2 * Generic process-grouping system.
4 * Based originally on the cpuset system, extracted by Paul Menage
5 * Copyright (C) 2006 Google, Inc
7 * Notifications support
8 * Copyright (C) 2009 Nokia Corporation
9 * Author: Kirill A. Shutemov
11 * Copyright notices from the original cpuset code:
12 * --------------------------------------------------
13 * Copyright (C) 2003 BULL SA.
14 * Copyright (C) 2004-2006 Silicon Graphics, Inc.
16 * Portions derived from Patrick Mochel's sysfs code.
17 * sysfs is Copyright (c) 2001-3 Patrick Mochel
19 * 2003-10-10 Written by Simon Derr.
20 * 2003-10-22 Updates by Stephen Hemminger.
21 * 2004 May-July Rework by Paul Jackson.
22 * ---------------------------------------------------
24 * This file is subject to the terms and conditions of the GNU General Public
25 * License. See the file COPYING in the main directory of the Linux
26 * distribution for more details.
29 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
31 #include <linux/cgroup.h>
32 #include <linux/cred.h>
33 #include <linux/ctype.h>
34 #include <linux/errno.h>
35 #include <linux/init_task.h>
36 #include <linux/kernel.h>
37 #include <linux/list.h>
38 #include <linux/magic.h>
40 #include <linux/mutex.h>
41 #include <linux/mount.h>
42 #include <linux/pagemap.h>
43 #include <linux/proc_fs.h>
44 #include <linux/rcupdate.h>
45 #include <linux/sched.h>
46 #include <linux/slab.h>
47 #include <linux/spinlock.h>
48 #include <linux/percpu-rwsem.h>
49 #include <linux/string.h>
50 #include <linux/sort.h>
51 #include <linux/kmod.h>
52 #include <linux/delayacct.h>
53 #include <linux/cgroupstats.h>
54 #include <linux/hashtable.h>
55 #include <linux/pid_namespace.h>
56 #include <linux/idr.h>
57 #include <linux/vmalloc.h> /* TODO: replace with more sophisticated array */
58 #include <linux/kthread.h>
59 #include <linux/delay.h>
60 #include <linux/atomic.h>
61 #include <linux/cpuset.h>
65 * pidlists linger the following amount before being destroyed. The goal
66 * is avoiding frequent destruction in the middle of consecutive read calls
67 * Expiring in the middle is a performance problem not a correctness one.
68 * 1 sec should be enough.
70 #define CGROUP_PIDLIST_DESTROY_DELAY HZ
72 #define CGROUP_FILE_NAME_MAX (MAX_CGROUP_TYPE_NAMELEN + \
76 * cgroup_mutex is the master lock. Any modification to cgroup or its
77 * hierarchy must be performed while holding it.
79 * css_set_lock protects task->cgroups pointer, the list of css_set
80 * objects, and the chain of tasks off each css_set.
82 * These locks are exported if CONFIG_PROVE_RCU so that accessors in
83 * cgroup.h can use them for lockdep annotations.
85 #ifdef CONFIG_PROVE_RCU
86 DEFINE_MUTEX(cgroup_mutex);
87 DEFINE_SPINLOCK(css_set_lock);
88 EXPORT_SYMBOL_GPL(cgroup_mutex);
89 EXPORT_SYMBOL_GPL(css_set_lock);
91 static DEFINE_MUTEX(cgroup_mutex);
92 static DEFINE_SPINLOCK(css_set_lock);
96 * Protects cgroup_idr and css_idr so that IDs can be released without
97 * grabbing cgroup_mutex.
99 static DEFINE_SPINLOCK(cgroup_idr_lock);
102 * Protects cgroup_file->kn for !self csses. It synchronizes notifications
103 * against file removal/re-creation across css hiding.
105 static DEFINE_SPINLOCK(cgroup_file_kn_lock);
108 * Protects cgroup_subsys->release_agent_path. Modifying it also requires
109 * cgroup_mutex. Reading requires either cgroup_mutex or this spinlock.
111 static DEFINE_SPINLOCK(release_agent_path_lock);
113 struct percpu_rw_semaphore cgroup_threadgroup_rwsem;
115 #define cgroup_assert_mutex_or_rcu_locked() \
116 RCU_LOCKDEP_WARN(!rcu_read_lock_held() && \
117 !lockdep_is_held(&cgroup_mutex), \
118 "cgroup_mutex or RCU read lock required");
121 * cgroup destruction makes heavy use of work items and there can be a lot
122 * of concurrent destructions. Use a separate workqueue so that cgroup
123 * destruction work items don't end up filling up max_active of system_wq
124 * which may lead to deadlock.
126 static struct workqueue_struct *cgroup_destroy_wq;
129 * pidlist destructions need to be flushed on cgroup destruction. Use a
130 * separate workqueue as flush domain.
132 static struct workqueue_struct *cgroup_pidlist_destroy_wq;
134 /* generate an array of cgroup subsystem pointers */
135 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys,
136 static struct cgroup_subsys *cgroup_subsys[] = {
137 #include <linux/cgroup_subsys.h>
141 /* array of cgroup subsystem names */
142 #define SUBSYS(_x) [_x ## _cgrp_id] = #_x,
143 static const char *cgroup_subsys_name[] = {
144 #include <linux/cgroup_subsys.h>
148 /* array of static_keys for cgroup_subsys_enabled() and cgroup_subsys_on_dfl() */
150 DEFINE_STATIC_KEY_TRUE(_x ## _cgrp_subsys_enabled_key); \
151 DEFINE_STATIC_KEY_TRUE(_x ## _cgrp_subsys_on_dfl_key); \
152 EXPORT_SYMBOL_GPL(_x ## _cgrp_subsys_enabled_key); \
153 EXPORT_SYMBOL_GPL(_x ## _cgrp_subsys_on_dfl_key);
154 #include <linux/cgroup_subsys.h>
157 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys_enabled_key,
158 static struct static_key_true *cgroup_subsys_enabled_key[] = {
159 #include <linux/cgroup_subsys.h>
163 #define SUBSYS(_x) [_x ## _cgrp_id] = &_x ## _cgrp_subsys_on_dfl_key,
164 static struct static_key_true *cgroup_subsys_on_dfl_key[] = {
165 #include <linux/cgroup_subsys.h>
170 * The default hierarchy, reserved for the subsystems that are otherwise
171 * unattached - it never has more than a single cgroup, and all tasks are
172 * part of that cgroup.
174 struct cgroup_root cgrp_dfl_root;
175 EXPORT_SYMBOL_GPL(cgrp_dfl_root);
178 * The default hierarchy always exists but is hidden until mounted for the
179 * first time. This is for backward compatibility.
181 static bool cgrp_dfl_visible;
183 /* Controllers blocked by the commandline in v1 */
184 static u16 cgroup_no_v1_mask;
186 /* some controllers are not supported in the default hierarchy */
187 static u16 cgrp_dfl_inhibit_ss_mask;
189 /* The list of hierarchy roots */
191 static LIST_HEAD(cgroup_roots);
192 static int cgroup_root_count;
194 /* hierarchy ID allocation and mapping, protected by cgroup_mutex */
195 static DEFINE_IDR(cgroup_hierarchy_idr);
198 * Assign a monotonically increasing serial number to csses. It guarantees
199 * cgroups with bigger numbers are newer than those with smaller numbers.
200 * Also, as csses are always appended to the parent's ->children list, it
201 * guarantees that sibling csses are always sorted in the ascending serial
202 * number order on the list. Protected by cgroup_mutex.
204 static u64 css_serial_nr_next = 1;
207 * These bitmask flags indicate whether tasks in the fork and exit paths have
208 * fork/exit handlers to call. This avoids us having to do extra work in the
209 * fork/exit path to check which subsystems have fork/exit callbacks.
211 static u16 have_fork_callback __read_mostly;
212 static u16 have_exit_callback __read_mostly;
213 static u16 have_free_callback __read_mostly;
215 /* Ditto for the can_fork callback. */
216 static u16 have_canfork_callback __read_mostly;
218 static struct file_system_type cgroup2_fs_type;
219 static struct cftype cgroup_dfl_base_files[];
220 static struct cftype cgroup_legacy_base_files[];
222 static int rebind_subsystems(struct cgroup_root *dst_root, u16 ss_mask);
223 static void cgroup_lock_and_drain_offline(struct cgroup *cgrp);
224 static int cgroup_apply_control(struct cgroup *cgrp);
225 static void cgroup_finalize_control(struct cgroup *cgrp, int ret);
226 static void css_task_iter_advance(struct css_task_iter *it);
227 static int cgroup_destroy_locked(struct cgroup *cgrp);
228 static struct cgroup_subsys_state *css_create(struct cgroup *cgrp,
229 struct cgroup_subsys *ss);
230 static void css_release(struct percpu_ref *ref);
231 static void kill_css(struct cgroup_subsys_state *css);
232 static int cgroup_addrm_files(struct cgroup_subsys_state *css,
233 struct cgroup *cgrp, struct cftype cfts[],
237 * cgroup_ssid_enabled - cgroup subsys enabled test by subsys ID
238 * @ssid: subsys ID of interest
240 * cgroup_subsys_enabled() can only be used with literal subsys names which
241 * is fine for individual subsystems but unsuitable for cgroup core. This
242 * is slower static_key_enabled() based test indexed by @ssid.
244 static bool cgroup_ssid_enabled(int ssid)
246 return static_key_enabled(cgroup_subsys_enabled_key[ssid]);
249 static bool cgroup_ssid_no_v1(int ssid)
251 return cgroup_no_v1_mask & (1 << ssid);
255 * cgroup_on_dfl - test whether a cgroup is on the default hierarchy
256 * @cgrp: the cgroup of interest
258 * The default hierarchy is the v2 interface of cgroup and this function
259 * can be used to test whether a cgroup is on the default hierarchy for
260 * cases where a subsystem should behave differnetly depending on the
263 * The set of behaviors which change on the default hierarchy are still
264 * being determined and the mount option is prefixed with __DEVEL__.
266 * List of changed behaviors:
268 * - Mount options "noprefix", "xattr", "clone_children", "release_agent"
269 * and "name" are disallowed.
271 * - When mounting an existing superblock, mount options should match.
273 * - Remount is disallowed.
275 * - rename(2) is disallowed.
277 * - "tasks" is removed. Everything should be at process granularity. Use
278 * "cgroup.procs" instead.
280 * - "cgroup.procs" is not sorted. pids will be unique unless they got
281 * recycled inbetween reads.
283 * - "release_agent" and "notify_on_release" are removed. Replacement
284 * notification mechanism will be implemented.
286 * - "cgroup.clone_children" is removed.
288 * - "cgroup.subtree_populated" is available. Its value is 0 if the cgroup
289 * and its descendants contain no task; otherwise, 1. The file also
290 * generates kernfs notification which can be monitored through poll and
291 * [di]notify when the value of the file changes.
293 * - cpuset: tasks will be kept in empty cpusets when hotplug happens and
294 * take masks of ancestors with non-empty cpus/mems, instead of being
295 * moved to an ancestor.
297 * - cpuset: a task can be moved into an empty cpuset, and again it takes
298 * masks of ancestors.
300 * - memcg: use_hierarchy is on by default and the cgroup file for the flag
303 * - blkcg: blk-throttle becomes properly hierarchical.
305 * - debug: disallowed on the default hierarchy.
307 static bool cgroup_on_dfl(const struct cgroup *cgrp)
309 return cgrp->root == &cgrp_dfl_root;
312 /* IDR wrappers which synchronize using cgroup_idr_lock */
313 static int cgroup_idr_alloc(struct idr *idr, void *ptr, int start, int end,
318 idr_preload(gfp_mask);
319 spin_lock_bh(&cgroup_idr_lock);
320 ret = idr_alloc(idr, ptr, start, end, gfp_mask & ~__GFP_DIRECT_RECLAIM);
321 spin_unlock_bh(&cgroup_idr_lock);
326 static void *cgroup_idr_replace(struct idr *idr, void *ptr, int id)
330 spin_lock_bh(&cgroup_idr_lock);
331 ret = idr_replace(idr, ptr, id);
332 spin_unlock_bh(&cgroup_idr_lock);
336 static void cgroup_idr_remove(struct idr *idr, int id)
338 spin_lock_bh(&cgroup_idr_lock);
340 spin_unlock_bh(&cgroup_idr_lock);
343 static struct cgroup *cgroup_parent(struct cgroup *cgrp)
345 struct cgroup_subsys_state *parent_css = cgrp->self.parent;
348 return container_of(parent_css, struct cgroup, self);
352 /* subsystems visibly enabled on a cgroup */
353 static u16 cgroup_control(struct cgroup *cgrp)
355 struct cgroup *parent = cgroup_parent(cgrp);
356 u16 root_ss_mask = cgrp->root->subsys_mask;
359 return parent->subtree_control;
361 if (cgroup_on_dfl(cgrp))
362 root_ss_mask &= ~cgrp_dfl_inhibit_ss_mask;
367 /* subsystems enabled on a cgroup */
368 static u16 cgroup_ss_mask(struct cgroup *cgrp)
370 struct cgroup *parent = cgroup_parent(cgrp);
373 return parent->subtree_ss_mask;
375 return cgrp->root->subsys_mask;
379 * cgroup_css - obtain a cgroup's css for the specified subsystem
380 * @cgrp: the cgroup of interest
381 * @ss: the subsystem of interest (%NULL returns @cgrp->self)
383 * Return @cgrp's css (cgroup_subsys_state) associated with @ss. This
384 * function must be called either under cgroup_mutex or rcu_read_lock() and
385 * the caller is responsible for pinning the returned css if it wants to
386 * keep accessing it outside the said locks. This function may return
387 * %NULL if @cgrp doesn't have @subsys_id enabled.
389 static struct cgroup_subsys_state *cgroup_css(struct cgroup *cgrp,
390 struct cgroup_subsys *ss)
393 return rcu_dereference_check(cgrp->subsys[ss->id],
394 lockdep_is_held(&cgroup_mutex));
400 * cgroup_e_css - obtain a cgroup's effective css for the specified subsystem
401 * @cgrp: the cgroup of interest
402 * @ss: the subsystem of interest (%NULL returns @cgrp->self)
404 * Similar to cgroup_css() but returns the effective css, which is defined
405 * as the matching css of the nearest ancestor including self which has @ss
406 * enabled. If @ss is associated with the hierarchy @cgrp is on, this
407 * function is guaranteed to return non-NULL css.
409 static struct cgroup_subsys_state *cgroup_e_css(struct cgroup *cgrp,
410 struct cgroup_subsys *ss)
412 lockdep_assert_held(&cgroup_mutex);
418 * This function is used while updating css associations and thus
419 * can't test the csses directly. Test ss_mask.
421 while (!(cgroup_ss_mask(cgrp) & (1 << ss->id))) {
422 cgrp = cgroup_parent(cgrp);
427 return cgroup_css(cgrp, ss);
431 * cgroup_get_e_css - get a cgroup's effective css for the specified subsystem
432 * @cgrp: the cgroup of interest
433 * @ss: the subsystem of interest
435 * Find and get the effective css of @cgrp for @ss. The effective css is
436 * defined as the matching css of the nearest ancestor including self which
437 * has @ss enabled. If @ss is not mounted on the hierarchy @cgrp is on,
438 * the root css is returned, so this function always returns a valid css.
439 * The returned css must be put using css_put().
441 struct cgroup_subsys_state *cgroup_get_e_css(struct cgroup *cgrp,
442 struct cgroup_subsys *ss)
444 struct cgroup_subsys_state *css;
449 css = cgroup_css(cgrp, ss);
451 if (css && css_tryget_online(css))
453 cgrp = cgroup_parent(cgrp);
456 css = init_css_set.subsys[ss->id];
463 /* convenient tests for these bits */
464 static inline bool cgroup_is_dead(const struct cgroup *cgrp)
466 return !(cgrp->self.flags & CSS_ONLINE);
469 static void cgroup_get(struct cgroup *cgrp)
471 WARN_ON_ONCE(cgroup_is_dead(cgrp));
472 css_get(&cgrp->self);
475 static bool cgroup_tryget(struct cgroup *cgrp)
477 return css_tryget(&cgrp->self);
480 struct cgroup_subsys_state *of_css(struct kernfs_open_file *of)
482 struct cgroup *cgrp = of->kn->parent->priv;
483 struct cftype *cft = of_cft(of);
486 * This is open and unprotected implementation of cgroup_css().
487 * seq_css() is only called from a kernfs file operation which has
488 * an active reference on the file. Because all the subsystem
489 * files are drained before a css is disassociated with a cgroup,
490 * the matching css from the cgroup's subsys table is guaranteed to
491 * be and stay valid until the enclosing operation is complete.
494 return rcu_dereference_raw(cgrp->subsys[cft->ss->id]);
498 EXPORT_SYMBOL_GPL(of_css);
500 static int notify_on_release(const struct cgroup *cgrp)
502 return test_bit(CGRP_NOTIFY_ON_RELEASE, &cgrp->flags);
506 * for_each_css - iterate all css's of a cgroup
507 * @css: the iteration cursor
508 * @ssid: the index of the subsystem, CGROUP_SUBSYS_COUNT after reaching the end
509 * @cgrp: the target cgroup to iterate css's of
511 * Should be called under cgroup_[tree_]mutex.
513 #define for_each_css(css, ssid, cgrp) \
514 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT; (ssid)++) \
515 if (!((css) = rcu_dereference_check( \
516 (cgrp)->subsys[(ssid)], \
517 lockdep_is_held(&cgroup_mutex)))) { } \
521 * for_each_e_css - iterate all effective css's of a cgroup
522 * @css: the iteration cursor
523 * @ssid: the index of the subsystem, CGROUP_SUBSYS_COUNT after reaching the end
524 * @cgrp: the target cgroup to iterate css's of
526 * Should be called under cgroup_[tree_]mutex.
