ns(l->key.ns);
4311 mutex_unlock(&l->owner->pidlist_mutex);
4316 * pidlist_uniq - given a kmalloc()ed list, strip out all duplicate entries
4317 * Returns the number of unique elements.
4319 static int pidlist_uniq(pid_t *list, int length)
4324 * we presume the 0th element is unique, so i starts at 1. trivial
4325 * edge cases first; no work needs to be done for either
4327 if (length == 0 || length == 1)
4329 /* src and dest walk down the list; dest counts unique elements */
4330 for (src = 1; src < length; src++) {
4331 /* find next unique element */
4332 while (list[src] == list[src-1]) {
4337 /* dest always points to where the next unique element goes */
4338 list[dest] = list[src];
4346 * The two pid files - task and cgroup.procs - guaranteed that the result
4347 * is sorted, which forced this whole pidlist fiasco. As pid order is
4348 * different per namespace, each namespace needs differently sorted list,
4349 * making it impossible to use, for example, single rbtree of member tasks
4350 * sorted by task pointer. As pidlists can be fairly large, allocating one
4351 * per open file is dangerous, so cgroup had to implement shared pool of
4352 * pidlists keyed by cgroup and namespace.
4354 * All this extra complexity was caused by the original implementation
4355 * committing to an entirely unnecessary property. In the long term, we
4356 * want to do away with it. Explicitly scramble sort order if on the
4357 * default hierarchy so that no such expectation exists in the new
4360 * Scrambling is done by swapping every two consecutive bits, which is
4361 * non-identity one-to-one mapping which disturbs sort order sufficiently.
4363 static pid_t pid_fry(pid_t pid)
4365 unsigned a = pid & 0x55555555;
4366 unsigned b = pid & 0xAAAAAAAA;
4368 return (a << 1) | (b >> 1);
4371 static pid_t cgroup_pid_fry(struct cgroup *cgrp, pid_t pid)
4373 if (cgroup_on_dfl(cgrp))
4374 return pid_fry(pid);
4379 static int cmppid(const void *a, const void *b)
4381 return *(pid_t *)a - *(pid_t *)b;
4384 static int fried_cmppid(const void *a, const void *b)
4386 return pid_fry(*(pid_t *)a) - pid_fry(*(pid_t *)b);
4389 static struct cgroup_pidlist *cgroup_pidlist_find(struct cgroup *cgrp,
4390 enum cgroup_filetype type)
4392 struct cgroup_pidlist *l;
4393 /* don't need task_nsproxy() if we're looking at ourself */
4394 struct pid_namespace *ns = task_active_pid_ns(current);
4396 lockdep_assert_held(&cgrp->pidlist_mutex);
4398 list_for_each_entry(l, &cgrp->pidlists, links)
4399 if (l->key.type == type && l->key.ns == ns)
4405 * find the appropriate pidlist for our purpose (given procs vs tasks)
4406 * returns with the lock on that pidlist already held, and takes care
4407 * of the use count, or returns NULL with no locks held if we're out of
4410 static struct cgroup_pidlist *cgroup_pidlist_find_create(struct cgroup *cgrp,
4411 enum cgroup_filetype type)
4413 struct cgroup_pidlist *l;
4415 lockdep_assert_held(&cgrp->pidlist_mutex);
4417 l = cgroup_pidlist_find(cgrp, type);
4421 /* entry not found; create a new one */
4422 l = kzalloc(sizeof(struct cgroup_pidlist), GFP_KERNEL);
4426 INIT_DELAYED_WORK(&l->destroy_dwork, cgroup_pidlist_destroy_work_fn);
4428 /* don't need task_nsproxy() if we're looking at ourself */
4429 l->key.ns = get_pid_ns(task_active_pid_ns(current));
4431 list_add(&l->links, &cgrp->pidlists);
4436 * Load a cgroup's pidarray with either procs' tgids or tasks' pids
4438 static int pidlist_array_load(struct cgroup *cgrp, enum cgroup_filetype type,
4439 struct cgroup_pidlist **lp)
4443 int pid, n = 0; /* used for populating the array */
4444 struct css_task_iter it;
4445 struct task_struct *tsk;
4446 struct cgroup_pidlist *l;
4448 lockdep_assert_held(&cgrp->pidlist_mutex);
4451 * If cgroup gets more users after we read count, we won't have
4452 * enough space - tough. This race is indistinguishable to the
4453 * caller from the case that the additional cgroup users didn't
4454 * show up until sometime later on.
4456 length = cgroup_task_count(cgrp);
4457 array = pidlist_allocate(length);
4460 /* now, populate the array */
4461 css_task_iter_start(&cgrp->self, &it);
4462 while ((tsk = css_task_iter_next(&it))) {
4463 if (unlikely(n == length))
4465 /* get tgid or pid for procs or tasks file respectively */
4466 if (type == CGROUP_FILE_PROCS)
4467 pid = task_tgid_vnr(tsk);
4469 pid = task_pid_vnr(tsk);
4470 if (pid > 0) /* make sure to only use valid results */
4473 css_task_iter_end(&it);
4475 /* now sort & (if procs) strip out duplicates */
4476 if (cgroup_on_dfl(cgrp))
4477 sort(array, length, sizeof(pid_t), fried_cmppid, NULL);
4479 sort(array, length, sizeof(pid_t), cmppid, NULL);
4480 if (type == CGROUP_FILE_PROCS)
4481 length = pidlist_uniq(array, length);
4483 l = cgroup_pidlist_find_create(cgrp, type);
4485 pidlist_free(array);
4489 /* store array, freeing old if necessary */
4490 pidlist_free(l->list);
4498 * cgroupstats_build - build and fill cgroupstats
4499 * @stats: cgroupstats to fill information into
4500 * @dentry: A dentry entry belonging to the cgroup for which stats have
4503 * Build and fill cgroupstats so that taskstats can export it to user
4506 int cgroupstats_build(struct cgroupstats *stats, struct dentry *dentry)
4508 struct kernfs_node *kn = kernfs_node_from_dentry(dentry);
4509 struct cgroup *cgrp;
4510 struct css_task_iter it;
4511 struct task_struct *tsk;
4513 /* it should be kernfs_node belonging to cgroupfs and is a directory */
4514 if (dentry->d_sb->s_type != &cgroup_fs_type || !kn ||
4515 kernfs_type(kn) != KERNFS_DIR)
4518 mutex_lock(&cgroup_mutex);
4521 * We aren't being called from kernfs and there's no guarantee on
4522 * @kn->priv's validity. For this and css_tryget_online_from_dir(),
4523 * @kn->priv is RCU safe. Let's do the RCU dancing.
4526 cgrp = rcu_dereference(kn->priv);
4527 if (!cgrp || cgroup_is_dead(cgrp)) {
4529 mutex_unlock(&cgroup_mutex);
4534 css_task_iter_start(&cgrp->self, &it);
4535 while ((tsk = css_task_iter_next(&it))) {
4536 switch (tsk->state) {
4538 stats->nr_running++;
4540 case TASK_INTERRUPTIBLE:
4541 stats->nr_sleeping++;
4543 case TASK_UNINTERRUPTIBLE:
4544 stats->nr_uninterruptible++;
4547 stats->nr_stopped++;
4550 if (delayacct_is_task_waiting_on_io(tsk))
4551 stats->nr_io_wait++;
4555 css_task_iter_end(&it);
4557 mutex_unlock(&cgroup_mutex);
4563 * seq_file methods for the tasks/procs files. The seq_file position is the
4564 * next pid to display; the seq_file iterator is a pointer to the pid
4565 * in the cgroup->l->list array.