528 #define for_each_e_css(css, ssid, cgrp) \
529 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT; (ssid)++) \
530 if (!((css) = cgroup_e_css(cgrp, cgroup_subsys[(ssid)]))) \
535 * for_each_subsys - iterate all enabled cgroup subsystems
536 * @ss: the iteration cursor
537 * @ssid: the index of @ss, CGROUP_SUBSYS_COUNT after reaching the end
539 #define for_each_subsys(ss, ssid) \
540 for ((ssid) = 0; (ssid) < CGROUP_SUBSYS_COUNT && \
541 (((ss) = cgroup_subsys[ssid]) || true); (ssid)++)
544 * do_each_subsys_mask - filter for_each_subsys with a bitmask
545 * @ss: the iteration cursor
546 * @ssid: the index of @ss, CGROUP_SUBSYS_COUNT after reaching the end
547 * @ss_mask: the bitmask
549 * The block will only run for cases where the ssid-th bit (1 << ssid) of
552 #define do_each_subsys_mask(ss, ssid, ss_mask) do { \
553 unsigned long __ss_mask = (ss_mask); \
554 if (!CGROUP_SUBSYS_COUNT) { /* to avoid spurious gcc warning */ \
558 for_each_set_bit(ssid, &__ss_mask, CGROUP_SUBSYS_COUNT) { \
559 (ss) = cgroup_subsys[ssid]; \
562 #define while_each_subsys_mask() \
567 /* iterate across the hierarchies */
568 #define for_each_root(root) \
569 list_for_each_entry((root), &cgroup_roots, root_list)
571 /* iterate over child cgrps, lock should be held throughout iteration */
572 #define cgroup_for_each_live_child(child, cgrp) \
573 list_for_each_entry((child), &(cgrp)->self.children, self.sibling) \
574 if (({ lockdep_assert_held(&cgroup_mutex); \
575 cgroup_is_dead(child); })) \
579 /* walk live descendants in preorder */
580 #define cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) \
581 css_for_each_descendant_pre((d_css), cgroup_css((cgrp), NULL)) \
582 if (({ lockdep_assert_held(&cgroup_mutex); \
583 (dsct) = (d_css)->cgroup; \
584 cgroup_is_dead(dsct); })) \
588 /* walk live descendants in postorder */
589 #define cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) \
590 css_for_each_descendant_post((d_css), cgroup_css((cgrp), NULL)) \
591 if (({ lockdep_assert_held(&cgroup_mutex); \
592 (dsct) = (d_css)->cgroup; \
593 cgroup_is_dead(dsct); })) \
597 static void cgroup_release_agent(struct work_struct *work);
598 static void check_for_release(struct cgroup *cgrp);
601 * A cgroup can be associated with multiple css_sets as different tasks may
602 * belong to different cgroups on different hierarchies. In the other
603 * direction, a css_set is naturally associated with multiple cgroups.
604 * This M:N relationship is represented by the following link structure
605 * which exists for each association and allows traversing the associations
608 struct cgrp_cset_link {
609 /* the cgroup and css_set this link associates */
611 struct css_set *cset;
613 /* list of cgrp_cset_links anchored at cgrp->cset_links */
614 struct list_head cset_link;
616 /* list of cgrp_cset_links anchored at css_set->cgrp_links */
617 struct list_head cgrp_link;
621 * The default css_set - used by init and its children prior to any
622 * hierarchies being mounted. It contains a pointer to the root state
623 * for each subsystem. Also used to anchor the list of css_sets. Not
624 * reference-counted, to improve performance when child cgroups
625 * haven't been created.
627 struct css_set init_css_set = {
628 .refcount = ATOMIC_INIT(1),
629 .cgrp_links = LIST_HEAD_INIT(init_css_set.cgrp_links),
630 .tasks = LIST_HEAD_INIT(init_css_set.tasks),
631 .mg_tasks = LIST_HEAD_INIT(init_css_set.mg_tasks),
632 .mg_preload_node = LIST_HEAD_INIT(init_css_set.mg_preload_node),
633 .mg_node = LIST_HEAD_INIT(init_css_set.mg_node),
634 .task_iters = LIST_HEAD_INIT(init_css_set.task_iters),
637 static int css_set_count = 1; /* 1 for init_css_set */
640 * css_set_populated - does a css_set contain any tasks?
641 * @cset: target css_set
643 static bool css_set_populated(struct css_set *cset)
645 lockdep_assert_held(&css_set_lock);
647 return !list_empty(&cset->tasks) || !list_empty(&cset->mg_tasks);
651 * cgroup_update_populated - updated populated count of a cgroup
652 * @cgrp: the target cgroup
653 * @populated: inc or dec populated count
655 * One of the css_sets associated with @cgrp is either getting its first
656 * task or losing the last. Update @cgrp->populated_cnt accordingly. The
657 * count is propagated towards root so that a given cgroup's populated_cnt
658 * is zero iff the cgroup and all its descendants don't contain any tasks.
660 * @cgrp's interface file "cgroup.populated" is zero if
661 * @cgrp->populated_cnt is zero and 1 otherwise. When @cgrp->populated_cnt
662 * changes from or to zero, userland is notified that the content of the
663 * interface file has changed. This can be used to detect when @cgrp and
664 * its descendants become populated or empty.
666 static void cgroup_update_populated(struct cgroup *cgrp, bool populated)
668 lockdep_assert_held(&css_set_lock);
674 trigger = !cgrp->populated_cnt++;
676 trigger = !--cgrp->populated_cnt;
681 check_for_release(cgrp);
682 cgroup_file_notify(&cgrp->events_file);
684 cgrp = cgroup_parent(cgrp);
689 * css_set_update_populated - update populated state of a css_set
690 * @cset: target css_set
691 * @populated: whether @cset is populated or depopulated
693 * @cset is either getting the first task or losing the last. Update the
694 * ->populated_cnt of all associated cgroups accordingly.
696 static void css_set_update_populated(struct css_set *cset, bool populated)
698 struct cgrp_cset_link *link;
700 lockdep_assert_held(&css_set_lock);
702 list_for_each_entry(link, &cset->cgrp_links, cgrp_link)
703 cgroup_update_populated(link->cgrp, populated);
707 * css_set_move_task - move a task from one css_set to another
708 * @task: task being moved
709 * @from_cset: css_set @task currently belongs to (may be NULL)
710 * @to_cset: new css_set @task is being moved to (may be NULL)
711 * @use_mg_tasks: move to @to_cset->mg_tasks instead of ->tasks
713 * Move @task from @from_cset to @to_cset. If @task didn't belong to any
714 * css_set, @from_cset can be NULL. If @task is being disassociated
715 * instead of moved, @to_cset can be NULL.
717 * This function automatically handles populated_cnt updates and
718 * css_task_iter adjustments but the caller is responsible for managing
719 * @from_cset and @to_cset's reference counts.
721 static void css_set_move_task(struct task_struct *task,
722 struct css_set *from_cset, struct css_set *to_cset,
725 lockdep_assert_held(&css_set_lock);
727 if (to_cset && !css_set_populated(to_cset))
728 css_set_update_populated(to_cset, true);
731 struct css_task_iter *it, *pos;
733 WARN_ON_ONCE(list_empty(&task->cg_list));
736 * @task is leaving, advance task iterators which are
737 * pointing to it so that they can resume at the next
738 * position. Advancing an iterator might remove it from
739 * the list, use safe walk. See css_task_iter_advance*()
742 list_for_each_entry_safe(it, pos, &from_cset->task_iters,
744 if (it->task_pos == &task->cg_list)
745 css_task_iter_advance(it);
747 list_del_init(&task->cg_list);
748 if (!css_set_populated(from_cset))
749 css_set_update_populated(from_cset, false);
751 WARN_ON_ONCE(!list_empty(&task->cg_list));
756 * We are synchronized through cgroup_threadgroup_rwsem
757 * against PF_EXITING setting such that we can't race
758 * against cgroup_exit() changing the css_set to
759 * init_css_set and dropping the old one.
761 WARN_ON_ONCE(task->flags & PF_EXITING);
763 rcu_assign_pointer(task->cgroups, to_cset);
764 list_add_tail(&task->cg_list, use_mg_tasks ? &to_cset->mg_tasks :
770 * hash table for cgroup groups. This improves the performance to find
771 * an existing css_set. This hash doesn't (currently) take into
772 * account cgroups in empty hierarchies.
774 #define CSS_SET_HASH_BITS 7
775 static DEFINE_HASHTABLE(css_set_table, CSS_SET_HASH_BITS);
777 static unsigned long css_set_hash(struct cgroup_subsys_state *css[])
779 unsigned long key = 0UL;
780 struct cgroup_subsys *ss;
783 for_each_subsys(ss, i)
784 key += (unsigned long)css[i];
785 key = (key >> 16) ^ key;
790 static void put_css_set_locked(struct css_set *cset)
792 struct cgrp_cset_link *link, *tmp_link;
793 struct cgroup_subsys *ss;
796 lockdep_assert_held(&css_set_lock);
798 if (!atomic_dec_and_test(&cset->refcount))
801 /* This css_set is dead. unlink it and release cgroup and css refs */
802 for_each_subsys(ss, ssid) {
803 list_del(&cset->e_cset_node[ssid]);
804 css_put(cset->subsys[ssid]);
806 hash_del(&cset->hlist);
809 list_for_each_entry_safe(link, tmp_link, &cset->cgrp_links, cgrp_link) {
810 list_del(&link->cset_link);
811 list_del(&link->cgrp_link);
812 if (cgroup_parent(link->cgrp))
813 cgroup_put(link->cgrp);
817 kfree_rcu(cset, rcu_head);
820 static void put_css_set(struct css_set *cset)
823 * Ensure that the refcount doesn't hit zero while any readers
824 * can see it. Similar to atomic_dec_and_lock(), but for an
827 if (atomic_add_unless(&cset->refcount, -1, 1))
830 spin_lock_bh(&css_set_lock);
831 put_css_set_locked(cset);
832 spin_unlock_bh(&css_set_lock);
836 * refcounted get/put for css_set objects
838 static inline void get_css_set(struct css_set *cset)
840 atomic_inc(&cset->refcount);
844 * compare_css_sets - helper function for find_existing_css_set().
845 * @cset: candidate css_set being tested
846 * @old_cset: existing css_set for a task
847 * @new_cgrp: cgroup that's being entered by the task
848 * @template: desired set of css pointers in css_set (pre-calculated)
850 * Returns true if "cset" matches "old_cset" except for the hierarchy
851 * which "new_cgrp" belongs to, for which it should match "new_cgrp".
853 static bool compare_css_sets(struct css_set *cset,
854 struct css_set *old_cset,
855 struct cgroup *new_cgrp,
856 struct cgroup_subsys_state *template[])
858 struct list_head *l1, *l2;
861 * On the default hierarchy, there can be csets which are
862 * associated with the same set of cgroups but different csses.
863 * Let's first ensure that csses match.
865 if (memcmp(template, cset->subsys, sizeof(cset->subsys)))
869 * Compare cgroup pointers in order to distinguish between
870 * different cgroups in hierarchies. As different cgroups may
871 * share the same effective css, this comparison is always
874 l1 = &cset->cgrp_links;
875 l2 = &old_cset->cgrp_links;
877 struct cgrp_cset_link *link1, *link2;
878 struct cgroup *cgrp1, *cgrp2;
882 /* See if we reached the end - both lists are equal length. */
883 if (l1 == &cset->cgrp_links) {
884 BUG_ON(l2 != &old_cset->cgrp_links);
887 BUG_ON(l2 == &old_cset->cgrp_links);
889 /* Locate the cgroups associated with these links. */
890 link1 = list_entry(l1, struct cgrp_cset_link, cgrp_link);
891 link2 = list_entry(l2, struct cgrp_cset_link, cgrp_link);
894 /* Hierarchies should be linked in the same order. */
895 BUG_ON(cgrp1->root != cgrp2->root);
898 * If this hierarchy is the hierarchy of the cgroup
899 * that's changing, then we need to check that this
900 * css_set points to the new cgroup; if it's any other
901 * hierarchy, then this css_set should point to the
902 * same cgroup as the old css_set.
904 if (cgrp1->root == new_cgrp->root) {
905 if (cgrp1 != new_cgrp)
916 * find_existing_css_set - init css array and find the matching css_set
917 * @old_cset: the css_set that we're using before the cgroup transition
918 * @cgrp: the cgroup that we're moving into
919 * @template: out param for the new set of csses, should be clear on entry
921 static struct css_set *find_existing_css_set(struct css_set *old_cset,
923 struct cgroup_subsys_state *template[])
925 struct cgroup_root *root = cgrp->root;
926 struct cgroup_subsys *ss;
927 struct css_set *cset;
932 * Build the set of subsystem state objects that we want to see in the
933 * new css_set. while subsystems can change globally, the entries here
934 * won't change, so no need for locking.
936 for_each_subsys(ss, i) {
937 if (root->subsys_mask & (1UL << i)) {
939 * @ss is in this hierarchy, so we want the
940 * effective css from @cgrp.
942 template[i] = cgroup_e_css(cgrp, ss);
945 * @ss is not in this hierarchy, so we don't want
948 template[i] = old_cset->subsys[i];
952 key = css_set_hash(template);
953 hash_for_each_possible(css_set_table, cset, hlist, key) {
954 if (!compare_css_sets(cset, old_cset, cgrp, template))
957 /* This css_set matches what we need */
961 /* No existing cgroup group matched */
965 static void free_cgrp_cset_links(struct list_head *links_to_free)
967 struct cgrp_cset_link *link, *tmp_link;
969 list_for_each_entry_safe(link, tmp_link, links_to_free, cset_link) {
970 list_del(&link->cset_link);
976 * allocate_cgrp_cset_links - allocate cgrp_cset_links
977 * @count: the number of links to allocate
978 * @tmp_links: list_head the allocated links are put on
980 * Allocate @count cgrp_cset_link structures and chain them on @tmp_links
981 * through ->cset_link. Returns 0 on success or -errno.
983 static int allocate_cgrp_cset_links(int count, struct list_head *tmp_links)
985 struct cgrp_cset_link *link;
988 INIT_LIST_HEAD(tmp_links);
990 for (i = 0; i < count; i++) {
991 link = kzalloc(sizeof(*link), GFP_KERNEL);
993 free_cgrp_cset_links(tmp_links);
996 list_add(&link->cset_link, tmp_links);
1002 * link_css_set - a helper function to link a css_set to a cgroup
1003 * @tmp_links: cgrp_cset_link objects allocated by allocate_cgrp_cset_links()
1004 * @cset: the css_set to be linked
1005 * @cgrp: the destination cgroup
1007 static void link_css_set(struct list_head *tmp_links, struct css_set *cset,
1008 struct cgroup *cgrp)
1010 struct cgrp_cset_link *link;
1012 BUG_ON(list_empty(tmp_links));
1014 if (cgroup_on_dfl(cgrp))
1015 cset->dfl_cgrp = cgrp;
1017 link = list_first_entry(tmp_links, struct cgrp_cset_link, cset_link);
1022 * Always add links to the tail of the lists so that the lists are
1023 * in choronological order.
1025 list_move_tail(&link->cset_link, &cgrp->cset_links);
1026 list_add_tail(&link->cgrp_link, &cset->cgrp_links);
1028 if (cgroup_parent(cgrp))
1033 * find_css_set - return a new css_set with one cgroup updated
1034 * @old_cset: the baseline css_set
1035 * @cgrp: the cgroup to be updated
1037 * Return a new css_set that's equivalent to @old_cset, but with @cgrp
1038 * substituted into the appropriate hierarchy.
1040 static struct css_set *find_css_set(struct css_set *old_cset,
1041 struct cgroup *cgrp)
1043 struct cgroup_subsys_state *template[CGROUP_SUBSYS_COUNT] = { };
1044 struct css_set *cset;
1045 struct list_head tmp_links;
1046 struct cgrp_cset_link *link;
1047 struct cgroup_subsys *ss;
1051 lockdep_assert_held(&cgroup_mutex);
1053 /* First see if we already have a cgroup group that matches
1054 * the desired set */
1055 spin_lock_bh(&css_set_lock);
1056 cset = find_existing_css_set(old_cset, cgrp, template);
1059 spin_unlock_bh(&css_set_lock);
1064 cset = kzalloc(sizeof(*cset), GFP_KERNEL);
1068 /* Allocate all the cgrp_cset_link objects that we'll need */
1069 if (allocate_cgrp_cset_links(cgroup_root_count, &tmp_links) < 0) {
1074 atomic_set(&cset->refcount, 1);
1075 INIT_LIST_HEAD(&cset->cgrp_links);
1076 INIT_LIST_HEAD(&cset->tasks);
1077 INIT_LIST_HEAD(&cset->mg_tasks);
1078 INIT_LIST_HEAD(&cset->mg_preload_node);
1079 INIT_LIST_HEAD(&cset->mg_node);
1080 INIT_LIST_HEAD(&cset->task_iters);
1081 INIT_HLIST_NODE(&cset->hlist);
1083 /* Copy the set of subsystem state objects generated in
1084 * find_existing_css_set() */
1085 memcpy(cset->subsys, template, sizeof(cset->subsys));
1087 spin_lock_bh(&css_set_lock);
1088 /* Add reference counts and links from the new css_set. */
1089 list_for_each_entry(link, &old_cset->cgrp_links, cgrp_link) {
1090 struct cgroup *c = link->cgrp;
1092 if (c->root == cgrp->root)
1094 link_css_set(&tmp_links, cset, c);
1097 BUG_ON(!list_empty(&tmp_links));
1101 /* Add @cset to the hash table */
1102 key = css_set_hash(cset->subsys);
1103 hash_add(css_set_table, &cset->hlist, key);
1105 for_each_subsys(ss, ssid) {
1106 struct cgroup_subsys_state *css = cset->subsys[ssid];
1108 list_add_tail(&cset->e_cset_node[ssid],
1109 &css->cgroup->e_csets[ssid]);
1113 spin_unlock_bh(&css_set_lock);
1118 static struct cgroup_root *cgroup_root_from_kf(struct kernfs_root *kf_root)
1120 struct cgroup *root_cgrp = kf_root->kn->priv;
1122 return root_cgrp->root;
1125 static int cgroup_init_root_id(struct cgroup_root *root)
1129 lockdep_assert_held(&cgroup_mutex);
1131 id = idr_alloc_cyclic(&cgroup_hierarchy_idr, root, 0, 0, GFP_KERNEL);
1135 root->hierarchy_id = id;
1139 static void cgroup_exit_root_id(struct cgroup_root *root)
1141 lockdep_assert_held(&cgroup_mutex);
1143 if (root->hierarchy_id) {
1144 idr_remove(&cgroup_hierarchy_idr, root->hierarchy_id);
1145 root->hierarchy_id = 0;
1149 static void cgroup_free_root(struct cgroup_root *root)
1152 /* hierarchy ID should already have been released */
1153 WARN_ON_ONCE(root->hierarchy_id);
1155 idr_destroy(&root->cgroup_idr);
1160 static void cgroup_destroy_root(struct cgroup_root *root)
1162 struct cgroup *cgrp = &root->cgrp;
1163 struct cgrp_cset_link *link, *tmp_link;
1165 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
1167 BUG_ON(atomic_read(&root->nr_cgrps));
1168 BUG_ON(!list_empty(&cgrp->self.children));
1170 /* Rebind all subsystems back to the default hierarchy */
1171 WARN_ON(rebind_subsystems(&cgrp_dfl_root, root->subsys_mask));
1174 * Release all the links from cset_links to this hierarchy's
1177 spin_lock_bh(&css_set_lock);
1179 list_for_each_entry_safe(link, tmp_link, &cgrp->cset_links, cset_link) {
1180 list_del(&link->cset_link);
1181 list_del(&link->cgrp_link);
1185 spin_unlock_bh(&css_set_lock);
1187 if (!list_empty(&root->root_list)) {
1188 list_del(&root->root_list);
1189 cgroup_root_count--;
1192 cgroup_exit_root_id(root);
1194 mutex_unlock(&cgroup_mutex);
1196 kernfs_destroy_root(root->kf_root);
1197 cgroup_free_root(root);
1200 /* look up cgroup associated with given css_set on the specified hierarchy */
1201 static struct cgroup *cset_cgroup_from_root(struct css_set *cset,
1202 struct cgroup_root *root)
1204 struct cgroup *res = NULL;
1206 lockdep_assert_held(&cgroup_mutex);
1207 lockdep_assert_held(&css_set_lock);
1209 if (cset == &init_css_set) {
1212 struct cgrp_cset_link *link;
1214 list_for_each_entry(link, &cset->cgrp_links, cgrp_link) {
1215 struct cgroup *c = link->cgrp;
1217 if (c->root == root) {
1229 * Return the cgroup for "task" from the given hierarchy. Must be
1230 * called with cgroup_mutex and css_set_lock held.
1232 static struct cgroup *task_cgroup_from_root(struct task_struct *task,
1233 struct cgroup_root *root)
1236 * No need to lock the task - since we hold cgroup_mutex the
1237 * task can't change groups, so the only thing that can happen
1238 * is that it exits and its css is set back to init_css_set.
1240 return cset_cgroup_from_root(task_css_set(task), root);
1244 * A task must hold cgroup_mutex to modify cgroups.
1246 * Any task can increment and decrement the count field without lock.
1247 * So in general, code holding cgroup_mutex can't rely on the count
1248 * field not changing. However, if the count goes to zero, then only
1249 * cgroup_attach_task() can increment it again. Because a count of zero
1250 * means that no tasks are currently attached, therefore there is no
1251 * way a task attached to that cgroup can fork (the other way to
1252 * increment the count). So code holding cgroup_mutex can safely
1253 * assume that if the count is zero, it will stay zero. Similarly, if
1254 * a task holds cgroup_mutex on a cgroup with zero count, it
1255 * knows that the cgroup won't be removed, as cgroup_rmdir()
1258 * A cgroup can only be deleted if both its 'count' of using tasks
1259 * is zero, and its list of 'children' cgroups is empty. Since all
1260 * tasks in the system use _some_ cgroup, and since there is always at
1261 * least one task in the system (init, pid == 1), therefore, root cgroup
1262 * always has either children cgroups and/or using tasks. So we don't
1263 * need a special hack to ensure that root cgroup cannot be deleted.
1265 * P.S. One more locking exception. RCU is used to guard the
1266 * update of a tasks cgroup pointer by cgroup_attach_task()
1269 static struct kernfs_syscall_ops cgroup_kf_syscall_ops;
1270 static const struct file_operations proc_cgroupstats_operations;
1272 static char *cgroup_file_name(struct cgroup *cgrp, const struct cftype *cft,
1275 struct cgroup_subsys *ss = cft->ss;
1277 if (cft->ss && !(cft->flags & CFTYPE_NO_PREFIX) &&
1278 !(cgrp->root->flags & CGRP_ROOT_NOPREFIX))
1279 snprintf(buf, CGROUP_FILE_NAME_MAX, "%s.%s",
1280 cgroup_on_dfl(cgrp) ? ss->name : ss->legacy_name,
1283 strncpy(buf, cft->name, CGROUP_FILE_NAME_MAX);
1288 * cgroup_file_mode - deduce file mode of a control file
1289 * @cft: the control file in question
1291 * S_IRUGO for read, S_IWUSR for write.
1293 static umode_t cgroup_file_mode(const struct cftype *cft)
1297 if (cft->read_u64 || cft->read_s64 || cft->seq_show)
1300 if (cft->write_u64 || cft->write_s64 || cft->write) {
1301 if (cft->flags & CFTYPE_WORLD_WRITABLE)
1311 * cgroup_calc_subtree_ss_mask - calculate subtree_ss_mask
1312 * @subtree_control: the new subtree_control mask to consider
1313 * @this_ss_mask: available subsystems
1315 * On the default hierarchy, a subsystem may request other subsystems to be
1316 * enabled together through its ->depends_on mask. In such cases, more
1317 * subsystems than specified in "cgroup.subtree_control" may be enabled.
1319 * This function calculates which subsystems need to be enabled if
1320 * @subtree_control is to be applied while restricted to @this_ss_mask.
1322 static u16 cgroup_calc_subtree_ss_mask(u16 subtree_control, u16 this_ss_mask)
1324 u16 cur_ss_mask = subtree_control;
1325 struct cgroup_subsys *ss;
1328 lockdep_assert_held(&cgroup_mutex);
1331 u16 new_ss_mask = cur_ss_mask;
1333 do_each_subsys_mask(ss, ssid, cur_ss_mask) {
1334 new_ss_mask |= ss->depends_on;
1335 } while_each_subsys_mask();
1338 * Mask out subsystems which aren't available. This can
1339 * happen only if some depended-upon subsystems were bound
1340 * to non-default hierarchies.
1342 new_ss_mask &= this_ss_mask;
1344 if (new_ss_mask == cur_ss_mask)
1346 cur_ss_mask = new_ss_mask;
1353 * cgroup_kn_unlock - unlocking helper for cgroup kernfs methods
1354 * @kn: the kernfs_node being serviced
1356 * This helper undoes cgroup_kn_lock_live() and should be invoked before
1357 * the method finishes if locking succeeded. Note that once this function
1358 * returns the cgroup returned by cgroup_kn_lock_live() may become
1359 * inaccessible any time. If the caller intends to continue to access the
1360 * cgroup, it should pin it before invoking this function.
1362 static void cgroup_kn_unlock(struct kernfs_node *kn)
1364 struct cgroup *cgrp;
1366 if (kernfs_type(kn) == KERNFS_DIR)
1369 cgrp = kn->parent->priv;
1371 mutex_unlock(&cgroup_mutex);
1373 kernfs_unbreak_active_protection(kn);
1378 * cgroup_kn_lock_live - locking helper for cgroup kernfs methods
1379 * @kn: the kernfs_node being serviced
1380 * @drain_offline: perform offline draining on the cgroup
1382 * This helper is to be used by a cgroup kernfs method currently servicing
1383 * @kn. It breaks the active protection, performs cgroup locking and
1384 * verifies that the associated cgroup is alive. Returns the cgroup if
1385 * alive; otherwise, %NULL. A successful return should be undone by a
1386 * matching cgroup_kn_unlock() invocation. If @drain_offline is %true, the
1387 * cgroup is drained of offlining csses before return.
1389 * Any cgroup kernfs method implementation which requires locking the
1390 * associated cgroup should use this helper. It avoids nesting cgroup
1391 * locking under kernfs active protection and allows all kernfs operations
1392 * including self-removal.
1394 static struct cgroup *cgroup_kn_lock_live(struct kernfs_node *kn,
1397 struct cgroup *cgrp;
1399 if (kernfs_type(kn) == KERNFS_DIR)
1402 cgrp = kn->parent->priv;
1405 * We're gonna grab cgroup_mutex which nests outside kernfs
1406 * active_ref. cgroup liveliness check alone provides enough
1407 * protection against removal. Ensure @cgrp stays accessible and
1408 * break the active_ref protection.
1410 if (!cgroup_tryget(cgrp))
1412 kernfs_break_active_protection(kn);
1415 cgroup_lock_and_drain_offline(cgrp);
1417 mutex_lock(&cgroup_mutex);
1419 if (!cgroup_is_dead(cgrp))
1422 cgroup_kn_unlock(kn);
1426 static void cgroup_rm_file(struct cgroup *cgrp, const struct cftype *cft)
1428 char name[CGROUP_FILE_NAME_MAX];
1430 lockdep_assert_held(&cgroup_mutex);
1432 if (cft->file_offset) {
1433 struct cgroup_subsys_state *css = cgroup_css(cgrp, cft->ss);
1434 struct cgroup_file *cfile = (void *)css + cft->file_offset;
1436 spin_lock_irq(&cgroup_file_kn_lock);
1438 spin_unlock_irq(&cgroup_file_kn_lock);
1441 kernfs_remove_by_name(cgrp->kn, cgroup_file_name(cgrp, cft, name));
1445 * css_clear_dir - remove subsys files in a cgroup directory
1448 static void css_clear_dir(struct cgroup_subsys_state *css)
1450 struct cgroup *cgrp = css->cgroup;
1451 struct cftype *cfts;
1453 if (!(css->flags & CSS_VISIBLE))
1456 css->flags &= ~CSS_VISIBLE;
1458 list_for_each_entry(cfts, &css->ss->cfts, node)
1459 cgroup_addrm_files(css, cgrp, cfts, false);
1463 * css_populate_dir - create subsys files in a cgroup directory
1466 * On failure, no file is added.
1468 static int css_populate_dir(struct cgroup_subsys_state *css)
1470 struct cgroup *cgrp = css->cgroup;
1471 struct cftype *cfts, *failed_cfts;
1474 if ((css->flags & CSS_VISIBLE) || !cgrp->kn)
1478 if (cgroup_on_dfl(cgrp))
1479 cfts = cgroup_dfl_base_files;
1481 cfts = cgroup_legacy_base_files;
1483 return cgroup_addrm_files(&cgrp->self, cgrp, cfts, true);
1486 list_for_each_entry(cfts, &css->ss->cfts, node) {
1487 ret = cgroup_addrm_files(css, cgrp, cfts, true);
1494 css->flags |= CSS_VISIBLE;
1498 list_for_each_entry(cfts, &css->ss->cfts, node) {
1499 if (cfts == failed_cfts)
1501 cgroup_addrm_files(css, cgrp, cfts, false);
1506 static int rebind_subsystems(struct cgroup_root *dst_root, u16 ss_mask)
1508 struct cgroup *dcgrp = &dst_root->cgrp;
1509 struct cgroup_subsys *ss;
1512 lockdep_assert_held(&cgroup_mutex);
1514 do_each_subsys_mask(ss, ssid, ss_mask) {
1515 /* if @ss has non-root csses attached to it, can't move */
1516 if (css_next_child(NULL, cgroup_css(&ss->root->cgrp, ss)))
1519 /* can't move between two non-dummy roots either */
1520 if (ss->root != &cgrp_dfl_root && dst_root != &cgrp_dfl_root)
1522 } while_each_subsys_mask();
1524 do_each_subsys_mask(ss, ssid, ss_mask) {
1525 struct cgroup_root *src_root = ss->root;
1526 struct cgroup *scgrp = &src_root->cgrp;
1527 struct cgroup_subsys_state *css = cgroup_css(scgrp, ss);
1528 struct css_set *cset;
1530 WARN_ON(!css || cgroup_css(dcgrp, ss));
1532 /* disable from the source */
1533 src_root->subsys_mask &= ~(1 << ssid);
1534 WARN_ON(cgroup_apply_control(scgrp));
1535 cgroup_finalize_control(scgrp, 0);
1538 RCU_INIT_POINTER(scgrp->subsys[ssid], NULL);
1539 rcu_assign_pointer(dcgrp->subsys[ssid], css);
1540 ss->root = dst_root;
1541 css->cgroup = dcgrp;
1543 spin_lock_bh(&css_set_lock);
1544 hash_for_each(css_set_table, i, cset, hlist)
1545 list_move_tail(&cset->e_cset_node[ss->id],
1546 &dcgrp->e_csets[ss->id]);
1547 spin_unlock_bh(&css_set_lock);
1549 /* default hierarchy doesn't enable controllers by default */
1550 dst_root->subsys_mask |= 1 << ssid;
1551 if (dst_root == &cgrp_dfl_root) {
1552 static_branch_enable(cgroup_subsys_on_dfl_key[ssid]);
1554 dcgrp->subtree_control |= 1 << ssid;
1555 static_branch_disable(cgroup_subsys_on_dfl_key[ssid]);
1558 ret = cgroup_apply_control(dcgrp);
1560 pr_warn("partial failure to rebind %s controller (err=%d)\n",
1565 } while_each_subsys_mask();
1567 kernfs_activate(dcgrp->kn);
1571 static int cgroup_show_options(struct seq_file *seq,
1572 struct kernfs_root *kf_root)
1574 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
1575 struct cgroup_subsys *ss;
1578 if (root != &cgrp_dfl_root)
1579 for_each_subsys(ss, ssid)
1580 if (root->subsys_mask & (1 << ssid))
1581 seq_show_option(seq, ss->legacy_name, NULL);
1582 if (root->flags & CGRP_ROOT_NOPREFIX)
1583 seq_puts(seq, ",noprefix");
1584 if (root->flags & CGRP_ROOT_XATTR)
1585 seq_puts(seq, ",xattr");
1587 spin_lock(&release_agent_path_lock);
1588 if (strlen(root->release_agent_path))
1589 seq_show_option(seq, "release_agent",
1590 root->release_agent_path);
1591 spin_unlock(&release_agent_path_lock);
1593 if (test_bit(CGRP_CPUSET_CLONE_CHILDREN, &root->cgrp.flags))
1594 seq_puts(seq, ",clone_children");
1595 if (strlen(root->name))
1596 seq_show_option(seq, "name", root->name);
1600 struct cgroup_sb_opts {
1603 char *release_agent;
1604 bool cpuset_clone_children;
1606 /* User explicitly requested empty subsystem */
1610 static int parse_cgroupfs_options(char *data, struct cgroup_sb_opts *opts)
1612 char *token, *o = data;
1613 bool all_ss = false, one_ss = false;
1615 struct cgroup_subsys *ss;
1619 #ifdef CONFIG_CPUSETS
1620 mask = ~((u16)1 << cpuset_cgrp_id);
1623 memset(opts, 0, sizeof(*opts));
1625 while ((token = strsep(&o, ",")) != NULL) {
1630 if (!strcmp(token, "none")) {
1631 /* Explicitly have no subsystems */
1635 if (!strcmp(token, "all")) {
1636 /* Mutually exclusive option 'all' + subsystem name */
1642 if (!strcmp(token, "noprefix")) {
1643 opts->flags |= CGRP_ROOT_NOPREFIX;
1646 if (!strcmp(token, "clone_children")) {
1647 opts->cpuset_clone_children = true;
1650 if (!strcmp(token, "xattr")) {
1651 opts->flags |= CGRP_ROOT_XATTR;
1654 if (!strncmp(token, "release_agent=", 14)) {
1655 /* Specifying two release agents is forbidden */
1656 if (opts->release_agent)
1658 opts->release_agent =
1659 kstrndup(token + 14, PATH_MAX - 1, GFP_KERNEL);
1660 if (!opts->release_agent)
1664 if (!strncmp(token, "name=", 5)) {
1665 const char *name = token + 5;
1666 /* Can't specify an empty name */
1669 /* Must match [\w.-]+ */
1670 for (i = 0; i < strlen(name); i++) {
1674 if ((c == '.') || (c == '-') || (c == '_'))
1678 /* Specifying two names is forbidden */
1681 opts->name = kstrndup(name,
1682 MAX_CGROUP_ROOT_NAMELEN - 1,
1690 for_each_subsys(ss, i) {
1691 if (strcmp(token, ss->legacy_name))
1693 if (!cgroup_ssid_enabled(i))
1695 if (cgroup_ssid_no_v1(i))
1698 /* Mutually exclusive option 'all' + subsystem name */
1701 opts->subsys_mask |= (1 << i);
1706 if (i == CGROUP_SUBSYS_COUNT)
1711 * If the 'all' option was specified select all the subsystems,
1712 * otherwise if 'none', 'name=' and a subsystem name options were
1713 * not specified, let's default to 'all'
1715 if (all_ss || (!one_ss && !opts->none && !opts->name))
1716 for_each_subsys(ss, i)
1717 if (cgroup_ssid_enabled(i) && !cgroup_ssid_no_v1(i))
1718 opts->subsys_mask |= (1 << i);
1721 * We either have to specify by name or by subsystems. (So all
1722 * empty hierarchies must have a name).
1724 if (!opts->subsys_mask && !opts->name)
1728 * Option noprefix was introduced just for backward compatibility
1729 * with the old cpuset, so we allow noprefix only if mounting just
1730 * the cpuset subsystem.
1732 if ((opts->flags & CGRP_ROOT_NOPREFIX) && (opts->subsys_mask & mask))
1735 /* Can't specify "none" and some subsystems */
1736 if (opts->subsys_mask && opts->none)
1742 static int cgroup_remount(struct kernfs_root *kf_root, int *flags, char *data)
1745 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
1746 struct cgroup_sb_opts opts;
1747 u16 added_mask, removed_mask;
1749 if (root == &cgrp_dfl_root) {
1750 pr_err("remount is not allowed\n");
1754 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
1756 /* See what subsystems are wanted */
1757 ret = parse_cgroupfs_options(data, &opts);
1761 if (opts.subsys_mask != root->subsys_mask || opts.release_agent)
1762 pr_warn("option changes via remount are deprecated (pid=%d comm=%s)\n",
1763 task_tgid_nr(current), current->comm);
1765 added_mask = opts.subsys_mask & ~root->subsys_mask;
1766 removed_mask = root->subsys_mask & ~opts.subsys_mask;
1768 /* Don't allow flags or name to change at remount */
1769 if ((opts.flags ^ root->flags) ||
1770 (opts.name && strcmp(opts.name, root->name))) {
1771 pr_err("option or name mismatch, new: 0x%x \"%s\", old: 0x%x \"%s\"\n",
1772 opts.flags, opts.name ?: "", root->flags, root->name);
1777 /* remounting is not allowed for populated hierarchies */
1778 if (!list_empty(&root->cgrp.self.children)) {
1783 ret = rebind_subsystems(root, added_mask);
1787 WARN_ON(rebind_subsystems(&cgrp_dfl_root, removed_mask));
1789 if (opts.release_agent) {
1790 spin_lock(&release_agent_path_lock);
1791 strcpy(root->release_agent_path, opts.release_agent);
1792 spin_unlock(&release_agent_path_lock);
1795 kfree(opts.release_agent);
1797 mutex_unlock(&cgroup_mutex);
1802 * To reduce the fork() overhead for systems that are not actually using
1803 * their cgroups capability, we don't maintain the lists running through
1804 * each css_set to its tasks until we see the list actually used - in other
1805 * words after the first mount.