4568 static void *cgroup_pidlist_start(struct seq_file *s, loff_t *pos)
4571 * Initially we receive a position value that corresponds to
4572 * one more than the last pid shown (or 0 on the first call or
4573 * after a seek to the start). Use a binary-search to find the
4574 * next pid to display, if any
4576 struct kernfs_open_file *of = s->private;
4577 struct cgroup *cgrp = seq_css(s)->cgroup;
4578 struct cgroup_pidlist *l;
4579 enum cgroup_filetype type = seq_cft(s)->private;
4580 int index = 0, pid = *pos;
4583 mutex_lock(&cgrp->pidlist_mutex);
4586 * !NULL @of->priv indicates that this isn't the first start()
4587 * after open. If the matching pidlist is around, we can use that.
4588 * Look for it. Note that @of->priv can't be used directly. It
4589 * could already have been destroyed.
4592 of->priv = cgroup_pidlist_find(cgrp, type);
4595 * Either this is the first start() after open or the matching
4596 * pidlist has been destroyed inbetween. Create a new one.
4599 ret = pidlist_array_load(cgrp, type,
4600 (struct cgroup_pidlist **)&of->priv);
4602 return ERR_PTR(ret);
4607 int end = l->length;
4609 while (index < end) {
4610 int mid = (index + end) / 2;
4611 if (cgroup_pid_fry(cgrp, l->list[mid]) == pid) {
4614 } else if (cgroup_pid_fry(cgrp, l->list[mid]) <= pid)
4620 /* If we're off the end of the array, we're done */
4621 if (index >= l->length)
4623 /* Update the abstract position to be the actual pid that we found */
4624 iter = l->list + index;
4625 *pos = cgroup_pid_fry(cgrp, *iter);
4629 static void cgroup_pidlist_stop(struct seq_file *s, void *v)
4631 struct kernfs_open_file *of = s->private;
4632 struct cgroup_pidlist *l = of->priv;
4635 mod_delayed_work(cgroup_pidlist_destroy_wq, &l->destroy_dwork,
4636 CGROUP_PIDLIST_DESTROY_DELAY);
4637 mutex_unlock(&seq_css(s)->cgroup->pidlist_mutex);
4640 static void *cgroup_pidlist_next(struct seq_file *s, void *v, loff_t *pos)
4642 struct kernfs_open_file *of = s->private;
4643 struct cgroup_pidlist *l = of->priv;
4645 pid_t *end = l->list + l->length;
4647 * Advance to the next pid in the array. If this goes off the
4654 *pos = cgroup_pid_fry(seq_css(s)->cgroup, *p);
4659 static int cgroup_pidlist_show(struct seq_file *s, void *v)
4661 seq_printf(s, "%d\n", *(int *)v);
4666 static u64 cgroup_read_notify_on_release(struct cgroup_subsys_state *css,
4669 return notify_on_release(css->cgroup);
4672 static int cgroup_write_notify_on_release(struct cgroup_subsys_state *css,
4673 struct cftype *cft, u64 val)
4676 set_bit(CGRP_NOTIFY_ON_RELEASE, &css->cgroup->flags);
4678 clear_bit(CGRP_NOTIFY_ON_RELEASE, &css->cgroup->flags);
4682 static u64 cgroup_clone_children_read(struct cgroup_subsys_state *css,
4685 return test_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4688 static int cgroup_clone_children_write(struct cgroup_subsys_state *css,
4689 struct cftype *cft, u64 val)
4692 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4694 clear_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4698 /* cgroup core interface files for the default hierarchy */
4699 static struct cftype cgroup_dfl_base_files[] = {
4701 .name = "cgroup.procs",
4702 .file_offset = offsetof(struct cgroup, procs_file),
4703 .seq_start = cgroup_pidlist_start,
4704 .seq_next = cgroup_pidlist_next,
4705 .seq_stop = cgroup_pidlist_stop,
4706 .seq_show = cgroup_pidlist_show,
4707 .private = CGROUP_FILE_PROCS,
4708 .write = cgroup_procs_write,
4711 .name = "cgroup.controllers",
4712 .seq_show = cgroup_controllers_show,
4715 .name = "cgroup.subtree_control",
4716 .seq_show = cgroup_subtree_control_show,
4717 .write = cgroup_subtree_control_write,
4720 .name = "cgroup.events",
4721 .flags = CFTYPE_NOT_ON_ROOT,
4722 .file_offset = offsetof(struct cgroup, events_file),
4723 .seq_show = cgroup_events_show,
4728 /* cgroup core interface files for the legacy hierarchies */
4729 static struct cftype cgroup_legacy_base_files[] = {
4731 .name = "cgroup.procs",
4732 .seq_start = cgroup_pidlist_start,
4733 .seq_next = cgroup_pidlist_next,
4734 .seq_stop = cgroup_pidlist_stop,
4735 .seq_show = cgroup_pidlist_show,
4736 .private = CGROUP_FILE_PROCS,
4737 .write = cgroup_procs_write,
4740 .name = "cgroup.clone_children",
4741 .read_u64 = cgroup_clone_children_read,
4742 .write_u64 = cgroup_clone_children_write,
4745 .name = "cgroup.sane_behavior",
4746 .flags = CFTYPE_ONLY_ON_ROOT,
4747 .seq_show = cgroup_sane_behavior_show,
4751 .seq_start = cgroup_pidlist_start,
4752 .seq_next = cgroup_pidlist_next,
4753 .seq_stop = cgroup_pidlist_stop,
4754 .seq_show = cgroup_pidlist_show,
4755 .private = CGROUP_FILE_TASKS,
4756 .write = cgroup_tasks_write,
4759 .name = "notify_on_release",
4760 .read_u64 = cgroup_read_notify_on_release,
4761 .write_u64 = cgroup_write_notify_on_release,
4764 .name = "release_agent",
4765 .flags = CFTYPE_ONLY_ON_ROOT,
4766 .seq_show = cgroup_release_agent_show,
4767 .write = cgroup_release_agent_write,
4768 .max_write_len = PATH_MAX - 1,
4774 * css destruction is four-stage process.
4776 * 1. Destruction starts. Killing of the percpu_ref is initiated.
4777 * Implemented in kill_css().
4779 * 2. When the percpu_ref is confirmed to be visible as killed on all CPUs
4780 * and thus css_tryget_online() is guaranteed to fail, the css can be
4781 * offlined by invoking offline_css(). After offlining, the base ref is
4782 * put. Implemented in css_killed_work_fn().
4784 * 3. When the percpu_ref reaches zero, the only possible remaining
4785 * accessors are inside RCU read sections. css_release() schedules the
4788 * 4. After the grace period, the css can be freed. Implemented in
4789 * css_free_work_fn().
4791 * It is actually hairier because both step 2 and 4 require process context
4792 * and thus involve punting to css->destroy_work adding two additional
4793 * steps to the already complex sequence.
4795 static void css_free_work_fn(struct work_struct *work)
4797 struct cgroup_subsys_state *css =
4798 container_of(work, struct cgroup_subsys_state, destroy_work);
4799 struct cgroup_subsys *ss = css->ss;
4800 struct cgroup *cgrp = css->cgroup;
4802 percpu_ref_exit(&css->refcnt);
4806 struct cgroup_subsys_state *parent = css->parent;
4810 cgroup_idr_remove(&ss->css_idr, id);
4816 /* cgroup free path */
4817 atomic_dec(&cgrp->root->nr_cgrps);
4818 cgroup_pidlist_destroy_all(cgrp);
4819 cancel_work_sync(&cgrp->release_agent_work);
4821 if (cgroup_parent(cgrp)) {
4823 * We get a ref to the parent, and put the ref when
4824 * this cgroup is being freed, so it's guaranteed
4825 * that the parent won't be destroyed before its
4828 cgroup_put(cgroup_parent(cgrp));
4829 kernfs_put(cgrp->kn);
4833 * This is root cgroup's refcnt reaching zero,
4834 * which indicates that the root should be
4837 cgroup_destroy_root(cgrp->root);
4842 static void css_free_rcu_fn(struct rcu_head *rcu_head)
4844 struct cgroup_subsys_state *css =
4845 container_of(rcu_head, struct cgroup_subsys_state, rcu_head);
4847 INIT_WORK(&css->destroy_work, css_free_work_fn);
4848 queue_work(cgroup_destroy_wq, &css->destroy_work);
4851 static void css_release_work_fn(struct work_struct *work)
4853 struct cgroup_subsys_state *css =
4854 container_of(work, struct cgroup_subsys_state, destroy_work);
4855 struct cgroup_subsys *ss = css->ss;
4856 struct cgroup *cgrp = css->cgroup;
4858 mutex_lock(&cgroup_mutex);
4860 css->flags |= CSS_RELEASED;
4861 list_del_rcu(&css->sibling);
4864 /* css release path */
4865 cgroup_idr_replace(&ss->css_idr, NULL, css->id);
4866 if (ss->css_released)
4867 ss->css_released(css);
4869 /* cgroup release path */
4870 cgroup_idr_remove(&cgrp->root->cgroup_idr, cgrp->id);
4874 * There are two control paths which try to determine
4875 * cgroup from dentry without going through kernfs -
4876 * cgroupstats_build() and css_tryget_online_from_dir().
4877 * Those are supported by RCU protecting clearing of
4878 * cgrp->kn->priv backpointer.
4881 RCU_INIT_POINTER(*(void __rcu __force **)&cgrp->kn->priv,
4885 mutex_unlock(&cgroup_mutex);
4887 call_rcu(&css->rcu_head, css_free_rcu_fn);
4890 static void css_release(struct percpu_ref *ref)
4892 struct cgroup_subsys_state *css =
4893 container_of(ref, struct cgroup_subsys_state, refcnt);
4895 INIT_WORK(&css->destroy_work, css_release_work_fn);
4896 queue_work(cgroup_destroy_wq, &css->destroy_work);
4899 static void init_and_link_css(struct cgroup_subsys_state *css,
4900 struct cgroup_subsys *ss, struct cgroup *cgrp)
4902 lockdep_assert_held(&cgroup_mutex);
4906 memset(css, 0, sizeof(*css));
4909 INIT_LIST_HEAD(&css->sibling);
4910 INIT_LIST_HEAD(&css->children);
4911 css->serial_nr = css_serial_nr_next++;
4912 atomic_set(&css->online_cnt, 0);
4914 if (cgroup_parent(cgrp)) {
4915 css->parent = cgroup_css(cgroup_parent(cgrp), ss);
4916 css_get(css->parent);
4919 BUG_ON(cgroup_css(cgrp, ss));
4922 /* invoke ->css_online() on a new CSS and mark it online if successful */
4923 static int online_css(struct cgroup_subsys_state *css)
4925 struct cgroup_subsys *ss = css->ss;
4928 lockdep_assert_held(&cgroup_mutex);
4931 ret = ss->css_online(css);
4933 css->flags |= CSS_ONLINE;
4934 rcu_assign_pointer(css->cgroup->subsys[ss->id], css);
4936 atomic_inc(&css->online_cnt);
4938 atomic_inc(&css->parent->online_cnt);
4943 /* if the CSS is online, invoke ->css_offline() on it and mark it offline */
4944 static void offline_css(struct cgroup_subsys_state *css)
4946 struct cgroup_subsys *ss = css->ss;
4948 lockdep_assert_held(&cgroup_mutex);
4950 if (!(css->flags & CSS_ONLINE))
4956 if (ss->css_offline)
4957 ss->css_offline(css);
4959 css->flags &= ~CSS_ONLINE;
4960 RCU_INIT_POINTER(css->cgroup->subsys[ss->id], NULL);
4962 wake_up_all(&css->cgroup->offline_waitq);
4966 * css_create - create a cgroup_subsys_state
4967 * @cgrp: the cgroup new css will be associated with
4968 * @ss: the subsys of new css
4970 * Create a new css associated with @cgrp - @ss pair. On success, the new
4971 * css is online and installed in @cgrp. This function doesn't create the
4972 * interface files. Returns 0 on success, -errno on failure.
4974 static struct cgroup_subsys_state *css_create(struct cgroup *cgrp,
4975 struct cgroup_subsys *ss)
4977 struct cgroup *parent = cgroup_parent(cgrp);
4978 struct cgroup_subsys_state *parent_css = cgroup_css(parent, ss);
4979 struct cgroup_subsys_state *css;
4982 lockdep_assert_held(&cgroup_mutex);
4984 css = ss->css_alloc(parent_css);
4988 init_and_link_css(css, ss, cgrp);
4990 err = percpu_ref_init(&css->refcnt, css_release, 0, GFP_KERNEL);
4994 err = cgroup_idr_alloc(&ss->css_idr, NULL, 2, 0, GFP_KERNEL);
4996 goto err_free_percpu_ref;
4999 /* @css is ready to be brought online now, make it visible */
5000 list_add_tail_rcu(&css->sibling, &parent_css->children);
5001 cgroup_idr_replace(&ss->css_idr, css, css->id);
5003 err = online_css(css);
5007 if (ss->broken_hierarchy && !ss->warned_broken_hierarchy &&
5008 cgroup_parent(parent)) {
5009 pr_warn("%s (%d) created nested cgroup for controller \"%s\" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.\n",
5010 current->comm, current->pid, ss->name);
5011 if (!strcmp(ss->name, "memory"))
5012 pr_warn("\"memory\" requires setting use_hierarchy to 1 on the root\n");
5013 ss->warned_broken_hierarchy = true;
5019 list_del_rcu(&css->sibling);
5020 cgroup_idr_remove(&ss->css_idr, css->id);
5021 err_free_percpu_ref:
5022 percpu_ref_exit(&css->refcnt);
5024 call_rcu(&css->rcu_head, css_free_rcu_fn);
5025 return ERR_PTR(err);
5028 static struct cgroup *cgroup_create(struct cgroup *parent)
5030 struct cgroup_root *root = parent->root;
5031 struct cgroup *cgrp, *tcgrp;
5032 int level = parent->level + 1;
5035 /* allocate the cgroup and its ID, 0 is reserved for the root */
5036 cgrp = kzalloc(sizeof(*cgrp) +
5037 sizeof(cgrp->ancestor_ids[0]) * (level + 1), GFP_KERNEL);
5039 return ERR_PTR(-ENOMEM);
5041 ret = percpu_ref_init(&cgrp->self.refcnt, css_release, 0, GFP_KERNEL);
5046 * Temporarily set the pointer to NULL, so idr_find() won't return
5047 * a half-baked cgroup.