1807 static bool use_task_css_set_links __read_mostly;
1809 static void cgroup_enable_task_cg_lists(void)
1811 struct task_struct *p, *g;
1813 spin_lock_bh(&css_set_lock);
1815 if (use_task_css_set_links)
1818 use_task_css_set_links = true;
1821 * We need tasklist_lock because RCU is not safe against
1822 * while_each_thread(). Besides, a forking task that has passed
1823 * cgroup_post_fork() without seeing use_task_css_set_links = 1
1824 * is not guaranteed to have its child immediately visible in the
1825 * tasklist if we walk through it with RCU.
1827 read_lock(&tasklist_lock);
1828 do_each_thread(g, p) {
1829 WARN_ON_ONCE(!list_empty(&p->cg_list) ||
1830 task_css_set(p) != &init_css_set);
1833 * We should check if the process is exiting, otherwise
1834 * it will race with cgroup_exit() in that the list
1835 * entry won't be deleted though the process has exited.
1836 * Do it while holding siglock so that we don't end up
1837 * racing against cgroup_exit().
1839 spin_lock_irq(&p->sighand->siglock);
1840 if (!(p->flags & PF_EXITING)) {
1841 struct css_set *cset = task_css_set(p);
1843 if (!css_set_populated(cset))
1844 css_set_update_populated(cset, true);
1845 list_add_tail(&p->cg_list, &cset->tasks);
1848 spin_unlock_irq(&p->sighand->siglock);
1849 } while_each_thread(g, p);
1850 read_unlock(&tasklist_lock);
1852 spin_unlock_bh(&css_set_lock);
1855 static void init_cgroup_housekeeping(struct cgroup *cgrp)
1857 struct cgroup_subsys *ss;
1860 INIT_LIST_HEAD(&cgrp->self.sibling);
1861 INIT_LIST_HEAD(&cgrp->self.children);
1862 INIT_LIST_HEAD(&cgrp->cset_links);
1863 INIT_LIST_HEAD(&cgrp->pidlists);
1864 mutex_init(&cgrp->pidlist_mutex);
1865 cgrp->self.cgroup = cgrp;
1866 cgrp->self.flags |= CSS_ONLINE;
1868 for_each_subsys(ss, ssid)
1869 INIT_LIST_HEAD(&cgrp->e_csets[ssid]);
1871 init_waitqueue_head(&cgrp->offline_waitq);
1872 INIT_WORK(&cgrp->release_agent_work, cgroup_release_agent);
1875 static void init_cgroup_root(struct cgroup_root *root,
1876 struct cgroup_sb_opts *opts)
1878 struct cgroup *cgrp = &root->cgrp;
1880 INIT_LIST_HEAD(&root->root_list);
1881 atomic_set(&root->nr_cgrps, 1);
1883 init_cgroup_housekeeping(cgrp);
1884 idr_init(&root->cgroup_idr);
1886 root->flags = opts->flags;
1887 if (opts->release_agent)
1888 strcpy(root->release_agent_path, opts->release_agent);
1890 strcpy(root->name, opts->name);
1891 if (opts->cpuset_clone_children)
1892 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &root->cgrp.flags);
1895 static int cgroup_setup_root(struct cgroup_root *root, u16 ss_mask)
1897 LIST_HEAD(tmp_links);
1898 struct cgroup *root_cgrp = &root->cgrp;
1899 struct css_set *cset;
1902 lockdep_assert_held(&cgroup_mutex);
1904 ret = cgroup_idr_alloc(&root->cgroup_idr, root_cgrp, 1, 2, GFP_KERNEL);
1907 root_cgrp->id = ret;
1908 root_cgrp->ancestor_ids[0] = ret;
1910 ret = percpu_ref_init(&root_cgrp->self.refcnt, css_release, 0,
1916 * We're accessing css_set_count without locking css_set_lock here,
1917 * but that's OK - it can only be increased by someone holding
1918 * cgroup_lock, and that's us. Later rebinding may disable
1919 * controllers on the default hierarchy and thus create new csets,
1920 * which can't be more than the existing ones. Allocate 2x.
1922 ret = allocate_cgrp_cset_links(2 * css_set_count, &tmp_links);
1926 ret = cgroup_init_root_id(root);
1930 root->kf_root = kernfs_create_root(&cgroup_kf_syscall_ops,
1931 KERNFS_ROOT_CREATE_DEACTIVATED,
1933 if (IS_ERR(root->kf_root)) {
1934 ret = PTR_ERR(root->kf_root);
1937 root_cgrp->kn = root->kf_root->kn;
1939 ret = css_populate_dir(&root_cgrp->self);
1943 ret = rebind_subsystems(root, ss_mask);
1948 * There must be no failure case after here, since rebinding takes
1949 * care of subsystems' refcounts, which are explicitly dropped in
1950 * the failure exit path.
1952 list_add(&root->root_list, &cgroup_roots);
1953 cgroup_root_count++;
1956 * Link the root cgroup in this hierarchy into all the css_set
1959 spin_lock_bh(&css_set_lock);
1960 hash_for_each(css_set_table, i, cset, hlist) {
1961 link_css_set(&tmp_links, cset, root_cgrp);
1962 if (css_set_populated(cset))
1963 cgroup_update_populated(root_cgrp, true);
1965 spin_unlock_bh(&css_set_lock);
1967 BUG_ON(!list_empty(&root_cgrp->self.children));
1968 BUG_ON(atomic_read(&root->nr_cgrps) != 1);
1970 kernfs_activate(root_cgrp->kn);
1975 kernfs_destroy_root(root->kf_root);
1976 root->kf_root = NULL;
1978 cgroup_exit_root_id(root);
1980 percpu_ref_exit(&root_cgrp->self.refcnt);
1982 free_cgrp_cset_links(&tmp_links);
1986 static struct dentry *cgroup_mount(struct file_system_type *fs_type,
1987 int flags, const char *unused_dev_name,
1990 bool is_v2 = fs_type == &cgroup2_fs_type;
1991 struct super_block *pinned_sb = NULL;
1992 struct cgroup_subsys *ss;
1993 struct cgroup_root *root;
1994 struct cgroup_sb_opts opts;
1995 struct dentry *dentry;
2001 * The first time anyone tries to mount a cgroup, enable the list
2002 * linking each css_set to its tasks and fix up all existing tasks.
2004 if (!use_task_css_set_links)
2005 cgroup_enable_task_cg_lists();
2009 pr_err("cgroup2: unknown option \"%s\"\n", (char *)data);
2010 return ERR_PTR(-EINVAL);
2012 cgrp_dfl_visible = true;
2013 root = &cgrp_dfl_root;
2014 cgroup_get(&root->cgrp);
2018 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp);
2020 /* First find the desired set of subsystems */
2021 ret = parse_cgroupfs_options(data, &opts);
2026 * Destruction of cgroup root is asynchronous, so subsystems may
2027 * still be dying after the previous unmount. Let's drain the
2028 * dying subsystems. We just need to ensure that the ones
2029 * unmounted previously finish dying and don't care about new ones
2030 * starting. Testing ref liveliness is good enough.
2032 for_each_subsys(ss, i) {
2033 if (!(opts.subsys_mask & (1 << i)) ||
2034 ss->root == &cgrp_dfl_root)
2037 if (!percpu_ref_tryget_live(&ss->root->cgrp.self.refcnt)) {
2038 mutex_unlock(&cgroup_mutex);
2040 ret = restart_syscall();
2043 cgroup_put(&ss->root->cgrp);
2046 for_each_root(root) {
2047 bool name_match = false;
2049 if (root == &cgrp_dfl_root)
2053 * If we asked for a name then it must match. Also, if
2054 * name matches but sybsys_mask doesn't, we should fail.
2055 * Remember whether name matched.
2058 if (strcmp(opts.name, root->name))
2064 * If we asked for subsystems (or explicitly for no
2065 * subsystems) then they must match.
2067 if ((opts.subsys_mask || opts.none) &&
2068 (opts.subsys_mask != root->subsys_mask)) {
2075 if (root->flags ^ opts.flags)
2076 pr_warn("new mount options do not match the existing superblock, will be ignored\n");
2079 * We want to reuse @root whose lifetime is governed by its
2080 * ->cgrp. Let's check whether @root is alive and keep it
2081 * that way. As cgroup_kill_sb() can happen anytime, we
2082 * want to block it by pinning the sb so that @root doesn't
2083 * get killed before mount is complete.
2085 * With the sb pinned, tryget_live can reliably indicate
2086 * whether @root can be reused. If it's being killed,
2087 * drain it. We can use wait_queue for the wait but this
2088 * path is super cold. Let's just sleep a bit and retry.
2090 pinned_sb = kernfs_pin_sb(root->kf_root, NULL);
2091 if (IS_ERR(pinned_sb) ||
2092 !percpu_ref_tryget_live(&root->cgrp.self.refcnt)) {
2093 mutex_unlock(&cgroup_mutex);
2094 if (!IS_ERR_OR_NULL(pinned_sb))
2095 deactivate_super(pinned_sb);
2097 ret = restart_syscall();
2106 * No such thing, create a new one. name= matching without subsys
2107 * specification is allowed for already existing hierarchies but we
2108 * can't create new one without subsys specification.
2110 if (!opts.subsys_mask && !opts.none) {
2115 root = kzalloc(sizeof(*root), GFP_KERNEL);
2121 init_cgroup_root(root, &opts);
2123 ret = cgroup_setup_root(root, opts.subsys_mask);
2125 cgroup_free_root(root);
2128 mutex_unlock(&cgroup_mutex);
2130 kfree(opts.release_agent);
2134 return ERR_PTR(ret);
2136 dentry = kernfs_mount(fs_type, flags, root->kf_root,
2137 is_v2 ? CGROUP2_SUPER_MAGIC : CGROUP_SUPER_MAGIC,
2139 if (IS_ERR(dentry) || !new_sb)
2140 cgroup_put(&root->cgrp);
2143 * If @pinned_sb, we're reusing an existing root and holding an
2144 * extra ref on its sb. Mount is complete. Put the extra ref.
2148 deactivate_super(pinned_sb);
2154 static void cgroup_kill_sb(struct super_block *sb)
2156 struct kernfs_root *kf_root = kernfs_root_from_sb(sb);
2157 struct cgroup_root *root = cgroup_root_from_kf(kf_root);
2160 * If @root doesn't have any mounts or children, start killing it.
2161 * This prevents new mounts by disabling percpu_ref_tryget_live().
2162 * cgroup_mount() may wait for @root's release.
2164 * And don't kill the default root.
2166 if (!list_empty(&root->cgrp.self.children) ||
2167 root == &cgrp_dfl_root)
2168 cgroup_put(&root->cgrp);
2170 percpu_ref_kill(&root->cgrp.self.refcnt);
2175 static struct file_system_type cgroup_fs_type = {
2177 .mount = cgroup_mount,
2178 .kill_sb = cgroup_kill_sb,
2181 static struct file_system_type cgroup2_fs_type = {
2183 .mount = cgroup_mount,
2184 .kill_sb = cgroup_kill_sb,
2188 * task_cgroup_path - cgroup path of a task in the first cgroup hierarchy
2189 * @task: target task
2190 * @buf: the buffer to write the path into
2191 * @buflen: the length of the buffer
2193 * Determine @task's cgroup on the first (the one with the lowest non-zero
2194 * hierarchy_id) cgroup hierarchy and copy its path into @buf. This
2195 * function grabs cgroup_mutex and shouldn't be used inside locks used by
2196 * cgroup controller callbacks.
2198 * Return value is the same as kernfs_path().
2200 char *task_cgroup_path(struct task_struct *task, char *buf, size_t buflen)
2202 struct cgroup_root *root;
2203 struct cgroup *cgrp;
2204 int hierarchy_id = 1;
2207 mutex_lock(&cgroup_mutex);
2208 spin_lock_bh(&css_set_lock);
2210 root = idr_get_next(&cgroup_hierarchy_idr, &hierarchy_id);
2213 cgrp = task_cgroup_from_root(task, root);
2214 path = cgroup_path(cgrp, buf, buflen);
2216 /* if no hierarchy exists, everyone is in "/" */
2217 if (strlcpy(buf, "/", buflen) < buflen)
2221 spin_unlock_bh(&css_set_lock);
2222 mutex_unlock(&cgroup_mutex);
2225 EXPORT_SYMBOL_GPL(task_cgroup_path);
2227 /* used to track tasks and other necessary states during migration */
2228 struct cgroup_taskset {
2229 /* the src and dst cset list running through cset->mg_node */
2230 struct list_head src_csets;
2231 struct list_head dst_csets;
2233 /* the subsys currently being processed */
2237 * Fields for cgroup_taskset_*() iteration.
2239 * Before migration is committed, the target migration tasks are on
2240 * ->mg_tasks of the csets on ->src_csets. After, on ->mg_tasks of
2241 * the csets on ->dst_csets. ->csets point to either ->src_csets
2242 * or ->dst_csets depending on whether migration is committed.
2244 * ->cur_csets and ->cur_task point to the current task position
2247 struct list_head *csets;
2248 struct css_set *cur_cset;
2249 struct task_struct *cur_task;
2252 #define CGROUP_TASKSET_INIT(tset) (struct cgroup_taskset){ \
2253 .src_csets = LIST_HEAD_INIT(tset.src_csets), \
2254 .dst_csets = LIST_HEAD_INIT(tset.dst_csets), \
2255 .csets = &tset.src_csets, \
2259 * cgroup_taskset_add - try to add a migration target task to a taskset
2260 * @task: target task
2261 * @tset: target taskset
2263 * Add @task, which is a migration target, to @tset. This function becomes
2264 * noop if @task doesn't need to be migrated. @task's css_set should have
2265 * been added as a migration source and @task->cg_list will be moved from
2266 * the css_set's tasks list to mg_tasks one.
2268 static void cgroup_taskset_add(struct task_struct *task,
2269 struct cgroup_taskset *tset)
2271 struct css_set *cset;
2273 lockdep_assert_held(&css_set_lock);
2275 /* @task either already exited or can't exit until the end */
2276 if (task->flags & PF_EXITING)
2279 /* leave @task alone if post_fork() hasn't linked it yet */
2280 if (list_empty(&task->cg_list))
2283 cset = task_css_set(task);
2284 if (!cset->mg_src_cgrp)
2287 list_move_tail(&task->cg_list, &cset->mg_tasks);
2288 if (list_empty(&cset->mg_node))
2289 list_add_tail(&cset->mg_node, &tset->src_csets);
2290 if (list_empty(&cset->mg_dst_cset->mg_node))
2291 list_move_tail(&cset->mg_dst_cset->mg_node,
2296 * cgroup_taskset_first - reset taskset and return the first task
2297 * @tset: taskset of interest
2298 * @dst_cssp: output variable for the destination css
2300 * @tset iteration is initialized and the first task is returned.
2302 struct task_struct *cgroup_taskset_first(struct cgroup_taskset *tset,
2303 struct cgroup_subsys_state **dst_cssp)
2305 tset->cur_cset = list_first_entry(tset->csets, struct css_set, mg_node);
2306 tset->cur_task = NULL;
2308 return cgroup_taskset_next(tset, dst_cssp);
2312 * cgroup_taskset_next - iterate to the next task in taskset
2313 * @tset: taskset of interest
2314 * @dst_cssp: output variable for the destination css
2316 * Return the next task in @tset. Iteration must have been initialized
2317 * with cgroup_taskset_first().
2319 struct task_struct *cgroup_taskset_next(struct cgroup_taskset *tset,
2320 struct cgroup_subsys_state **dst_cssp)
2322 struct css_set *cset = tset->cur_cset;
2323 struct task_struct *task = tset->cur_task;
2325 while (&cset->mg_node != tset->csets) {
2327 task = list_first_entry(&cset->mg_tasks,
2328 struct task_struct, cg_list);
2330 task = list_next_entry(task, cg_list);
2332 if (&task->cg_list != &cset->mg_tasks) {
2333 tset->cur_cset = cset;
2334 tset->cur_task = task;
2337 * This function may be called both before and
2338 * after cgroup_taskset_migrate(). The two cases
2339 * can be distinguished by looking at whether @cset
2340 * has its ->mg_dst_cset set.
2342 if (cset->mg_dst_cset)
2343 *dst_cssp = cset->mg_dst_cset->subsys[tset->ssid];
2345 *dst_cssp = cset->subsys[tset->ssid];
2350 cset = list_next_entry(cset, mg_node);
2358 * cgroup_taskset_migrate - migrate a taskset
2359 * @tset: taget taskset
2360 * @root: cgroup root the migration is taking place on
2362 * Migrate tasks in @tset as setup by migration preparation functions.
2363 * This function fails iff one of the ->can_attach callbacks fails and
2364 * guarantees that either all or none of the tasks in @tset are migrated.
2365 * @tset is consumed regardless of success.
2367 static int cgroup_taskset_migrate(struct cgroup_taskset *tset,
2368 struct cgroup_root *root)
2370 struct cgroup_subsys *ss;
2371 struct task_struct *task, *tmp_task;
2372 struct css_set *cset, *tmp_cset;
2373 int ssid, failed_ssid, ret;
2375 /* methods shouldn't be called if no task is actually migrating */
2376 if (list_empty(&tset->src_csets))
2379 /* check that we can legitimately attach to the cgroup */
2380 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2381 if (ss->can_attach) {
2383 ret = ss->can_attach(tset);
2386 goto out_cancel_attach;
2389 } while_each_subsys_mask();
2392 * Now that we're guaranteed success, proceed to move all tasks to
2393 * the new cgroup. There are no failure cases after here, so this
2394 * is the commit point.
2396 spin_lock_bh(&css_set_lock);
2397 list_for_each_entry(cset, &tset->src_csets, mg_node) {
2398 list_for_each_entry_safe(task, tmp_task, &cset->mg_tasks, cg_list) {
2399 struct css_set *from_cset = task_css_set(task);
2400 struct css_set *to_cset = cset->mg_dst_cset;
2402 get_css_set(to_cset);
2403 css_set_move_task(task, from_cset, to_cset, true);
2404 put_css_set_locked(from_cset);
2407 spin_unlock_bh(&css_set_lock);
2410 * Migration is committed, all target tasks are now on dst_csets.
2411 * Nothing is sensitive to fork() after this point. Notify
2412 * controllers that migration is complete.