5049 cgrp->id = cgroup_idr_alloc(&root->cgroup_idr, NULL, 2, 0, GFP_KERNEL);
5052 goto out_cancel_ref;
5055 init_cgroup_housekeeping(cgrp);
5057 cgrp->self.parent = &parent->self;
5059 cgrp->level = level;
5061 for (tcgrp = cgrp; tcgrp; tcgrp = cgroup_parent(tcgrp))
5062 cgrp->ancestor_ids[tcgrp->level] = tcgrp->id;
5064 if (notify_on_release(parent))
5065 set_bit(CGRP_NOTIFY_ON_RELEASE, &cgrp->flags);
5067 if (test_bit(CGRP_CPUSET_CLONE_CHILDREN, &parent->flags))
5068 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &cgrp->flags);
5070 cgrp->self.serial_nr = css_serial_nr_next++;
5072 /* allocation complete, commit to creation */
5073 list_add_tail_rcu(&cgrp->self.sibling, &cgroup_parent(cgrp)->self.children);
5074 atomic_inc(&root->nr_cgrps);
5078 * @cgrp is now fully operational. If something fails after this
5079 * point, it'll be released via the normal destruction path.
5081 cgroup_idr_replace(&root->cgroup_idr, cgrp, cgrp->id);
5084 * On the default hierarchy, a child doesn't automatically inherit
5085 * subtree_control from the parent. Each is configured manually.
5087 if (!cgroup_on_dfl(cgrp))
5088 cgrp->subtree_control = cgroup_control(cgrp);
5090 cgroup_propagate_control(cgrp);
5092 /* @cgrp doesn't have dir yet so the following will only create csses */
5093 ret = cgroup_apply_control_enable(cgrp);
5100 percpu_ref_exit(&cgrp->self.refcnt);
5103 return ERR_PTR(ret);
5105 cgroup_destroy_locked(cgrp);
5106 return ERR_PTR(ret);
5109 static int cgroup_mkdir(struct kernfs_node *parent_kn, const char *name,
5112 struct cgroup *parent, *cgrp;
5113 struct kernfs_node *kn;
5116 /* do not accept '\n' to prevent making /proc/<pid>/cgroup unparsable */
5117 if (strchr(name, '\n'))
5120 parent = cgroup_kn_lock_live(parent_kn, false);
5124 cgrp = cgroup_create(parent);
5126 ret = PTR_ERR(cgrp);
5130 /* create the directory */
5131 kn = kernfs_create_dir(parent->kn, name, mode, cgrp);
5139 * This extra ref will be put in cgroup_free_fn() and guarantees
5140 * that @cgrp->kn is always accessible.
5144 ret = cgroup_kn_set_ugid(kn);
5148 ret = css_populate_dir(&cgrp->self);
5152 ret = cgroup_apply_control_enable(cgrp);
5156 /* let's create and online css's */
5157 kernfs_activate(kn);
5163 cgroup_destroy_locked(cgrp);
5165 cgroup_kn_unlock(parent_kn);
5170 * This is called when the refcnt of a css is confirmed to be killed.
5171 * css_tryget_online() is now guaranteed to fail. Tell the subsystem to
5172 * initate destruction and put the css ref from kill_css().
5174 static void css_killed_work_fn(struct work_struct *work)
5176 struct cgroup_subsys_state *css =
5177 container_of(work, struct cgroup_subsys_state, destroy_work);
5179 mutex_lock(&cgroup_mutex);
5184 /* @css can't go away while we're holding cgroup_mutex */
5186 } while (css && atomic_dec_and_test(&css->online_cnt));
5188 mutex_unlock(&cgroup_mutex);
5191 /* css kill confirmation processing requires process context, bounce */
5192 static void css_killed_ref_fn(struct percpu_ref *ref)
5194 struct cgroup_subsys_state *css =
5195 container_of(ref, struct cgroup_subsys_state, refcnt);
5197 if (atomic_dec_and_test(&css->online_cnt)) {
5198 INIT_WORK(&css->destroy_work, css_killed_work_fn);
5199 queue_work(cgroup_destroy_wq, &css->destroy_work);
5204 * kill_css - destroy a css
5205 * @css: css to destroy
5207 * This function initiates destruction of @css by removing cgroup interface
5208 * files and putting its base reference. ->css_offline() will be invoked
5209 * asynchronously once css_tryget_online() is guaranteed to fail and when
5210 * the reference count reaches zero, @css will be released.
5212 static void kill_css(struct cgroup_subsys_state *css)
5214 lockdep_assert_held(&cgroup_mutex);
5217 * This must happen before css is disassociated with its cgroup.
5218 * See seq_css() for details.
5223 * Killing would put the base ref, but we need to keep it alive
5224 * until after ->css_offline().
5229 * cgroup core guarantees that, by the time ->css_offline() is
5230 * invoked, no new css reference will be given out via
5231 * css_tryget_online(). We can't simply call percpu_ref_kill() and
5232 * proceed to offlining css's because percpu_ref_kill() doesn't
5233 * guarantee that the ref is seen as killed on all CPUs on return.
5235 * Use percpu_ref_kill_and_confirm() to get notifications as each
5236 * css is confirmed to be seen as killed on all CPUs.
5238 percpu_ref_kill_and_confirm(&css->refcnt, css_killed_ref_fn);
5242 * cgroup_destroy_locked - the first stage of cgroup destruction
5243 * @cgrp: cgroup to be destroyed
5245 * css's make use of percpu refcnts whose killing latency shouldn't be
5246 * exposed to userland and are RCU protected. Also, cgroup core needs to
5247 * guarantee that css_tryget_online() won't succeed by the time
5248 * ->css_offline() is invoked. To satisfy all the requirements,
5249 * destruction is implemented in the following two steps.
5251 * s1. Verify @cgrp can be destroyed and mark it dying. Remove all
5252 * userland visible parts and start killing the percpu refcnts of
5253 * css's. Set up so that the next stage will be kicked off once all
5254 * the percpu refcnts are confirmed to be killed.
5256 * s2. Invoke ->css_offline(), mark the cgroup dead and proceed with the
5257 * rest of destruction. Once all cgroup references are gone, the
5258 * cgroup is RCU-freed.
5260 * This function implements s1. After this step, @cgrp is gone as far as
5261 * the userland is concerned and a new cgroup with the same name may be
5262 * created. As cgroup doesn't care about the names internally, this
5263 * doesn't cause any problem.
5265 static int cgroup_destroy_locked(struct cgroup *cgrp)
5266 __releases(&cgroup_mutex) __acquires(&cgroup_mutex)
5268 struct cgroup_subsys_state *css;
5269 struct cgrp_cset_link *link;
5272 lockdep_assert_held(&cgroup_mutex);
5275 * Only migration can raise populated from zero and we're already
5276 * holding cgroup_mutex.
5278 if (cgroup_is_populated(cgrp))
5282 * Make sure there's no live children. We can't test emptiness of
5283 * ->self.children as dead children linger on it while being
5284 * drained; otherwise, "rmdir parent/child parent" may fail.
5286 if (css_has_online_children(&cgrp->self))
5290 * Mark @cgrp and the associated csets dead. The former prevents
5291 * further task migration and child creation by disabling
5292 * cgroup_lock_live_group(). The latter makes the csets ignored by
5293 * the migration path.
5295 cgrp->self.flags &= ~CSS_ONLINE;
5297 spin_lock_bh(&css_set_lock);
5298 list_for_each_entry(link, &cgrp->cset_links, cset_link)
5299 link->cset->dead = true;
5300 spin_unlock_bh(&css_set_lock);
5302 /* initiate massacre of all css's */
5303 for_each_css(css, ssid, cgrp)
5307 * Remove @cgrp directory along with the base files. @cgrp has an
5308 * extra ref on its kn.
5310 kernfs_remove(cgrp->kn);
5312 check_for_release(cgroup_parent(cgrp));
5314 /* put the base reference */
5315 percpu_ref_kill(&cgrp->self.refcnt);
5320 static int cgroup_rmdir(struct kernfs_node *kn)
5322 struct cgroup *cgrp;
5325 cgrp = cgroup_kn_lock_live(kn, false);
5329 ret = cgroup_destroy_locked(cgrp);
5331 cgroup_kn_unlock(kn);
5335 static struct kernfs_syscall_ops cgroup_kf_syscall_ops = {
5336 .remount_fs = cgroup_remount,
5337 .show_options = cgroup_show_options,
5338 .mkdir = cgroup_mkdir,
5339 .rmdir = cgroup_rmdir,
5340 .rename = cgroup_rename,
5343 static void __init cgroup_init_subsys(struct cgroup_subsys *ss, bool early)
5345 struct cgroup_subsys_state *css;
5347 pr_debug("Initializing cgroup subsys %s\n", ss->name);
5349 mutex_lock(&cgroup_mutex);
5351 idr_init(&ss->css_idr);
5352 INIT_LIST_HEAD(&ss->cfts);
5354 /* Create the root cgroup state for this subsystem */
5355 ss->root = &cgrp_dfl_root;
5356 css = ss->css_alloc(cgroup_css(&cgrp_dfl_root.cgrp, ss));
5357 /* We don't handle early failures gracefully */
5358 BUG_ON(IS_ERR(css));
5359 init_and_link_css(css, ss, &cgrp_dfl_root.cgrp);
5362 * Root csses are never destroyed and we can't initialize
5363 * percpu_ref during early init. Disable refcnting.
5365 css->flags |= CSS_NO_REF;
5368 /* allocation can't be done safely during early init */
5371 css->id = cgroup_idr_alloc(&ss->css_idr, css, 1, 2, GFP_KERNEL);
5372 BUG_ON(css->id < 0);
5375 /* Update the init_css_set to contain a subsys
5376 * pointer to this state - since the subsystem is
5377 * newly registered, all tasks and hence the
5378 * init_css_set is in the subsystem's root cgroup. */
5379 init_css_set.subsys[ss->id] = css;
5381 have_fork_callback |= (bool)ss->fork << ss->id;
5382 have_exit_callback |= (bool)ss->exit << ss->id;
5383 have_free_callback |= (bool)ss->free << ss->id;
5384 have_canfork_callback |= (bool)ss->can_fork << ss->id;
5386 /* At system boot, before all subsystems have been
5387 * registered, no tasks have been forked, so we don't
5388 * need to invoke fork callbacks here. */
5389 BUG_ON(!list_empty(&init_task.tasks));
5391 BUG_ON(online_css(css));
5393 mutex_unlock(&cgroup_mutex);
5397 * cgroup_init_early - cgroup initialization at system boot
5399 * Initialize cgroups at system boot, and initialize any
5400 * subsystems that request early init.
5402 int __init cgroup_init_early(void)
5404 static struct cgroup_sb_opts __initdata opts;
5405 struct cgroup_subsys *ss;
5408 init_cgroup_root(&cgrp_dfl_root, &opts);
5409 cgrp_dfl_root.cgrp.self.flags |= CSS_NO_REF;
5411 RCU_INIT_POINTER(init_task.cgroups, &init_css_set);
5413 for_each_subsys(ss, i) {
5414 WARN(!ss->css_alloc || !ss->css_free || ss->name || ss->id,
5415 "invalid cgroup_subsys %d:%s css_alloc=%p css_free=%p id:name=%d:%s\n",
5416 i, cgroup_subsys_name[i], ss->css_alloc, ss->css_free,
5418 WARN(strlen(cgroup_subsys_name[i]) > MAX_CGROUP_TYPE_NAMELEN,
5419 "cgroup_subsys_name %s too long\n", cgroup_subsys_name[i]);
5422 ss->name = cgroup_subsys_name[i];
5423 if (!ss->legacy_name)
5424 ss->legacy_name = cgroup_subsys_name[i];
5427 cgroup_init_subsys(ss, true);
5432 static u16 cgroup_disable_mask __initdata;
5435 * cgroup_init - cgroup initialization
5437 * Register cgroup filesystem and /proc file, and initialize
5438 * any subsystems that didn't request early init.
5440 int __init cgroup_init(void)
5442 struct cgroup_subsys *ss;
5445 BUILD_BUG_ON(CGROUP_SUBSYS_COUNT > 16);
5446 BUG_ON(percpu_init_rwsem(&cgroup_threadgroup_rwsem));
5447 BUG_ON(cgroup_init_cftypes(NULL, cgroup_dfl_base_files));
5448 BUG_ON(cgroup_init_cftypes(NULL, cgroup_legacy_base_files));
5450 mutex_lock(&cgroup_mutex);
5453 * Add init_css_set to the hash table so that dfl_root can link to
5456 hash_add(css_set_table, &init_css_set.hlist,
5457 css_set_hash(init_css_set.subsys));
5459 BUG_ON(cgroup_setup_root(&cgrp_dfl_root, 0));
5461 mutex_unlock(&cgroup_mutex);
5463 for_each_subsys(ss, ssid) {
5464 if (ss->early_init) {
5465 struct cgroup_subsys_state *css =
5466 init_css_set.subsys[ss->id];
5468 css->id = cgroup_idr_alloc(&ss->css_idr, css, 1, 2,
5470 BUG_ON(css->id < 0);
5472 cgroup_init_subsys(ss, false);
5475 list_add_tail(&init_css_set.e_cset_node[ssid],
5476 &cgrp_dfl_root.cgrp.e_csets[ssid]);
5479 * Setting dfl_root subsys_mask needs to consider the
5480 * disabled flag and cftype registration needs kmalloc,
5481 * both of which aren't available during early_init.