2414 tset->csets = &tset->dst_csets;
2416 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2421 } while_each_subsys_mask();
2424 goto out_release_tset;
2427 do_each_subsys_mask(ss, ssid, root->subsys_mask) {
2428 if (ssid == failed_ssid)
2430 if (ss->cancel_attach) {
2432 ss->cancel_attach(tset);
2434 } while_each_subsys_mask();
2436 spin_lock_bh(&css_set_lock);
2437 list_splice_init(&tset->dst_csets, &tset->src_csets);
2438 list_for_each_entry_safe(cset, tmp_cset, &tset->src_csets, mg_node) {
2439 list_splice_tail_init(&cset->mg_tasks, &cset->tasks);
2440 list_del_init(&cset->mg_node);
2442 spin_unlock_bh(&css_set_lock);
2447 * cgroup_may_migrate_to - verify whether a cgroup can be migration destination
2448 * @dst_cgrp: destination cgroup to test
2450 * On the default hierarchy, except for the root, subtree_control must be
2451 * zero for migration destination cgroups with tasks so that child cgroups
2452 * don't compete against tasks.
2454 static bool cgroup_may_migrate_to(struct cgroup *dst_cgrp)
2456 return !cgroup_on_dfl(dst_cgrp) || !cgroup_parent(dst_cgrp) ||
2457 !dst_cgrp->subtree_control;
2461 * cgroup_migrate_finish - cleanup after attach
2462 * @preloaded_csets: list of preloaded css_sets
2464 * Undo cgroup_migrate_add_src() and cgroup_migrate_prepare_dst(). See
2465 * those functions for details.
2467 static void cgroup_migrate_finish(struct list_head *preloaded_csets)
2469 struct css_set *cset, *tmp_cset;
2471 lockdep_assert_held(&cgroup_mutex);
2473 spin_lock_bh(&css_set_lock);
2474 list_for_each_entry_safe(cset, tmp_cset, preloaded_csets, mg_preload_node) {
2475 cset->mg_src_cgrp = NULL;
2476 cset->mg_dst_cgrp = NULL;
2477 cset->mg_dst_cset = NULL;
2478 list_del_init(&cset->mg_preload_node);
2479 put_css_set_locked(cset);
2481 spin_unlock_bh(&css_set_lock);
2485 * cgroup_migrate_add_src - add a migration source css_set
2486 * @src_cset: the source css_set to add
2487 * @dst_cgrp: the destination cgroup
2488 * @preloaded_csets: list of preloaded css_sets
2490 * Tasks belonging to @src_cset are about to be migrated to @dst_cgrp. Pin
2491 * @src_cset and add it to @preloaded_csets, which should later be cleaned
2492 * up by cgroup_migrate_finish().
2494 * This function may be called without holding cgroup_threadgroup_rwsem
2495 * even if the target is a process. Threads may be created and destroyed
2496 * but as long as cgroup_mutex is not dropped, no new css_set can be put
2497 * into play and the preloaded css_sets are guaranteed to cover all
2500 static void cgroup_migrate_add_src(struct css_set *src_cset,
2501 struct cgroup *dst_cgrp,
2502 struct list_head *preloaded_csets)
2504 struct cgroup *src_cgrp;
2506 lockdep_assert_held(&cgroup_mutex);
2507 lockdep_assert_held(&css_set_lock);
2509 src_cgrp = cset_cgroup_from_root(src_cset, dst_cgrp->root);
2511 if (!list_empty(&src_cset->mg_preload_node))
2514 WARN_ON(src_cset->mg_src_cgrp);
2515 WARN_ON(src_cset->mg_dst_cgrp);
2516 WARN_ON(!list_empty(&src_cset->mg_tasks));
2517 WARN_ON(!list_empty(&src_cset->mg_node));
2519 src_cset->mg_src_cgrp = src_cgrp;
2520 src_cset->mg_dst_cgrp = dst_cgrp;
2521 get_css_set(src_cset);
2522 list_add(&src_cset->mg_preload_node, preloaded_csets);
2526 * cgroup_migrate_prepare_dst - prepare destination css_sets for migration
2527 * @preloaded_csets: list of preloaded source css_sets
2529 * Tasks are about to be moved and all the source css_sets have been
2530 * preloaded to @preloaded_csets. This function looks up and pins all
2531 * destination css_sets, links each to its source, and append them to
2534 * This function must be called after cgroup_migrate_add_src() has been
2535 * called on each migration source css_set. After migration is performed
2536 * using cgroup_migrate(), cgroup_migrate_finish() must be called on
2539 static int cgroup_migrate_prepare_dst(struct list_head *preloaded_csets)
2542 struct css_set *src_cset, *tmp_cset;
2544 lockdep_assert_held(&cgroup_mutex);
2546 /* look up the dst cset for each src cset and link it to src */
2547 list_for_each_entry_safe(src_cset, tmp_cset, preloaded_csets, mg_preload_node) {
2548 struct css_set *dst_cset;
2550 dst_cset = find_css_set(src_cset, src_cset->mg_dst_cgrp);
2554 WARN_ON_ONCE(src_cset->mg_dst_cset || dst_cset->mg_dst_cset);
2557 * If src cset equals dst, it's noop. Drop the src.
2558 * cgroup_migrate() will skip the cset too. Note that we
2559 * can't handle src == dst as some nodes are used by both.
2561 if (src_cset == dst_cset) {
2562 src_cset->mg_src_cgrp = NULL;
2563 src_cset->mg_dst_cgrp = NULL;
2564 list_del_init(&src_cset->mg_preload_node);
2565 put_css_set(src_cset);
2566 put_css_set(dst_cset);
2570 src_cset->mg_dst_cset = dst_cset;
2572 if (list_empty(&dst_cset->mg_preload_node))
2573 list_add(&dst_cset->mg_preload_node, &csets);
2575 put_css_set(dst_cset);
2578 list_splice_tail(&csets, preloaded_csets);
2581 cgroup_migrate_finish(&csets);
2586 * cgroup_migrate - migrate a process or task to a cgroup
2587 * @leader: the leader of the process or the task to migrate
2588 * @threadgroup: whether @leader points to the whole process or a single task
2589 * @root: cgroup root migration is taking place on
2591 * Migrate a process or task denoted by @leader. If migrating a process,
2592 * the caller must be holding cgroup_threadgroup_rwsem. The caller is also
2593 * responsible for invoking cgroup_migrate_add_src() and
2594 * cgroup_migrate_prepare_dst() on the targets before invoking this
2595 * function and following up with cgroup_migrate_finish().
2597 * As long as a controller's ->can_attach() doesn't fail, this function is
2598 * guaranteed to succeed. This means that, excluding ->can_attach()
2599 * failure, when migrating multiple targets, the success or failure can be
2600 * decided for all targets by invoking group_migrate_prepare_dst() before
2601 * actually starting migrating.
2603 static int cgroup_migrate(struct task_struct *leader, bool threadgroup,
2604 struct cgroup_root *root)
2606 struct cgroup_taskset tset = CGROUP_TASKSET_INIT(tset);
2607 struct task_struct *task;
2610 * Prevent freeing of tasks while we take a snapshot. Tasks that are
2611 * already PF_EXITING could be freed from underneath us unless we
2612 * take an rcu_read_lock.
2614 spin_lock_bh(&css_set_lock);
2618 cgroup_taskset_add(task, &tset);
2621 } while_each_thread(leader, task);
2623 spin_unlock_bh(&css_set_lock);
2625 return cgroup_taskset_migrate(&tset, root);
2629 * cgroup_attach_task - attach a task or a whole threadgroup to a cgroup
2630 * @dst_cgrp: the cgroup to attach to
2631 * @leader: the task or the leader of the threadgroup to be attached
2632 * @threadgroup: attach the whole threadgroup?
2634 * Call holding cgroup_mutex and cgroup_threadgroup_rwsem.
2636 static int cgroup_attach_task(struct cgroup *dst_cgrp,
2637 struct task_struct *leader, bool threadgroup)
2639 LIST_HEAD(preloaded_csets);
2640 struct task_struct *task;
2643 if (!cgroup_may_migrate_to(dst_cgrp))
2646 /* look up all src csets */
2647 spin_lock_bh(&css_set_lock);
2651 cgroup_migrate_add_src(task_css_set(task), dst_cgrp,
2655 } while_each_thread(leader, task);
2657 spin_unlock_bh(&css_set_lock);
2659 /* prepare dst csets and commit */
2660 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
2662 ret = cgroup_migrate(leader, threadgroup, dst_cgrp->root);
2664 cgroup_migrate_finish(&preloaded_csets);
2668 static int cgroup_procs_write_permission(struct task_struct *task,
2669 struct cgroup *dst_cgrp,
2670 struct kernfs_open_file *of)
2672 const struct cred *cred = current_cred();
2673 const struct cred *tcred = get_task_cred(task);
2677 * even if we're attaching all tasks in the thread group, we only
2678 * need to check permissions on one of them.
2680 if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
2681 !uid_eq(cred->euid, tcred->uid) &&
2682 !uid_eq(cred->euid, tcred->suid))
2685 if (!ret && cgroup_on_dfl(dst_cgrp)) {
2686 struct super_block *sb = of->file->f_path.dentry->d_sb;
2687 struct cgroup *cgrp;
2688 struct inode *inode;
2690 spin_lock_bh(&css_set_lock);
2691 cgrp = task_cgroup_from_root(task, &cgrp_dfl_root);
2692 spin_unlock_bh(&css_set_lock);
2694 while (!cgroup_is_descendant(dst_cgrp, cgrp))
2695 cgrp = cgroup_parent(cgrp);
2698 inode = kernfs_get_inode(sb, cgrp->procs_file.kn);
2700 ret = inode_permission(inode, MAY_WRITE);
2710 * Find the task_struct of the task to attach by vpid and pass it along to the
2711 * function to attach either it or all tasks in its threadgroup. Will lock
2712 * cgroup_mutex and threadgroup.
2714 static ssize_t __cgroup_procs_write(struct kernfs_open_file *of, char *buf,
2715 size_t nbytes, loff_t off, bool threadgroup)
2717 struct task_struct *tsk;
2718 struct cgroup *cgrp;
2722 if (kstrtoint(strstrip(buf), 0, &pid) || pid < 0)
2725 cgrp = cgroup_kn_lock_live(of->kn, false);
2729 percpu_down_write(&cgroup_threadgroup_rwsem);
2732 tsk = find_task_by_vpid(pid);
2735 goto out_unlock_rcu;
2742 tsk = tsk->group_leader;
2745 * Workqueue threads may acquire PF_NO_SETAFFINITY and become
2746 * trapped in a cpuset, or RT worker may be born in a cgroup
2747 * with no rt_runtime allocated. Just say no.
2749 if (tsk == kthreadd_task || (tsk->flags & PF_NO_SETAFFINITY)) {
2751 goto out_unlock_rcu;
2754 get_task_struct(tsk);
2757 ret = cgroup_procs_write_permission(tsk, cgrp, of);
2759 ret = cgroup_attach_task(cgrp, tsk, threadgroup);
2761 put_task_struct(tsk);
2762 goto out_unlock_threadgroup;
2766 out_unlock_threadgroup:
2767 percpu_up_write(&cgroup_threadgroup_rwsem);
2768 cgroup_kn_unlock(of->kn);
2769 cpuset_post_attach_flush();
2770 return ret ?: nbytes;
2774 * cgroup_attach_task_all - attach task 'tsk' to all cgroups of task 'from'
2775 * @from: attach to all cgroups of a given task
2776 * @tsk: the task to be attached
2778 int cgroup_attach_task_all(struct task_struct *from, struct task_struct *tsk)
2780 struct cgroup_root *root;
2783 mutex_lock(&cgroup_mutex);
2784 for_each_root(root) {
2785 struct cgroup *from_cgrp;
2787 if (root == &cgrp_dfl_root)
2790 spin_lock_bh(&css_set_lock);
2791 from_cgrp = task_cgroup_from_root(from, root);
2792 spin_unlock_bh(&css_set_lock);
2794 retval = cgroup_attach_task(from_cgrp, tsk, false);
2798 mutex_unlock(&cgroup_mutex);
2802 EXPORT_SYMBOL_GPL(cgroup_attach_task_all);
2804 static ssize_t cgroup_tasks_write(struct kernfs_open_file *of,
2805 char *buf, size_t nbytes, loff_t off)
2807 return __cgroup_procs_write(of, buf, nbytes, off, false);
2810 static ssize_t cgroup_procs_write(struct kernfs_open_file *of,
2811 char *buf, size_t nbytes, loff_t off)
2813 return __cgroup_procs_write(of, buf, nbytes, off, true);
2816 static ssize_t cgroup_release_agent_write(struct kernfs_open_file *of,
2817 char *buf, size_t nbytes, loff_t off)
2819 struct cgroup *cgrp;
2821 BUILD_BUG_ON(sizeof(cgrp->root->release_agent_path) < PATH_MAX);
2823 cgrp = cgroup_kn_lock_live(of->kn, false);
2826 spin_lock(&release_agent_path_lock);
2827 strlcpy(cgrp->root->release_agent_path, strstrip(buf),
2828 sizeof(cgrp->root->release_agent_path));
2829 spin_unlock(&release_agent_path_lock);
2830 cgroup_kn_unlock(of->kn);
2834 static int cgroup_release_agent_show(struct seq_file *seq, void *v)
2836 struct cgroup *cgrp = seq_css(seq)->cgroup;
2838 spin_lock(&release_agent_path_lock);
2839 seq_puts(seq, cgrp->root->release_agent_path);
2840 spin_unlock(&release_agent_path_lock);
2841 seq_putc(seq, '\n');
2845 static int cgroup_sane_behavior_show(struct seq_file *seq, void *v)
2847 seq_puts(seq, "0\n");
2851 static void cgroup_print_ss_mask(struct seq_file *seq, u16 ss_mask)
2853 struct cgroup_subsys *ss;
2854 bool printed = false;
2857 do_each_subsys_mask(ss, ssid, ss_mask) {
2860 seq_printf(seq, "%s", ss->name);
2862 } while_each_subsys_mask();
2864 seq_putc(seq, '\n');
2867 /* show controllers which are enabled from the parent */
2868 static int cgroup_controllers_show(struct seq_file *seq, void *v)
2870 struct cgroup *cgrp = seq_css(seq)->cgroup;
2872 cgroup_print_ss_mask(seq, cgroup_control(cgrp));
2876 /* show controllers which are enabled for a given cgroup's children */
2877 static int cgroup_subtree_control_show(struct seq_file *seq, void *v)
2879 struct cgroup *cgrp = seq_css(seq)->cgroup;
2881 cgroup_print_ss_mask(seq, cgrp->subtree_control);
2886 * cgroup_update_dfl_csses - update css assoc of a subtree in default hierarchy
2887 * @cgrp: root of the subtree to update csses for
2889 * @cgrp's control masks have changed and its subtree's css associations
2890 * need to be updated accordingly. This function looks up all css_sets
2891 * which are attached to the subtree, creates the matching updated css_sets
2892 * and migrates the tasks to the new ones.
2894 static int cgroup_update_dfl_csses(struct cgroup *cgrp)
2896 LIST_HEAD(preloaded_csets);
2897 struct cgroup_taskset tset = CGROUP_TASKSET_INIT(tset);
2898 struct cgroup_subsys_state *d_css;
2899 struct cgroup *dsct;
2900 struct css_set *src_cset;
2903 lockdep_assert_held(&cgroup_mutex);
2905 percpu_down_write(&cgroup_threadgroup_rwsem);
2907 /* look up all csses currently attached to @cgrp's subtree */
2908 spin_lock_bh(&css_set_lock);
2909 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
2910 struct cgrp_cset_link *link;
2912 list_for_each_entry(link, &dsct->cset_links, cset_link)
2913 cgroup_migrate_add_src(link->cset, dsct,
2916 spin_unlock_bh(&css_set_lock);
2918 /* NULL dst indicates self on default hierarchy */
2919 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
2923 spin_lock_bh(&css_set_lock);
2924 list_for_each_entry(src_cset, &preloaded_csets, mg_preload_node) {
2925 struct task_struct *task, *ntask;
2927 /* src_csets precede dst_csets, break on the first dst_cset */
2928 if (!src_cset->mg_src_cgrp)
2931 /* all tasks in src_csets need to be migrated */
2932 list_for_each_entry_safe(task, ntask, &src_cset->tasks, cg_list)
2933 cgroup_taskset_add(task, &tset);
2935 spin_unlock_bh(&css_set_lock);
2937 ret = cgroup_taskset_migrate(&tset, cgrp->root);
2939 cgroup_migrate_finish(&preloaded_csets);
2940 percpu_up_write(&cgroup_threadgroup_rwsem);
2945 * cgroup_lock_and_drain_offline - lock cgroup_mutex and drain offlined csses
2946 * @cgrp: root of the target subtree
2948 * Because css offlining is asynchronous, userland may try to re-enable a
2949 * controller while the previous css is still around. This function grabs
2950 * cgroup_mutex and drains the previous css instances of @cgrp's subtree.
2952 static void cgroup_lock_and_drain_offline(struct cgroup *cgrp)
2953 __acquires(&cgroup_mutex)
2955 struct cgroup *dsct;
2956 struct cgroup_subsys_state *d_css;
2957 struct cgroup_subsys *ss;
2961 mutex_lock(&cgroup_mutex);
2963 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
2964 for_each_subsys(ss, ssid) {
2965 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
2968 if (!css || !percpu_ref_is_dying(&css->refcnt))
2972 prepare_to_wait(&dsct->offline_waitq, &wait,
2973 TASK_UNINTERRUPTIBLE);
2975 mutex_unlock(&cgroup_mutex);
2977 finish_wait(&dsct->offline_waitq, &wait);
2986 * cgroup_save_control - save control masks of a subtree
2987 * @cgrp: root of the target subtree
2989 * Save ->subtree_control and ->subtree_ss_mask to the respective old_
2990 * prefixed fields for @cgrp's subtree including @cgrp itself.
2992 static void cgroup_save_control(struct cgroup *cgrp)
2994 struct cgroup *dsct;
2995 struct cgroup_subsys_state *d_css;
2997 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
2998 dsct->old_subtree_control = dsct->subtree_control;
2999 dsct->old_subtree_ss_mask = dsct->subtree_ss_mask;
3004 * cgroup_propagate_control - refresh control masks of a subtree
3005 * @cgrp: root of the target subtree
3007 * For @cgrp and its subtree, ensure ->subtree_ss_mask matches
3008 * ->subtree_control and propagate controller availability through the
3009 * subtree so that descendants don't have unavailable controllers enabled.
3011 static void cgroup_propagate_control(struct cgroup *cgrp)
3013 struct cgroup *dsct;
3014 struct cgroup_subsys_state *d_css;
3016 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
3017 dsct->subtree_control &= cgroup_control(dsct);
3018 dsct->subtree_ss_mask =
3019 cgroup_calc_subtree_ss_mask(dsct->subtree_control,
3020 cgroup_ss_mask(dsct));
3025 * cgroup_restore_control - restore control masks of a subtree
3026 * @cgrp: root of the target subtree
3028 * Restore ->subtree_control and ->subtree_ss_mask from the respective old_
3029 * prefixed fields for @cgrp's subtree including @cgrp itself.