5483 if (cgroup_disable_mask & (1 << ssid)) {
5484 static_branch_disable(cgroup_subsys_enabled_key[ssid]);
5485 printk(KERN_INFO "Disabling %s control group subsystem\n",
5490 if (cgroup_ssid_no_v1(ssid))
5491 printk(KERN_INFO "Disabling %s control group subsystem in v1 mounts\n",
5494 cgrp_dfl_root.subsys_mask |= 1 << ss->id;
5496 if (ss->implicit_on_dfl)
5497 cgrp_dfl_implicit_ss_mask |= 1 << ss->id;
5498 else if (!ss->dfl_cftypes)
5499 cgrp_dfl_inhibit_ss_mask |= 1 << ss->id;
5501 if (ss->dfl_cftypes == ss->legacy_cftypes) {
5502 WARN_ON(cgroup_add_cftypes(ss, ss->dfl_cftypes));
5504 WARN_ON(cgroup_add_dfl_cftypes(ss, ss->dfl_cftypes));
5505 WARN_ON(cgroup_add_legacy_cftypes(ss, ss->legacy_cftypes));
5509 ss->bind(init_css_set.subsys[ssid]);
5512 /* init_css_set.subsys[] has been updated, re-hash */
5513 hash_del(&init_css_set.hlist);
5514 hash_add(css_set_table, &init_css_set.hlist,
5515 css_set_hash(init_css_set.subsys));
5517 WARN_ON(sysfs_create_mount_point(fs_kobj, "cgroup"));
5518 WARN_ON(register_filesystem(&cgroup_fs_type));
5519 WARN_ON(register_filesystem(&cgroup2_fs_type));
5520 WARN_ON(!proc_create("cgroups", 0, NULL, &proc_cgroupstats_operations));
5525 static int __init cgroup_wq_init(void)
5528 * There isn't much point in executing destruction path in
5529 * parallel. Good chunk is serialized with cgroup_mutex anyway.
5530 * Use 1 for @max_active.
5532 * We would prefer to do this in cgroup_init() above, but that
5533 * is called before init_workqueues(): so leave this until after.
5535 cgroup_destroy_wq = alloc_workqueue("cgroup_destroy", 0, 1);
5536 BUG_ON(!cgroup_destroy_wq);
5539 * Used to destroy pidlists and separate to serve as flush domain.
5540 * Cap @max_active to 1 too.
5542 cgroup_pidlist_destroy_wq = alloc_workqueue("cgroup_pidlist_destroy",
5544 BUG_ON(!cgroup_pidlist_destroy_wq);
5548 core_initcall(cgroup_wq_init);
5551 * proc_cgroup_show()
5552 * - Print task's cgroup paths into seq_file, one line for each hierarchy
5553 * - Used for /proc/<pid>/cgroup.
5555 int proc_cgroup_show(struct seq_file *m, struct pid_namespace *ns,
5556 struct pid *pid, struct task_struct *tsk)
5560 struct cgroup_root *root;
5563 buf = kmalloc(PATH_MAX, GFP_KERNEL);
5567 mutex_lock(&cgroup_mutex);
5568 spin_lock_bh(&css_set_lock);
5570 for_each_root(root) {
5571 struct cgroup_subsys *ss;
5572 struct cgroup *cgrp;
5573 int ssid, count = 0;
5575 if (root == &cgrp_dfl_root && !cgrp_dfl_visible)
5578 seq_printf(m, "%d:", root->hierarchy_id);
5579 if (root != &cgrp_dfl_root)
5580 for_each_subsys(ss, ssid)
5581 if (root->subsys_mask & (1 << ssid))
5582 seq_printf(m, "%s%s", count++ ? "," : "",
5584 if (strlen(root->name))
5585 seq_printf(m, "%sname=%s", count ? "," : "",
5589 cgrp = task_cgroup_from_root(tsk, root);
5592 * On traditional hierarchies, all zombie tasks show up as
5593 * belonging to the root cgroup. On the default hierarchy,
5594 * while a zombie doesn't show up in "cgroup.procs" and
5595 * thus can't be migrated, its /proc/PID/cgroup keeps
5596 * reporting the cgroup it belonged to before exiting. If
5597 * the cgroup is removed before the zombie is reaped,
5598 * " (deleted)" is appended to the cgroup path.
5600 if (cgroup_on_dfl(cgrp) || !(tsk->flags & PF_EXITING)) {
5601 path = cgroup_path(cgrp, buf, PATH_MAX);
5603 retval = -ENAMETOOLONG;
5612 if (cgroup_on_dfl(cgrp) && cgroup_is_dead(cgrp))
5613 seq_puts(m, " (deleted)\n");
5620 spin_unlock_bh(&css_set_lock);
5621 mutex_unlock(&cgroup_mutex);
5627 /* Display information about each subsystem and each hierarchy */
5628 static int proc_cgroupstats_show(struct seq_file *m, void *v)
5630 struct cgroup_subsys *ss;
5633 seq_puts(m, "#subsys_name\thierarchy\tnum_cgroups\tenabled\n");
5635 * ideally we don't want subsystems moving around while we do this.
5636 * cgroup_mutex is also necessary to guarantee an atomic snapshot of
5637 * subsys/hierarchy state.
5639 mutex_lock(&cgroup_mutex);
5641 for_each_subsys(ss, i)
5642 seq_printf(m, "%s\t%d\t%d\t%d\n",
5643 ss->legacy_name, ss->root->hierarchy_id,
5644 atomic_read(&ss->root->nr_cgrps),
5645 cgroup_ssid_enabled(i));
5647 mutex_unlock(&cgroup_mutex);
5651 static int cgroupstats_open(struct inode *inode, struct file *file)
5653 return single_open(file, proc_cgroupstats_show, NULL);
5656 static const struct file_operations proc_cgroupstats_operations = {
5657 .open = cgroupstats_open,
5659 .llseek = seq_lseek,
5660 .release = single_release,
5664 * cgroup_fork - initialize cgroup related fields during copy_process()
5665 * @child: pointer to task_struct of forking parent process.
5667 * A task is associated with the init_css_set until cgroup_post_fork()
5668 * attaches it to the parent's css_set. Empty cg_list indicates that
5669 * @child isn't holding reference to its css_set.
5671 void cgroup_fork(struct task_struct *child)
5673 RCU_INIT_POINTER(child->cgroups, &init_css_set);
5674 INIT_LIST_HEAD(&child->cg_list);
5678 * cgroup_can_fork - called on a new task before the process is exposed
5679 * @child: the task in question.
5681 * This calls the subsystem can_fork() callbacks. If the can_fork() callback
5682 * returns an error, the fork aborts with that error code. This allows for
5683 * a cgroup subsystem to conditionally allow or deny new forks.
5685 int cgroup_can_fork(struct task_struct *child)
5687 struct cgroup_subsys *ss;
5690 do_each_subsys_mask(ss, i, have_canfork_callback) {
5691 ret = ss->can_fork(child);
5694 } while_each_subsys_mask();
5699 for_each_subsys(ss, j) {
5702 if (ss->cancel_fork)
5703 ss->cancel_fork(child);
5710 * cgroup_cancel_fork - called if a fork failed after cgroup_can_fork()
5711 * @child: the task in question
5713 * This calls the cancel_fork() callbacks if a fork failed *after*
5714 * cgroup_can_fork() succeded.
5716 void cgroup_cancel_fork(struct task_struct *child)
5718 struct cgroup_subsys *ss;
5721 for_each_subsys(ss, i)
5722 if (ss->cancel_fork)
5723 ss->cancel_fork(child);
5727 * cgroup_post_fork - called on a new task after adding it to the task list
5728 * @child: the task in question
5730 * Adds the task to the list running through its css_set if necessary and
5731 * call the subsystem fork() callbacks. Has to be after the task is
5732 * visible on the task list in case we race with the first call to
5733 * cgroup_task_iter_start() - to guarantee that the new task ends up on its
5736 void cgroup_post_fork(struct task_struct *child)
5738 struct cgroup_subsys *ss;
5742 * This may race against cgroup_enable_task_cg_lists(). As that
5743 * function sets use_task_css_set_links before grabbing
5744 * tasklist_lock and we just went through tasklist_lock to add
5745 * @child, it's guaranteed that either we see the set
5746 * use_task_css_set_links or cgroup_enable_task_cg_lists() sees
5747 * @child during its iteration.