3031 static void cgroup_restore_control(struct cgroup *cgrp)
3033 struct cgroup *dsct;
3034 struct cgroup_subsys_state *d_css;
3036 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
3037 dsct->subtree_control = dsct->old_subtree_control;
3038 dsct->subtree_ss_mask = dsct->old_subtree_ss_mask;
3043 * cgroup_apply_control_enable - enable or show csses according to control
3044 * @cgrp: root of the target subtree
3046 * Walk @cgrp's subtree and create new csses or make the existing ones
3047 * visible. A css is created invisible if it's being implicitly enabled
3048 * through dependency. An invisible css is made visible when the userland
3049 * explicitly enables it.
3051 * Returns 0 on success, -errno on failure. On failure, csses which have
3052 * been processed already aren't cleaned up. The caller is responsible for
3053 * cleaning up with cgroup_apply_control_disble().
3055 static int cgroup_apply_control_enable(struct cgroup *cgrp)
3057 struct cgroup *dsct;
3058 struct cgroup_subsys_state *d_css;
3059 struct cgroup_subsys *ss;
3062 cgroup_for_each_live_descendant_pre(dsct, d_css, cgrp) {
3063 for_each_subsys(ss, ssid) {
3064 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
3066 WARN_ON_ONCE(css && percpu_ref_is_dying(&css->refcnt));
3068 if (!(cgroup_ss_mask(dsct) & (1 << ss->id)))
3072 css = css_create(dsct, ss);
3074 return PTR_ERR(css);
3077 if (cgroup_control(dsct) & (1 << ss->id)) {
3078 ret = css_populate_dir(css);
3089 * cgroup_apply_control_disable - kill or hide csses according to control
3090 * @cgrp: root of the target subtree
3092 * Walk @cgrp's subtree and kill and hide csses so that they match
3093 * cgroup_ss_mask() and cgroup_visible_mask().
3095 * A css is hidden when the userland requests it to be disabled while other
3096 * subsystems are still depending on it. The css must not actively control
3097 * resources and be in the vanilla state if it's made visible again later.
3098 * Controllers which may be depended upon should provide ->css_reset() for
3101 static void cgroup_apply_control_disable(struct cgroup *cgrp)
3103 struct cgroup *dsct;
3104 struct cgroup_subsys_state *d_css;
3105 struct cgroup_subsys *ss;
3108 cgroup_for_each_live_descendant_post(dsct, d_css, cgrp) {
3109 for_each_subsys(ss, ssid) {
3110 struct cgroup_subsys_state *css = cgroup_css(dsct, ss);
3112 WARN_ON_ONCE(css && percpu_ref_is_dying(&css->refcnt));
3118 !(cgroup_ss_mask(dsct) & (1 << ss->id))) {
3120 } else if (!(cgroup_control(dsct) & (1 << ss->id))) {
3130 * cgroup_apply_control - apply control mask updates to the subtree
3131 * @cgrp: root of the target subtree
3133 * subsystems can be enabled and disabled in a subtree using the following
3136 * 1. Call cgroup_save_control() to stash the current state.
3137 * 2. Update ->subtree_control masks in the subtree as desired.
3138 * 3. Call cgroup_apply_control() to apply the changes.
3139 * 4. Optionally perform other related operations.
3140 * 5. Call cgroup_finalize_control() to finish up.
3142 * This function implements step 3 and propagates the mask changes
3143 * throughout @cgrp's subtree, updates csses accordingly and perform
3144 * process migrations.
3146 static int cgroup_apply_control(struct cgroup *cgrp)
3150 cgroup_propagate_control(cgrp);
3152 ret = cgroup_apply_control_enable(cgrp);
3157 * At this point, cgroup_e_css() results reflect the new csses
3158 * making the following cgroup_update_dfl_csses() properly update
3159 * css associations of all tasks in the subtree.
3161 ret = cgroup_update_dfl_csses(cgrp);
3169 * cgroup_finalize_control - finalize control mask update
3170 * @cgrp: root of the target subtree
3171 * @ret: the result of the update
3173 * Finalize control mask update. See cgroup_apply_control() for more info.
3175 static void cgroup_finalize_control(struct cgroup *cgrp, int ret)
3178 cgroup_restore_control(cgrp);
3179 cgroup_propagate_control(cgrp);
3182 cgroup_apply_control_disable(cgrp);
3185 /* change the enabled child controllers for a cgroup in the default hierarchy */
3186 static ssize_t cgroup_subtree_control_write(struct kernfs_open_file *of,
3187 char *buf, size_t nbytes,
3190 u16 enable = 0, disable = 0;
3191 struct cgroup *cgrp, *child;
3192 struct cgroup_subsys *ss;
3197 * Parse input - space separated list of subsystem names prefixed
3198 * with either + or -.
3200 buf = strstrip(buf);
3201 while ((tok = strsep(&buf, " "))) {
3204 do_each_subsys_mask(ss, ssid, ~cgrp_dfl_inhibit_ss_mask) {
3205 if (!cgroup_ssid_enabled(ssid) ||
3206 strcmp(tok + 1, ss->name))
3210 enable |= 1 << ssid;
3211 disable &= ~(1 << ssid);
3212 } else if (*tok == '-') {
3213 disable |= 1 << ssid;
3214 enable &= ~(1 << ssid);
3219 } while_each_subsys_mask();
3220 if (ssid == CGROUP_SUBSYS_COUNT)
3224 cgrp = cgroup_kn_lock_live(of->kn, true);
3228 for_each_subsys(ss, ssid) {
3229 if (enable & (1 << ssid)) {
3230 if (cgrp->subtree_control & (1 << ssid)) {
3231 enable &= ~(1 << ssid);
3235 if (!(cgroup_control(cgrp) & (1 << ssid))) {
3239 } else if (disable & (1 << ssid)) {
3240 if (!(cgrp->subtree_control & (1 << ssid))) {
3241 disable &= ~(1 << ssid);
3245 /* a child has it enabled? */
3246 cgroup_for_each_live_child(child, cgrp) {
3247 if (child->subtree_control & (1 << ssid)) {
3255 if (!enable && !disable) {
3261 * Except for the root, subtree_control must be zero for a cgroup
3262 * with tasks so that child cgroups don't compete against tasks.
3264 if (enable && cgroup_parent(cgrp) && !list_empty(&cgrp->cset_links)) {
3269 /* save and update control masks and prepare csses */
3270 cgroup_save_control(cgrp);
3272 cgrp->subtree_control |= enable;
3273 cgrp->subtree_control &= ~disable;
3275 ret = cgroup_apply_control(cgrp);
3277 cgroup_finalize_control(cgrp, ret);
3279 kernfs_activate(cgrp->kn);
3282 cgroup_kn_unlock(of->kn);
3283 return ret ?: nbytes;
3286 static int cgroup_events_show(struct seq_file *seq, void *v)
3288 seq_printf(seq, "populated %d\n",
3289 cgroup_is_populated(seq_css(seq)->cgroup));
3293 static ssize_t cgroup_file_write(struct kernfs_open_file *of, char *buf,
3294 size_t nbytes, loff_t off)
3296 struct cgroup *cgrp = of->kn->parent->priv;
3297 struct cftype *cft = of->kn->priv;
3298 struct cgroup_subsys_state *css;
3302 return cft->write(of, buf, nbytes, off);
3305 * kernfs guarantees that a file isn't deleted with operations in
3306 * flight, which means that the matching css is and stays alive and
3307 * doesn't need to be pinned. The RCU locking is not necessary
3308 * either. It's just for the convenience of using cgroup_css().
3311 css = cgroup_css(cgrp, cft->ss);
3314 if (cft->write_u64) {
3315 unsigned long long v;
3316 ret = kstrtoull(buf, 0, &v);
3318 ret = cft->write_u64(css, cft, v);
3319 } else if (cft->write_s64) {
3321 ret = kstrtoll(buf, 0, &v);
3323 ret = cft->write_s64(css, cft, v);
3328 return ret ?: nbytes;
3331 static void *cgroup_seqfile_start(struct seq_file *seq, loff_t *ppos)
3333 return seq_cft(seq)->seq_start(seq, ppos);
3336 static void *cgroup_seqfile_next(struct seq_file *seq, void *v, loff_t *ppos)
3338 return seq_cft(seq)->seq_next(seq, v, ppos);
3341 static void cgroup_seqfile_stop(struct seq_file *seq, void *v)
3343 seq_cft(seq)->seq_stop(seq, v);
3346 static int cgroup_seqfile_show(struct seq_file *m, void *arg)
3348 struct cftype *cft = seq_cft(m);
3349 struct cgroup_subsys_state *css = seq_css(m);
3352 return cft->seq_show(m, arg);
3355 seq_printf(m, "%llu\n", cft->read_u64(css, cft));
3356 else if (cft->read_s64)
3357 seq_printf(m, "%lld\n", cft->read_s64(css, cft));
3363 static struct kernfs_ops cgroup_kf_single_ops = {
3364 .atomic_write_len = PAGE_SIZE,
3365 .write = cgroup_file_write,
3366 .seq_show = cgroup_seqfile_show,
3369 static struct kernfs_ops cgroup_kf_ops = {
3370 .atomic_write_len = PAGE_SIZE,
3371 .write = cgroup_file_write,
3372 .seq_start = cgroup_seqfile_start,
3373 .seq_next = cgroup_seqfile_next,
3374 .seq_stop = cgroup_seqfile_stop,
3375 .seq_show = cgroup_seqfile_show,
3379 * cgroup_rename - Only allow simple rename of directories in place.
3381 static int cgroup_rename(struct kernfs_node *kn, struct kernfs_node *new_parent,
3382 const char *new_name_str)
3384 struct cgroup *cgrp = kn->priv;
3387 if (kernfs_type(kn) != KERNFS_DIR)
3389 if (kn->parent != new_parent)
3393 * This isn't a proper migration and its usefulness is very
3394 * limited. Disallow on the default hierarchy.
3396 if (cgroup_on_dfl(cgrp))
3400 * We're gonna grab cgroup_mutex which nests outside kernfs
3401 * active_ref. kernfs_rename() doesn't require active_ref
3402 * protection. Break them before grabbing cgroup_mutex.
3404 kernfs_break_active_protection(new_parent);
3405 kernfs_break_active_protection(kn);
3407 mutex_lock(&cgroup_mutex);
3409 ret = kernfs_rename(kn, new_parent, new_name_str);
3411 mutex_unlock(&cgroup_mutex);
3413 kernfs_unbreak_active_protection(kn);
3414 kernfs_unbreak_active_protection(new_parent);
3418 /* set uid and gid of cgroup dirs and files to that of the creator */
3419 static int cgroup_kn_set_ugid(struct kernfs_node *kn)
3421 struct iattr iattr = { .ia_valid = ATTR_UID | ATTR_GID,
3422 .ia_uid = current_fsuid(),
3423 .ia_gid = current_fsgid(), };
3425 if (uid_eq(iattr.ia_uid, GLOBAL_ROOT_UID) &&
3426 gid_eq(iattr.ia_gid, GLOBAL_ROOT_GID))
3429 return kernfs_setattr(kn, &iattr);
3432 static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp,
3435 char name[CGROUP_FILE_NAME_MAX];
3436 struct kernfs_node *kn;
3437 struct lock_class_key *key = NULL;
3440 #ifdef CONFIG_DEBUG_LOCK_ALLOC
3441 key = &cft->lockdep_key;
3443 kn = __kernfs_create_file(cgrp->kn, cgroup_file_name(cgrp, cft, name),
3444 cgroup_file_mode(cft), 0, cft->kf_ops, cft,
3449 ret = cgroup_kn_set_ugid(kn);
3455 if (cft->file_offset) {
3456 struct cgroup_file *cfile = (void *)css + cft->file_offset;
3458 spin_lock_irq(&cgroup_file_kn_lock);
3460 spin_unlock_irq(&cgroup_file_kn_lock);
3467 * cgroup_addrm_files - add or remove files to a cgroup directory
3468 * @css: the target css
3469 * @cgrp: the target cgroup (usually css->cgroup)
3470 * @cfts: array of cftypes to be added
3471 * @is_add: whether to add or remove
3473 * Depending on @is_add, add or remove files defined by @cfts on @cgrp.
3474 * For removals, this function never fails.
3476 static int cgroup_addrm_files(struct cgroup_subsys_state *css,
3477 struct cgroup *cgrp, struct cftype cfts[],
3480 struct cftype *cft, *cft_end = NULL;
3483 lockdep_assert_held(&cgroup_mutex);
3486 for (cft = cfts; cft != cft_end && cft->name[0] != '\0'; cft++) {
3487 /* does cft->flags tell us to skip this file on @cgrp? */
3488 if ((cft->flags & __CFTYPE_ONLY_ON_DFL) && !cgroup_on_dfl(cgrp))
3490 if ((cft->flags & __CFTYPE_NOT_ON_DFL) && cgroup_on_dfl(cgrp))
3492 if ((cft->flags & CFTYPE_NOT_ON_ROOT) && !cgroup_parent(cgrp))
3494 if ((cft->flags & CFTYPE_ONLY_ON_ROOT) && cgroup_parent(cgrp))
3498 ret = cgroup_add_file(css, cgrp, cft);
3500 pr_warn("%s: failed to add %s, err=%d\n",
3501 __func__, cft->name, ret);
3507 cgroup_rm_file(cgrp, cft);
3513 static int cgroup_apply_cftypes(struct cftype *cfts, bool is_add)
3516 struct cgroup_subsys *ss = cfts[0].ss;
3517 struct cgroup *root = &ss->root->cgrp;
3518 struct cgroup_subsys_state *css;
3521 lockdep_assert_held(&cgroup_mutex);
3523 /* add/rm files for all cgroups created before */
3524 css_for_each_descendant_pre(css, cgroup_css(root, ss)) {
3525 struct cgroup *cgrp = css->cgroup;
3527 if (!(css->flags & CSS_VISIBLE))
3530 ret = cgroup_addrm_files(css, cgrp, cfts, is_add);
3536 kernfs_activate(root->kn);
3540 static void cgroup_exit_cftypes(struct cftype *cfts)
3544 for (cft = cfts; cft->name[0] != '\0'; cft++) {
3545 /* free copy for custom atomic_write_len, see init_cftypes() */
3546 if (cft->max_write_len && cft->max_write_len != PAGE_SIZE)
3551 /* revert flags set by cgroup core while adding @cfts */
3552 cft->flags &= ~(__CFTYPE_ONLY_ON_DFL | __CFTYPE_NOT_ON_DFL);
3556 static int cgroup_init_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3560 for (cft = cfts; cft->name[0] != '\0'; cft++) {
3561 struct kernfs_ops *kf_ops;
3563 WARN_ON(cft->ss || cft->kf_ops);
3566 kf_ops = &cgroup_kf_ops;
3568 kf_ops = &cgroup_kf_single_ops;
3571 * Ugh... if @cft wants a custom max_write_len, we need to
3572 * make a copy of kf_ops to set its atomic_write_len.
3574 if (cft->max_write_len && cft->max_write_len != PAGE_SIZE) {
3575 kf_ops = kmemdup(kf_ops, sizeof(*kf_ops), GFP_KERNEL);
3577 cgroup_exit_cftypes(cfts);
3580 kf_ops->atomic_write_len = cft->max_write_len;
3583 cft->kf_ops = kf_ops;
3590 static int cgroup_rm_cftypes_locked(struct cftype *cfts)
3592 lockdep_assert_held(&cgroup_mutex);
3594 if (!cfts || !cfts[0].ss)
3597 list_del(&cfts->node);
3598 cgroup_apply_cftypes(cfts, false);
3599 cgroup_exit_cftypes(cfts);
3604 * cgroup_rm_cftypes - remove an array of cftypes from a subsystem
3605 * @cfts: zero-length name terminated array of cftypes
3607 * Unregister @cfts. Files described by @cfts are removed from all
3608 * existing cgroups and all future cgroups won't have them either. This
3609 * function can be called anytime whether @cfts' subsys is attached or not.
3611 * Returns 0 on successful unregistration, -ENOENT if @cfts is not
3614 int cgroup_rm_cftypes(struct cftype *cfts)
3618 mutex_lock(&cgroup_mutex);
3619 ret = cgroup_rm_cftypes_locked(cfts);
3620 mutex_unlock(&cgroup_mutex);
3625 * cgroup_add_cftypes - add an array of cftypes to a subsystem
3626 * @ss: target cgroup subsystem
3627 * @cfts: zero-length name terminated array of cftypes
3629 * Register @cfts to @ss. Files described by @cfts are created for all
3630 * existing cgroups to which @ss is attached and all future cgroups will
3631 * have them too. This function can be called anytime whether @ss is
3634 * Returns 0 on successful registration, -errno on failure. Note that this
3635 * function currently returns 0 as long as @cfts registration is successful
3636 * even if some file creation attempts on existing cgroups fail.
3638 static int cgroup_add_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3642 if (!cgroup_ssid_enabled(ss->id))
3645 if (!cfts || cfts[0].name[0] == '\0')
3648 ret = cgroup_init_cftypes(ss, cfts);
3652 mutex_lock(&cgroup_mutex);
3654 list_add_tail(&cfts->node, &ss->cfts);
3655 ret = cgroup_apply_cftypes(cfts, true);
3657 cgroup_rm_cftypes_locked(cfts);
3659 mutex_unlock(&cgroup_mutex);
3664 * cgroup_add_dfl_cftypes - add an array of cftypes for default hierarchy
3665 * @ss: target cgroup subsystem
3666 * @cfts: zero-length name terminated array of cftypes
3668 * Similar to cgroup_add_cftypes() but the added files are only used for
3669 * the default hierarchy.
3671 int cgroup_add_dfl_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3675 for (cft = cfts; cft && cft->name[0] != '\0'; cft++)
3676 cft->flags |= __CFTYPE_ONLY_ON_DFL;
3677 return cgroup_add_cftypes(ss, cfts);
3681 * cgroup_add_legacy_cftypes - add an array of cftypes for legacy hierarchies
3682 * @ss: target cgroup subsystem
3683 * @cfts: zero-length name terminated array of cftypes
3685 * Similar to cgroup_add_cftypes() but the added files are only used for
3686 * the legacy hierarchies.
3688 int cgroup_add_legacy_cftypes(struct cgroup_subsys *ss, struct cftype *cfts)
3692 for (cft = cfts; cft && cft->name[0] != '\0'; cft++)
3693 cft->flags |= __CFTYPE_NOT_ON_DFL;
3694 return cgroup_add_cftypes(ss, cfts);
3698 * cgroup_file_notify - generate a file modified event for a cgroup_file
3699 * @cfile: target cgroup_file
3701 * @cfile must have been obtained by setting cftype->file_offset.