5749 * If we won the race, @child is associated with %current's
5750 * css_set. Grabbing css_set_lock guarantees both that the
5751 * association is stable, and, on completion of the parent's
5752 * migration, @child is visible in the source of migration or
5753 * already in the destination cgroup. This guarantee is necessary
5754 * when implementing operations which need to migrate all tasks of
5755 * a cgroup to another.
5757 * Note that if we lose to cgroup_enable_task_cg_lists(), @child
5758 * will remain in init_css_set. This is safe because all tasks are
5759 * in the init_css_set before cg_links is enabled and there's no
5760 * operation which transfers all tasks out of init_css_set.
5762 if (use_task_css_set_links) {
5763 struct css_set *cset;
5765 spin_lock_bh(&css_set_lock);
5766 cset = task_css_set(current);
5767 if (list_empty(&child->cg_list)) {
5769 css_set_move_task(child, NULL, cset, false);
5771 spin_unlock_bh(&css_set_lock);
5775 * Call ss->fork(). This must happen after @child is linked on
5776 * css_set; otherwise, @child might change state between ->fork()
5777 * and addition to css_set.
5779 do_each_subsys_mask(ss, i, have_fork_callback) {
5781 } while_each_subsys_mask();
5785 * cgroup_exit - detach cgroup from exiting task
5786 * @tsk: pointer to task_struct of exiting process
5788 * Description: Detach cgroup from @tsk and release it.
5790 * Note that cgroups marked notify_on_release force every task in
5791 * them to take the global cgroup_mutex mutex when exiting.
5792 * This could impact scaling on very large systems. Be reluctant to
5793 * use notify_on_release cgroups where very high task exit scaling
5794 * is required on large systems.
5796 * We set the exiting tasks cgroup to the root cgroup (top_cgroup). We
5797 * call cgroup_exit() while the task is still competent to handle
5798 * notify_on_release(), then leave the task attached to the root cgroup in
5799 * each hierarchy for the remainder of its exit. No need to bother with
5800 * init_css_set refcnting. init_css_set never goes away and we can't race
5801 * with migration path - PF_EXITING is visible to migration path.
5803 void cgroup_exit(struct task_struct *tsk)
5805 struct cgroup_subsys *ss;
5806 struct css_set *cset;
5810 * Unlink from @tsk from its css_set. As migration path can't race
5811 * with us, we can check css_set and cg_list without synchronization.
5813 cset = task_css_set(tsk);
5815 if (!list_empty(&tsk->cg_list)) {
5816 spin_lock_bh(&css_set_lock);
5817 css_set_move_task(tsk, cset, NULL, false);
5818 spin_unlock_bh(&css_set_lock);
5823 /* see cgroup_post_fork() for details */
5824 do_each_subsys_mask(ss, i, have_exit_callback) {
5826 } while_each_subsys_mask();
5829 void cgroup_free(struct task_struct *task)
5831 struct css_set *cset = task_css_set(task);
5832 struct cgroup_subsys *ss;
5835 do_each_subsys_mask(ss, ssid, have_free_callback) {
5837 } while_each_subsys_mask();
5842 static void check_for_release(struct cgroup *cgrp)
5844 if (notify_on_release(cgrp) && !cgroup_is_populated(cgrp) &&
5845 !css_has_online_children(&cgrp->self) && !cgroup_is_dead(cgrp))
5846 schedule_work(&cgrp->release_agent_work);
5850 * Notify userspace when a cgroup is released, by running the
5851 * configured release agent with the name of the cgroup (path
5852 * relative to the root of cgroup file system) as the argument.
5854 * Most likely, this user command will try to rmdir this cgroup.
5856 * This races with the possibility that some other task will be
5857 * attached to this cgroup before it is removed, or that some other
5858 * user task will 'mkdir' a child cgroup of this cgroup. That's ok.
5859 * The presumed 'rmdir' will fail quietly if this cgroup is no longer
5860 * unused, and this cgroup will be reprieved from its death sentence,
5861 * to continue to serve a useful existence. Next time it's released,
5862 * we will get notified again, if it still has 'notify_on_release' set.
5864 * The final arg to call_usermodehelper() is UMH_WAIT_EXEC, which
5865 * means only wait until the task is successfully execve()'d. The
5866 * separate release agent task is forked by call_usermodehelper(),
5867 * then control in this thread returns here, without waiting for the
5868 * release agent task. We don't bother to wait because the caller of
5869 * this routine has no use for the exit status of the release agent
5870 * task, so no sense holding our caller up for that.
5872 static void cgroup_release_agent(struct work_struct *work)
5874 struct cgroup *cgrp =
5875 container_of(work, struct cgroup, release_agent_work);
5876 char *pathbuf = NULL, *agentbuf = NULL, *path;
5877 char *argv[3], *envp[3];
5879 mutex_lock(&cgroup_mutex);
5881 pathbuf = kmalloc(PATH_MAX, GFP_KERNEL);
5882 agentbuf = kstrdup(cgrp->root->release_agent_path, GFP_KERNEL);
5883 if (!pathbuf || !agentbuf)
5886 path = cgroup_path(cgrp, pathbuf, PATH_MAX);
5894 /* minimal command environment */
5896 envp[1] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
5899 mutex_unlock(&cgroup_mutex);
5900 call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
5903 mutex_unlock(&cgroup_mutex);
5909 static int __init cgroup_disable(char *str)
5911 struct cgroup_subsys *ss;
5915 while ((token = strsep(&str, ",")) != NULL) {
5919 for_each_subsys(ss, i) {
5920 if (strcmp(token, ss->name) &&
5921 strcmp(token, ss->legacy_name))
5923 cgroup_disable_mask |= 1 << i;
5928 __setup("cgroup_disable=", cgroup_disable);
5930 static int __init cgroup_no_v1(char *str)
5932 struct cgroup_subsys *ss;
5936 while ((token = strsep(&str, ",")) != NULL) {
5940 if (!strcmp(token, "all")) {
5941 cgroup_no_v1_mask = U16_MAX;
5945 for_each_subsys(ss, i) {
5946 if (strcmp(token, ss->name) &&
5947 strcmp(token, ss->legacy_name))
5950 cgroup_no_v1_mask |= 1 << i;
5955 __setup("cgroup_no_v1=", cgroup_no_v1);
5958 * css_tryget_online_from_dir - get corresponding css from a cgroup dentry
5959 * @dentry: directory dentry of interest
5960 * @ss: subsystem of interest
5962 * If @dentry is a directory for a cgroup which has @ss enabled on it, try
5963 * to get the corresponding css and return it. If such css doesn't exist
5964 * or can't be pinned, an ERR_PTR value is returned.