3703 void cgroup_file_notify(struct cgroup_file *cfile)
3705 unsigned long flags;
3707 spin_lock_irqsave(&cgroup_file_kn_lock, flags);
3709 kernfs_notify(cfile->kn);
3710 spin_unlock_irqrestore(&cgroup_file_kn_lock, flags);
3714 * cgroup_task_count - count the number of tasks in a cgroup.
3715 * @cgrp: the cgroup in question
3717 * Return the number of tasks in the cgroup.
3719 static int cgroup_task_count(const struct cgroup *cgrp)
3722 struct cgrp_cset_link *link;
3724 spin_lock_bh(&css_set_lock);
3725 list_for_each_entry(link, &cgrp->cset_links, cset_link)
3726 count += atomic_read(&link->cset->refcount);
3727 spin_unlock_bh(&css_set_lock);
3732 * css_next_child - find the next child of a given css
3733 * @pos: the current position (%NULL to initiate traversal)
3734 * @parent: css whose children to walk
3736 * This function returns the next child of @parent and should be called
3737 * under either cgroup_mutex or RCU read lock. The only requirement is
3738 * that @parent and @pos are accessible. The next sibling is guaranteed to
3739 * be returned regardless of their states.
3741 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3742 * css which finished ->css_online() is guaranteed to be visible in the
3743 * future iterations and will stay visible until the last reference is put.
3744 * A css which hasn't finished ->css_online() or already finished
3745 * ->css_offline() may show up during traversal. It's each subsystem's
3746 * responsibility to synchronize against on/offlining.
3748 struct cgroup_subsys_state *css_next_child(struct cgroup_subsys_state *pos,
3749 struct cgroup_subsys_state *parent)
3751 struct cgroup_subsys_state *next;
3753 cgroup_assert_mutex_or_rcu_locked();
3756 * @pos could already have been unlinked from the sibling list.
3757 * Once a cgroup is removed, its ->sibling.next is no longer
3758 * updated when its next sibling changes. CSS_RELEASED is set when
3759 * @pos is taken off list, at which time its next pointer is valid,
3760 * and, as releases are serialized, the one pointed to by the next
3761 * pointer is guaranteed to not have started release yet. This
3762 * implies that if we observe !CSS_RELEASED on @pos in this RCU
3763 * critical section, the one pointed to by its next pointer is
3764 * guaranteed to not have finished its RCU grace period even if we
3765 * have dropped rcu_read_lock() inbetween iterations.
3767 * If @pos has CSS_RELEASED set, its next pointer can't be
3768 * dereferenced; however, as each css is given a monotonically
3769 * increasing unique serial number and always appended to the
3770 * sibling list, the next one can be found by walking the parent's
3771 * children until the first css with higher serial number than
3772 * @pos's. While this path can be slower, it happens iff iteration
3773 * races against release and the race window is very small.
3776 next = list_entry_rcu(parent->children.next, struct cgroup_subsys_state, sibling);
3777 } else if (likely(!(pos->flags & CSS_RELEASED))) {
3778 next = list_entry_rcu(pos->sibling.next, struct cgroup_subsys_state, sibling);
3780 list_for_each_entry_rcu(next, &parent->children, sibling)
3781 if (next->serial_nr > pos->serial_nr)
3786 * @next, if not pointing to the head, can be dereferenced and is
3789 if (&next->sibling != &parent->children)
3795 * css_next_descendant_pre - find the next descendant for pre-order walk
3796 * @pos: the current position (%NULL to initiate traversal)
3797 * @root: css whose descendants to walk
3799 * To be used by css_for_each_descendant_pre(). Find the next descendant
3800 * to visit for pre-order traversal of @root's descendants. @root is
3801 * included in the iteration and the first node to be visited.
3803 * While this function requires cgroup_mutex or RCU read locking, it
3804 * doesn't require the whole traversal to be contained in a single critical
3805 * section. This function will return the correct next descendant as long
3806 * as both @pos and @root are accessible and @pos is a descendant of @root.
3808 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3809 * css which finished ->css_online() is guaranteed to be visible in the
3810 * future iterations and will stay visible until the last reference is put.
3811 * A css which hasn't finished ->css_online() or already finished
3812 * ->css_offline() may show up during traversal. It's each subsystem's
3813 * responsibility to synchronize against on/offlining.
3815 struct cgroup_subsys_state *
3816 css_next_descendant_pre(struct cgroup_subsys_state *pos,
3817 struct cgroup_subsys_state *root)
3819 struct cgroup_subsys_state *next;
3821 cgroup_assert_mutex_or_rcu_locked();
3823 /* if first iteration, visit @root */
3827 /* visit the first child if exists */
3828 next = css_next_child(NULL, pos);
3832 /* no child, visit my or the closest ancestor's next sibling */
3833 while (pos != root) {
3834 next = css_next_child(pos, pos->parent);
3844 * css_rightmost_descendant - return the rightmost descendant of a css
3845 * @pos: css of interest
3847 * Return the rightmost descendant of @pos. If there's no descendant, @pos
3848 * is returned. This can be used during pre-order traversal to skip
3851 * While this function requires cgroup_mutex or RCU read locking, it
3852 * doesn't require the whole traversal to be contained in a single critical
3853 * section. This function will return the correct rightmost descendant as
3854 * long as @pos is accessible.
3856 struct cgroup_subsys_state *
3857 css_rightmost_descendant(struct cgroup_subsys_state *pos)
3859 struct cgroup_subsys_state *last, *tmp;
3861 cgroup_assert_mutex_or_rcu_locked();
3865 /* ->prev isn't RCU safe, walk ->next till the end */
3867 css_for_each_child(tmp, last)
3874 static struct cgroup_subsys_state *
3875 css_leftmost_descendant(struct cgroup_subsys_state *pos)
3877 struct cgroup_subsys_state *last;
3881 pos = css_next_child(NULL, pos);
3888 * css_next_descendant_post - find the next descendant for post-order walk
3889 * @pos: the current position (%NULL to initiate traversal)
3890 * @root: css whose descendants to walk
3892 * To be used by css_for_each_descendant_post(). Find the next descendant
3893 * to visit for post-order traversal of @root's descendants. @root is
3894 * included in the iteration and the last node to be visited.
3896 * While this function requires cgroup_mutex or RCU read locking, it
3897 * doesn't require the whole traversal to be contained in a single critical
3898 * section. This function will return the correct next descendant as long
3899 * as both @pos and @cgroup are accessible and @pos is a descendant of
3902 * If a subsystem synchronizes ->css_online() and the start of iteration, a
3903 * css which finished ->css_online() is guaranteed to be visible in the
3904 * future iterations and will stay visible until the last reference is put.
3905 * A css which hasn't finished ->css_online() or already finished
3906 * ->css_offline() may show up during traversal. It's each subsystem's
3907 * responsibility to synchronize against on/offlining.
3909 struct cgroup_subsys_state *
3910 css_next_descendant_post(struct cgroup_subsys_state *pos,
3911 struct cgroup_subsys_state *root)
3913 struct cgroup_subsys_state *next;
3915 cgroup_assert_mutex_or_rcu_locked();
3917 /* if first iteration, visit leftmost descendant which may be @root */
3919 return css_leftmost_descendant(root);
3921 /* if we visited @root, we're done */
3925 /* if there's an unvisited sibling, visit its leftmost descendant */
3926 next = css_next_child(pos, pos->parent);
3928 return css_leftmost_descendant(next);
3930 /* no sibling left, visit parent */
3935 * css_has_online_children - does a css have online children
3936 * @css: the target css
3938 * Returns %true if @css has any online children; otherwise, %false. This
3939 * function can be called from any context but the caller is responsible
3940 * for synchronizing against on/offlining as necessary.
3942 bool css_has_online_children(struct cgroup_subsys_state *css)
3944 struct cgroup_subsys_state *child;
3948 css_for_each_child(child, css) {
3949 if (child->flags & CSS_ONLINE) {
3959 * css_task_iter_advance_css_set - advance a task itererator to the next css_set
3960 * @it: the iterator to advance
3962 * Advance @it to the next css_set to walk.
3964 static void css_task_iter_advance_css_set(struct css_task_iter *it)
3966 struct list_head *l = it->cset_pos;
3967 struct cgrp_cset_link *link;
3968 struct css_set *cset;
3970 lockdep_assert_held(&css_set_lock);
3972 /* Advance to the next non-empty css_set */
3975 if (l == it->cset_head) {
3976 it->cset_pos = NULL;
3977 it->task_pos = NULL;
3982 cset = container_of(l, struct css_set,
3983 e_cset_node[it->ss->id]);
3985 link = list_entry(l, struct cgrp_cset_link, cset_link);
3988 } while (!css_set_populated(cset));
3992 if (!list_empty(&cset->tasks))
3993 it->task_pos = cset->tasks.next;
3995 it->task_pos = cset->mg_tasks.next;
3997 it->tasks_head = &cset->tasks;
3998 it->mg_tasks_head = &cset->mg_tasks;
4001 * We don't keep css_sets locked across iteration steps and thus
4002 * need to take steps to ensure that iteration can be resumed after
4003 * the lock is re-acquired. Iteration is performed at two levels -
4004 * css_sets and tasks in them.
4006 * Once created, a css_set never leaves its cgroup lists, so a
4007 * pinned css_set is guaranteed to stay put and we can resume
4008 * iteration afterwards.
4010 * Tasks may leave @cset across iteration steps. This is resolved
4011 * by registering each iterator with the css_set currently being
4012 * walked and making css_set_move_task() advance iterators whose
4013 * next task is leaving.
4016 list_del(&it->iters_node);
4017 put_css_set_locked(it->cur_cset);
4020 it->cur_cset = cset;
4021 list_add(&it->iters_node, &cset->task_iters);
4024 static void css_task_iter_advance(struct css_task_iter *it)
4026 struct list_head *l = it->task_pos;
4028 lockdep_assert_held(&css_set_lock);
4032 * Advance iterator to find next entry. cset->tasks is consumed
4033 * first and then ->mg_tasks. After ->mg_tasks, we move onto the
4038 if (l == it->tasks_head)
4039 l = it->mg_tasks_head->next;
4041 if (l == it->mg_tasks_head)
4042 css_task_iter_advance_css_set(it);
4048 * css_task_iter_start - initiate task iteration
4049 * @css: the css to walk tasks of
4050 * @it: the task iterator to use
4052 * Initiate iteration through the tasks of @css. The caller can call
4053 * css_task_iter_next() to walk through the tasks until the function
4054 * returns NULL. On completion of iteration, css_task_iter_end() must be
4057 void css_task_iter_start(struct cgroup_subsys_state *css,
4058 struct css_task_iter *it)
4060 /* no one should try to iterate before mounting cgroups */
4061 WARN_ON_ONCE(!use_task_css_set_links);
4063 memset(it, 0, sizeof(*it));
4065 spin_lock_bh(&css_set_lock);
4070 it->cset_pos = &css->cgroup->e_csets[css->ss->id];
4072 it->cset_pos = &css->cgroup->cset_links;
4074 it->cset_head = it->cset_pos;
4076 css_task_iter_advance_css_set(it);
4078 spin_unlock_bh(&css_set_lock);
4082 * css_task_iter_next - return the next task for the iterator
4083 * @it: the task iterator being iterated
4085 * The "next" function for task iteration. @it should have been
4086 * initialized via css_task_iter_start(). Returns NULL when the iteration
4089 struct task_struct *css_task_iter_next(struct css_task_iter *it)
4092 put_task_struct(it->cur_task);
4093 it->cur_task = NULL;
4096 spin_lock_bh(&css_set_lock);
4099 it->cur_task = list_entry(it->task_pos, struct task_struct,
4101 get_task_struct(it->cur_task);
4102 css_task_iter_advance(it);
4105 spin_unlock_bh(&css_set_lock);
4107 return it->cur_task;
4111 * css_task_iter_end - finish task iteration
4112 * @it: the task iterator to finish
4114 * Finish task iteration started by css_task_iter_start().
4116 void css_task_iter_end(struct css_task_iter *it)
4119 spin_lock_bh(&css_set_lock);
4120 list_del(&it->iters_node);
4121 put_css_set_locked(it->cur_cset);
4122 spin_unlock_bh(&css_set_lock);
4126 put_task_struct(it->cur_task);
4130 * cgroup_trasnsfer_tasks - move tasks from one cgroup to another
4131 * @to: cgroup to which the tasks will be moved
4132 * @from: cgroup in which the tasks currently reside
4134 * Locking rules between cgroup_post_fork() and the migration path
4135 * guarantee that, if a task is forking while being migrated, the new child
4136 * is guaranteed to be either visible in the source cgroup after the
4137 * parent's migration is complete or put into the target cgroup. No task
4138 * can slip out of migration through forking.
4140 int cgroup_transfer_tasks(struct cgroup *to, struct cgroup *from)
4142 LIST_HEAD(preloaded_csets);
4143 struct cgrp_cset_link *link;
4144 struct css_task_iter it;
4145 struct task_struct *task;
4148 if (!cgroup_may_migrate_to(to))
4151 mutex_lock(&cgroup_mutex);
4153 /* all tasks in @from are being moved, all csets are source */
4154 spin_lock_bh(&css_set_lock);
4155 list_for_each_entry(link, &from->cset_links, cset_link)
4156 cgroup_migrate_add_src(link->cset, to, &preloaded_csets);
4157 spin_unlock_bh(&css_set_lock);
4159 ret = cgroup_migrate_prepare_dst(&preloaded_csets);
4164 * Migrate tasks one-by-one until @from is empty. This fails iff
4165 * ->can_attach() fails.
4168 css_task_iter_start(&from->self, &it);
4169 task = css_task_iter_next(&it);
4171 get_task_struct(task);
4172 css_task_iter_end(&it);
4175 ret = cgroup_migrate(task, false, to->root);
4176 put_task_struct(task);
4178 } while (task && !ret);
4180 cgroup_migrate_finish(&preloaded_csets);
4181 mutex_unlock(&cgroup_mutex);
4186 * Stuff for reading the 'tasks'/'procs' files.
4188 * Reading this file can return large amounts of data if a cgroup has
4189 * *lots* of attached tasks. So it may need several calls to read(),
4190 * but we cannot guarantee that the information we produce is correct
4191 * unless we produce it entirely atomically.
4195 /* which pidlist file are we talking about? */
4196 enum cgroup_filetype {
4202 * A pidlist is a list of pids that virtually represents the contents of one
4203 * of the cgroup files ("procs" or "tasks"). We keep a list of such pidlists,
4204 * a pair (one each for procs, tasks) for each pid namespace that's relevant
4207 struct cgroup_pidlist {
4209 * used to find which pidlist is wanted. doesn't change as long as
4210 * this particular list stays in the list.
4212 struct { enum cgroup_filetype type; struct pid_namespace *ns; } key;
4215 /* how many elements the above list has */
4217 /* each of these stored in a list by its cgroup */
4218 struct list_head links;
4219 /* pointer to the cgroup we belong to, for list removal purposes */
4220 struct cgroup *owner;
4221 /* for delayed destruction */
4222 struct delayed_work destroy_dwork;
4226 * The following two functions "fix" the issue where there are more pids
4227 * than kmalloc will give memory for; in such cases, we use vmalloc/vfree.
4228 * TODO: replace with a kernel-wide solution to this problem
4230 #define PIDLIST_TOO_LARGE(c) ((c) * sizeof(pid_t) > (PAGE_SIZE * 2))
4231 static void *pidlist_allocate(int count)
4233 if (PIDLIST_TOO_LARGE(count))
4234 return vmalloc(count * sizeof(pid_t));
4236 return kmalloc(count * sizeof(pid_t), GFP_KERNEL);
4239 static void pidlist_free(void *p)
4245 * Used to destroy all pidlists lingering waiting for destroy timer. None
4246 * should be left afterwards.
4248 static void cgroup_pidlist_destroy_all(struct cgroup *cgrp)
4250 struct cgroup_pidlist *l, *tmp_l;
4252 mutex_lock(&cgrp->pidlist_mutex);
4253 list_for_each_entry_safe(l, tmp_l, &cgrp->pidlists, links)
4254 mod_delayed_work(cgroup_pidlist_destroy_wq, &l->destroy_dwork, 0);
4255 mutex_unlock(&cgrp->pidlist_mutex);
4257 flush_workqueue(cgroup_pidlist_destroy_wq);
4258 BUG_ON(!list_empty(&cgrp->pidlists));
4261 static void cgroup_pidlist_destroy_work_fn(struct work_struct *work)
4263 struct delayed_work *dwork = to_delayed_work(work);
4264 struct cgroup_pidlist *l = container_of(dwork, struct cgroup_pidlist,
4266 struct cgroup_pidlist *tofree = NULL;
4268 mutex_lock(&l->owner->pidlist_mutex);
4271 * Destroy iff we didn't get queued again. The state won't change
4272 * as destroy_dwork can only be queued while locked.
4274 if (!delayed_work_pending(dwork)) {
4275 list_del(&l->links);
4276 pidlist_free(l->list);
4277 put_pid_ns(l->key.ns);
4281 mutex_unlock(&l->owner->pidlist_mutex);
4286 * pidlist_uniq - given a kmalloc()ed list, strip out all duplicate entries
4287 * Returns the number of unique elements.
4289 static int pidlist_uniq(pid_t *list, int length)
4294 * we presume the 0th element is unique, so i starts at 1. trivial
4295 * edge cases first; no work needs to be done for either
4297 if (length == 0 || length == 1)
4299 /* src and dest walk down the list; dest counts unique elements */
4300 for (src = 1; src < length; src++) {
4301 /* find next unique element */
4302 while (list[src] == list[src-1]) {
4307 /* dest always points to where the next unique element goes */
4308 list[dest] = list[src];
4316 * The two pid files - task and cgroup.procs - guaranteed that the result
4317 * is sorted, which forced this whole pidlist fiasco. As pid order is
4318 * different per namespace, each namespace needs differently sorted list,
4319 * making it impossible to use, for example, single rbtree of member tasks
4320 * sorted by task pointer. As pidlists can be fairly large, allocating one
4321 * per open file is dangerous, so cgroup had to implement shared pool of
4322 * pidlists keyed by cgroup and namespace.
4324 * All this extra complexity was caused by the original implementation
4325 * committing to an entirely unnecessary property. In the long term, we
4326 * want to do away with it. Explicitly scramble sort order if on the
4327 * default hierarchy so that no such expectation exists in the new
4330 * Scrambling is done by swapping every two consecutive bits, which is
4331 * non-identity one-to-one mapping which disturbs sort order sufficiently.