5966 struct cgroup_subsys_state *css_tryget_online_from_dir(struct dentry *dentry,
5967 struct cgroup_subsys *ss)
5969 struct kernfs_node *kn = kernfs_node_from_dentry(dentry);
5970 struct file_system_type *s_type = dentry->d_sb->s_type;
5971 struct cgroup_subsys_state *css = NULL;
5972 struct cgroup *cgrp;
5974 /* is @dentry a cgroup dir? */
5975 if ((s_type != &cgroup_fs_type && s_type != &cgroup2_fs_type) ||
5976 !kn || kernfs_type(kn) != KERNFS_DIR)
5977 return ERR_PTR(-EBADF);
5982 * This path doesn't originate from kernfs and @kn could already
5983 * have been or be removed at any point. @kn->priv is RCU
5984 * protected for this access. See css_release_work_fn() for details.
5986 cgrp = rcu_dereference(kn->priv);
5988 css = cgroup_css(cgrp, ss);
5990 if (!css || !css_tryget_online(css))
5991 css = ERR_PTR(-ENOENT);
5998 * css_from_id - lookup css by id
5999 * @id: the cgroup id
6000 * @ss: cgroup subsys to be looked into
6002 * Returns the css if there's valid one with @id, otherwise returns NULL.
6003 * Should be called under rcu_read_lock().
6005 struct cgroup_subsys_state *css_from_id(int id, struct cgroup_subsys *ss)
6007 WARN_ON_ONCE(!rcu_read_lock_held());
6008 return id > 0 ? idr_find(&ss->css_idr, id) : NULL;
6012 * cgroup_get_from_path - lookup and get a cgroup from its default hierarchy path
6013 * @path: path on the default hierarchy
6015 * Find the cgroup at @path on the default hierarchy, increment its
6016 * reference count and return it. Returns pointer to the found cgroup on
6017 * success, ERR_PTR(-ENOENT) if @path doens't exist and ERR_PTR(-ENOTDIR)
6018 * if @path points to a non-directory.
6020 struct cgroup *cgroup_get_from_path(const char *path)
6022 struct kernfs_node *kn;
6023 struct cgroup *cgrp;
6025 mutex_lock(&cgroup_mutex);
6027 kn = kernfs_walk_and_get(cgrp_dfl_root.cgrp.kn, path);
6029 if (kernfs_type(kn) == KERNFS_DIR) {
6033 cgrp = ERR_PTR(-ENOTDIR);
6037 cgrp = ERR_PTR(-ENOENT);
6040 mutex_unlock(&cgroup_mutex);
6043 EXPORT_SYMBOL_GPL(cgroup_get_from_path);
6046 * sock->sk_cgrp_data handling. For more info, see sock_cgroup_data
6047 * definition in cgroup-defs.h.
6049 #ifdef CONFIG_SOCK_CGROUP_DATA
6051 #if defined(CONFIG_CGROUP_NET_PRIO) || defined(CONFIG_CGROUP_NET_CLASSID)
6053 DEFINE_SPINLOCK(cgroup_sk_update_lock);
6054 static bool cgroup_sk_alloc_disabled __read_mostly;
6056 void cgroup_sk_alloc_disable(void)
6058 if (cgroup_sk_alloc_disabled)
6060 pr_info("cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation\n");
6061 cgroup_sk_alloc_disabled = true;
6066 #define cgroup_sk_alloc_disabled false
6070 void cgroup_sk_alloc(struct sock_cgroup_data *skcd)
6072 if (cgroup_sk_alloc_disabled)
6078 struct css_set *cset;
6080 cset = task_css_set(current);
6081 if (likely(cgroup_tryget(cset->dfl_cgrp))) {
6082 skcd->val = (unsigned long)cset->dfl_cgrp;
6091 void cgroup_sk_free(struct sock_cgroup_data *skcd)
6093 cgroup_put(sock_cgroup_ptr(skcd));
6096 #endif /* CONFIG_SOCK_CGROUP_DATA */
6098 #ifdef CONFIG_CGROUP_DEBUG
6099 static struct cgroup_subsys_state *
6100 debug_css_alloc(struct cgroup_subsys_state *parent_css)
6102 struct cgroup_subsys_state *css = kzalloc(sizeof(*css), GFP_KERNEL);
6105 return ERR_PTR(-ENOMEM);
6110 static void debug_css_free(struct cgroup_subsys_state *css)
6115 static u64 debug_taskcount_read(struct cgroup_subsys_state *css,
6118 return cgroup_task_count(css->cgroup);
6121 static u64 current_css_set_read(struct cgroup_subsys_state *css,
6124 return (u64)(unsigned long)current->cgroups;
6127 static u64 current_css_set_refcount_read(struct cgroup_subsys_state *css,
6133 count = atomic_read(&task_css_set(current)->refcount);
6138 static int current_css_set_cg_links_read(struct seq_file *seq, void *v)
6140 struct cgrp_cset_link *link;
6141 struct css_set *cset;
6144 name_buf = kmalloc(NAME_MAX + 1, GFP_KERNEL);
6148 spin_lock_bh(&css_set_lock);
6150 cset = rcu_dereference(current->cgroups);
6151 list_for_each_entry(link, &cset->cgrp_links, cgrp_link) {
6152 struct cgroup *c = link->cgrp;
6154 cgroup_name(c, name_buf, NAME_MAX + 1);
6155 seq_printf(seq, "Root %d group %s\n",
6156 c->root->hierarchy_id, name_buf);
6159 spin_unlock_bh(&css_set_lock);
6164 #define MAX_TASKS_SHOWN_PER_CSS 25
6165 static int cgroup_css_links_read(struct seq_file *seq, void *v)
6167 struct cgroup_subsys_state *css = seq_css(seq);
6168 struct cgrp_cset_link *link;
6170 spin_lock_bh(&css_set_lock);
6171 list_for_each_entry(link, &css->cgroup->cset_links, cset_link) {
6172 struct css_set *cset = link->cset;
6173 struct task_struct *task;
6176 seq_printf(seq, "css_set %p\n", cset);
6178 list_for_each_entry(task, &cset->tasks, cg_list) {
6179 if (count++ > MAX_TASKS_SHOWN_PER_CSS)
6181 seq_printf(seq, " task %d\n", task_pid_vnr(task));
6184 list_for_each_entry(task, &cset->mg_tasks, cg_list) {
6185 if (count++ > MAX_TASKS_SHOWN_PER_CSS)
6187 seq_printf(seq, " task %d\n", task_pid_vnr(task));
6191 seq_puts(seq, " ...\n");
6193 spin_unlock_bh(&css_set_lock);
6197 static u64 releasable_read(struct cgroup_subsys_state *css, struct cftype *cft)
6199 return (!cgroup_is_populated(css->cgroup) &&
6200 !css_has_online_children(&css->cgroup->self));
6203 static struct cftype debug_files[] = {
6205 .name = "taskcount",
6206 .read_u64 = debug_taskcount_read,
6210 .name = "current_css_set",
6211 .read_u64 = current_css_set_read,
6215 .name = "current_css_set_refcount",
6216 .read_u64 = current_css_set_refcount_read,
6220 .name = "current_css_set_cg_links",
6221 .seq_show = current_css_set_cg_links_read,
6225 .name = "cgroup_css_links",
6226 .seq_show = cgroup_css_links_read,
6230 .name = "releasable",
6231 .read_u64 = releasable_read,
6237 struct cgroup_subsys debug_cgrp_subsys = {
6238 .css_alloc = debug_css_alloc,
6239 .css_free = debug_css_free,
6240 .legacy_cftypes = debug_files,
6242 #endif /* CONFIG_CGROUP_DEBUG */
projects / cascardo / linux.git / blob