4333 static pid_t pid_fry(pid_t pid)
4335 unsigned a = pid & 0x55555555;
4336 unsigned b = pid & 0xAAAAAAAA;
4338 return (a << 1) | (b >> 1);
4341 static pid_t cgroup_pid_fry(struct cgroup *cgrp, pid_t pid)
4343 if (cgroup_on_dfl(cgrp))
4344 return pid_fry(pid);
4349 static int cmppid(const void *a, const void *b)
4351 return *(pid_t *)a - *(pid_t *)b;
4354 static int fried_cmppid(const void *a, const void *b)
4356 return pid_fry(*(pid_t *)a) - pid_fry(*(pid_t *)b);
4359 static struct cgroup_pidlist *cgroup_pidlist_find(struct cgroup *cgrp,
4360 enum cgroup_filetype type)
4362 struct cgroup_pidlist *l;
4363 /* don't need task_nsproxy() if we're looking at ourself */
4364 struct pid_namespace *ns = task_active_pid_ns(current);
4366 lockdep_assert_held(&cgrp->pidlist_mutex);
4368 list_for_each_entry(l, &cgrp->pidlists, links)
4369 if (l->key.type == type && l->key.ns == ns)
4375 * find the appropriate pidlist for our purpose (given procs vs tasks)
4376 * returns with the lock on that pidlist already held, and takes care
4377 * of the use count, or returns NULL with no locks held if we're out of
4380 static struct cgroup_pidlist *cgroup_pidlist_find_create(struct cgroup *cgrp,
4381 enum cgroup_filetype type)
4383 struct cgroup_pidlist *l;
4385 lockdep_assert_held(&cgrp->pidlist_mutex);
4387 l = cgroup_pidlist_find(cgrp, type);
4391 /* entry not found; create a new one */
4392 l = kzalloc(sizeof(struct cgroup_pidlist), GFP_KERNEL);
4396 INIT_DELAYED_WORK(&l->destroy_dwork, cgroup_pidlist_destroy_work_fn);
4398 /* don't need task_nsproxy() if we're looking at ourself */
4399 l->key.ns = get_pid_ns(task_active_pid_ns(current));
4401 list_add(&l->links, &cgrp->pidlists);
4406 * Load a cgroup's pidarray with either procs' tgids or tasks' pids
4408 static int pidlist_array_load(struct cgroup *cgrp, enum cgroup_filetype type,
4409 struct cgroup_pidlist **lp)
4413 int pid, n = 0; /* used for populating the array */
4414 struct css_task_iter it;
4415 struct task_struct *tsk;
4416 struct cgroup_pidlist *l;
4418 lockdep_assert_held(&cgrp->pidlist_mutex);
4421 * If cgroup gets more users after we read count, we won't have
4422 * enough space - tough. This race is indistinguishable to the
4423 * caller from the case that the additional cgroup users didn't
4424 * show up until sometime later on.
4426 length = cgroup_task_count(cgrp);
4427 array = pidlist_allocate(length);
4430 /* now, populate the array */
4431 css_task_iter_start(&cgrp->self, &it);
4432 while ((tsk = css_task_iter_next(&it))) {
4433 if (unlikely(n == length))
4435 /* get tgid or pid for procs or tasks file respectively */
4436 if (type == CGROUP_FILE_PROCS)
4437 pid = task_tgid_vnr(tsk);
4439 pid = task_pid_vnr(tsk);
4440 if (pid > 0) /* make sure to only use valid results */
4443 css_task_iter_end(&it);
4445 /* now sort & (if procs) strip out duplicates */
4446 if (cgroup_on_dfl(cgrp))
4447 sort(array, length, sizeof(pid_t), fried_cmppid, NULL);
4449 sort(array, length, sizeof(pid_t), cmppid, NULL);
4450 if (type == CGROUP_FILE_PROCS)
4451 length = pidlist_uniq(array, length);
4453 l = cgroup_pidlist_find_create(cgrp, type);
4455 pidlist_free(array);
4459 /* store array, freeing old if necessary */
4460 pidlist_free(l->list);
4468 * cgroupstats_build - build and fill cgroupstats
4469 * @stats: cgroupstats to fill information into
4470 * @dentry: A dentry entry belonging to the cgroup for which stats have
4473 * Build and fill cgroupstats so that taskstats can export it to user
4476 int cgroupstats_build(struct cgroupstats *stats, struct dentry *dentry)
4478 struct kernfs_node *kn = kernfs_node_from_dentry(dentry);
4479 struct cgroup *cgrp;
4480 struct css_task_iter it;
4481 struct task_struct *tsk;
4483 /* it should be kernfs_node belonging to cgroupfs and is a directory */
4484 if (dentry->d_sb->s_type != &cgroup_fs_type || !kn ||
4485 kernfs_type(kn) != KERNFS_DIR)
4488 mutex_lock(&cgroup_mutex);
4491 * We aren't being called from kernfs and there's no guarantee on
4492 * @kn->priv's validity. For this and css_tryget_online_from_dir(),
4493 * @kn->priv is RCU safe. Let's do the RCU dancing.
4496 cgrp = rcu_dereference(kn->priv);
4497 if (!cgrp || cgroup_is_dead(cgrp)) {
4499 mutex_unlock(&cgroup_mutex);
4504 css_task_iter_start(&cgrp->self, &it);
4505 while ((tsk = css_task_iter_next(&it))) {
4506 switch (tsk->state) {
4508 stats->nr_running++;
4510 case TASK_INTERRUPTIBLE:
4511 stats->nr_sleeping++;
4513 case TASK_UNINTERRUPTIBLE:
4514 stats->nr_uninterruptible++;
4517 stats->nr_stopped++;
4520 if (delayacct_is_task_waiting_on_io(tsk))
4521 stats->nr_io_wait++;
4525 css_task_iter_end(&it);
4527 mutex_unlock(&cgroup_mutex);
4533 * seq_file methods for the tasks/procs files. The seq_file position is the
4534 * next pid to display; the seq_file iterator is a pointer to the pid
4535 * in the cgroup->l->list array.
4538 static void *cgroup_pidlist_start(struct seq_file *s, loff_t *pos)
4541 * Initially we receive a position value that corresponds to
4542 * one more than the last pid shown (or 0 on the first call or
4543 * after a seek to the start). Use a binary-search to find the
4544 * next pid to display, if any
4546 struct kernfs_open_file *of = s->private;
4547 struct cgroup *cgrp = seq_css(s)->cgroup;
4548 struct cgroup_pidlist *l;
4549 enum cgroup_filetype type = seq_cft(s)->private;
4550 int index = 0, pid = *pos;
4553 mutex_lock(&cgrp->pidlist_mutex);
4556 * !NULL @of->priv indicates that this isn't the first start()
4557 * after open. If the matching pidlist is around, we can use that.
4558 * Look for it. Note that @of->priv can't be used directly. It
4559 * could already have been destroyed.
4562 of->priv = cgroup_pidlist_find(cgrp, type);
4565 * Either this is the first start() after open or the matching
4566 * pidlist has been destroyed inbetween. Create a new one.
4569 ret = pidlist_array_load(cgrp, type,
4570 (struct cgroup_pidlist **)&of->priv);
4572 return ERR_PTR(ret);
4577 int end = l->length;
4579 while (index < end) {
4580 int mid = (index + end) / 2;
4581 if (cgroup_pid_fry(cgrp, l->list[mid]) == pid) {
4584 } else if (cgroup_pid_fry(cgrp, l->list[mid]) <= pid)
4590 /* If we're off the end of the array, we're done */
4591 if (index >= l->length)
4593 /* Update the abstract position to be the actual pid that we found */
4594 iter = l->list + index;
4595 *pos = cgroup_pid_fry(cgrp, *iter);
4599 static void cgroup_pidlist_stop(struct seq_file *s, void *v)
4601 struct kernfs_open_file *of = s->private;
4602 struct cgroup_pidlist *l = of->priv;
4605 mod_delayed_work(cgroup_pidlist_destroy_wq, &l->destroy_dwork,
4606 CGROUP_PIDLIST_DESTROY_DELAY);
4607 mutex_unlock(&seq_css(s)->cgroup->pidlist_mutex);
4610 static void *cgroup_pidlist_next(struct seq_file *s, void *v, loff_t *pos)
4612 struct kernfs_open_file *of = s->private;
4613 struct cgroup_pidlist *l = of->priv;
4615 pid_t *end = l->list + l->length;
4617 * Advance to the next pid in the array. If this goes off the
4624 *pos = cgroup_pid_fry(seq_css(s)->cgroup, *p);
4629 static int cgroup_pidlist_show(struct seq_file *s, void *v)
4631 seq_printf(s, "%d\n", *(int *)v);
4636 static u64 cgroup_read_notify_on_release(struct cgroup_subsys_state *css,
4639 return notify_on_release(css->cgroup);
4642 static int cgroup_write_notify_on_release(struct cgroup_subsys_state *css,
4643 struct cftype *cft, u64 val)
4646 set_bit(CGRP_NOTIFY_ON_RELEASE, &css->cgroup->flags);
4648 clear_bit(CGRP_NOTIFY_ON_RELEASE, &css->cgroup->flags);
4652 static u64 cgroup_clone_children_read(struct cgroup_subsys_state *css,
4655 return test_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4658 static int cgroup_clone_children_write(struct cgroup_subsys_state *css,
4659 struct cftype *cft, u64 val)
4662 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4664 clear_bit(CGRP_CPUSET_CLONE_CHILDREN, &css->cgroup->flags);
4668 /* cgroup core interface files for the default hierarchy */
4669 static struct cftype cgroup_dfl_base_files[] = {
4671 .name = "cgroup.procs",
4672 .file_offset = offsetof(struct cgroup, procs_file),
4673 .seq_start = cgroup_pidlist_start,
4674 .seq_next = cgroup_pidlist_next,
4675 .seq_stop = cgroup_pidlist_stop,
4676 .seq_show = cgroup_pidlist_show,
4677 .private = CGROUP_FILE_PROCS,
4678 .write = cgroup_procs_write,
4681 .name = "cgroup.controllers",
4682 .seq_show = cgroup_controllers_show,
4685 .name = "cgroup.subtree_control",
4686 .seq_show = cgroup_subtree_control_show,
4687 .write = cgroup_subtree_control_write,
4690 .name = "cgroup.events",
4691 .flags = CFTYPE_NOT_ON_ROOT,
4692 .file_offset = offsetof(struct cgroup, events_file),
4693 .seq_show = cgroup_events_show,
4698 /* cgroup core interface files for the legacy hierarchies */
4699 static struct cftype cgroup_legacy_base_files[] = {
4701 .name = "cgroup.procs",
4702 .seq_start = cgroup_pidlist_start,
4703 .seq_next = cgroup_pidlist_next,
4704 .seq_stop = cgroup_pidlist_stop,
4705 .seq_show = cgroup_pidlist_show,
4706 .private = CGROUP_FILE_PROCS,
4707 .write = cgroup_procs_write,
4710 .name = "cgroup.clone_children",
4711 .read_u64 = cgroup_clone_children_read,
4712 .write_u64 = cgroup_clone_children_write,
4715 .name = "cgroup.sane_behavior",
4716 .flags = CFTYPE_ONLY_ON_ROOT,
4717 .seq_show = cgroup_sane_behavior_show,
4721 .seq_start = cgroup_pidlist_start,
4722 .seq_next = cgroup_pidlist_next,
4723 .seq_stop = cgroup_pidlist_stop,
4724 .seq_show = cgroup_pidlist_show,
4725 .private = CGROUP_FILE_TASKS,
4726 .write = cgroup_tasks_write,
4729 .name = "notify_on_release",
4730 .read_u64 = cgroup_read_notify_on_release,
4731 .write_u64 = cgroup_write_notify_on_release,
4734 .name = "release_agent",
4735 .flags = CFTYPE_ONLY_ON_ROOT,
4736 .seq_show = cgroup_release_agent_show,
4737 .write = cgroup_release_agent_write,
4738 .max_write_len = PATH_MAX - 1,
4744 * css destruction is four-stage process.
4746 * 1. Destruction starts. Killing of the percpu_ref is initiated.
4747 * Implemented in kill_css().
4749 * 2. When the percpu_ref is confirmed to be visible as killed on all CPUs
4750 * and thus css_tryget_online() is guaranteed to fail, the css can be
4751 * offlined by invoking offline_css(). After offlining, the base ref is
4752 * put. Implemented in css_killed_work_fn().
4754 * 3. When the percpu_ref reaches zero, the only possible remaining
4755 * accessors are inside RCU read sections. css_release() schedules the
4758 * 4. After the grace period, the css can be freed. Implemented in
4759 * css_free_work_fn().
4761 * It is actually hairier because both step 2 and 4 require process context
4762 * and thus involve punting to css->destroy_work adding two additional
4763 * steps to the already complex sequence.
4765 static void css_free_work_fn(struct work_struct *work)
4767 struct cgroup_subsys_state *css =
4768 container_of(work, struct cgroup_subsys_state, destroy_work);
4769 struct cgroup_subsys *ss = css->ss;
4770 struct cgroup *cgrp = css->cgroup;
4772 percpu_ref_exit(&css->refcnt);
4776 struct cgroup_subsys_state *parent = css->parent;
4780 cgroup_idr_remove(&ss->css_idr, id);
4786 /* cgroup free path */
4787 atomic_dec(&cgrp->root->nr_cgrps);
4788 cgroup_pidlist_destroy_all(cgrp);
4789 cancel_work_sync(&cgrp->release_agent_work);
4791 if (cgroup_parent(cgrp)) {
4793 * We get a ref to the parent, and put the ref when
4794 * this cgroup is being freed, so it's guaranteed
4795 * that the parent won't be destroyed before its
4798 cgroup_put(cgroup_parent(cgrp));
4799 kernfs_put(cgrp->kn);
4803 * This is root cgroup's refcnt reaching zero,
4804 * which indicates that the root should be
4807 cgroup_destroy_root(cgrp->root);
4812 static void css_free_rcu_fn(struct rcu_head *rcu_head)
4814 struct cgroup_subsys_state *css =
4815 container_of(rcu_head, struct cgroup_subsys_state, rcu_head);
4817 INIT_WORK(&css->destroy_work, css_free_work_fn);
4818 queue_work(cgroup_destroy_wq, &css->destroy_work);
4821 static void css_release_work_fn(struct work_struct *work)
4823 struct cgroup_subsys_state *css =
4824 container_of(work, struct cgroup_subsys_state, destroy_work);
4825 struct cgroup_subsys *ss = css->ss;
4826 struct cgroup *cgrp = css->cgroup;
4828 mutex_lock(&cgroup_mutex);
4830 css->flags |= CSS_RELEASED;
4831 list_del_rcu(&css->sibling);
4834 /* css release path */
4835 cgroup_idr_replace(&ss->css_idr, NULL, css->id);
4836 if (ss->css_released)
4837 ss->css_released(css);
4839 /* cgroup release path */
4840 cgroup_idr_remove(&cgrp->root->cgroup_idr, cgrp->id);
4844 * There are two control paths which try to determine
4845 * cgroup from dentry without going through kernfs -
4846 * cgroupstats_build() and css_tryget_online_from_dir().
4847 * Those are supported by RCU protecting clearing of
4848 * cgrp->kn->priv backpointer.
4851 RCU_INIT_POINTER(*(void __rcu __force **)&cgrp->kn->priv,
4855 mutex_unlock(&cgroup_mutex);
4857 call_rcu(&css->rcu_head, css_free_rcu_fn);
4860 static void css_release(struct percpu_ref *ref)
4862 struct cgroup_subsys_state *css =
4863 container_of(ref, struct cgroup_subsys_state, refcnt);
4865 INIT_WORK(&css->destroy_work, css_release_work_fn);
4866 queue_work(cgroup_destroy_wq, &css->destroy_work);
4869 static void init_and_link_css(struct cgroup_subsys_state *css,
4870 struct cgroup_subsys *ss, struct cgroup *cgrp)
4872 lockdep_assert_held(&cgroup_mutex);
4876 memset(css, 0, sizeof(*css));
4879 INIT_LIST_HEAD(&css->sibling);
4880 INIT_LIST_HEAD(&css->children);
4881 css->serial_nr = css_serial_nr_next++;
4882 atomic_set(&css->online_cnt, 0);
4884 if (cgroup_parent(cgrp)) {
4885 css->parent = cgroup_css(cgroup_parent(cgrp), ss);
4886 css_get(css->parent);
4889 BUG_ON(cgroup_css(cgrp, ss));
4892 /* invoke ->css_online() on a new CSS and mark it online if successful */
4893 static int online_css(struct cgroup_subsys_state *css)
4895 struct cgroup_subsys *ss = css->ss;
4898 lockdep_assert_held(&cgroup_mutex);
4901 ret = ss->css_online(css);
4903 css->flags |= CSS_ONLINE;
4904 rcu_assign_pointer(css->cgroup->subsys[ss->id], css);
4906 atomic_inc(&css->online_cnt);
4908 atomic_inc(&css->parent->online_cnt);
4913 /* if the CSS is online, invoke ->css_offline() on it and mark it offline */
4914 static void offline_css(struct cgroup_subsys_state *css)
4916 struct cgroup_subsys *ss = css->ss;
4918 lockdep_assert_held(&cgroup_mutex);
4920 if (!(css->flags & CSS_ONLINE))
4926 if (ss->css_offline)
4927 ss->css_offline(css);
4929 css->flags &= ~CSS_ONLINE;
4930 RCU_INIT_POINTER(css->cgroup->subsys[ss->id], NULL);
4932 wake_up_all(&css->cgroup->offline_waitq);
4936 * css_create - create a cgroup_subsys_state
4937 * @cgrp: the cgroup new css will be associated with
4938 * @ss: the subsys of new css
4940 * Create a new css associated with @cgrp - @ss pair. On success, the new
4941 * css is online and installed in @cgrp. This function doesn't create the
4942 * interface files. Returns 0 on success, -errno on failure.
4944 static struct cgroup_subsys_state *css_create(struct cgroup *cgrp,
4945 struct cgroup_subsys *ss)
4947 struct cgroup *parent = cgroup_parent(cgrp);
4948 struct cgroup_subsys_state *parent_css = cgroup_css(parent, ss);
4949 struct cgroup_subsys_state *css;
4952 lockdep_assert_held(&cgroup_mutex);
4954 css = ss->css_alloc(parent_css);
4958 init_and_link_css(css, ss, cgrp);
4960 err = percpu_ref_init(&css->refcnt, css_release, 0, GFP_KERNEL);
4964 err = cgroup_idr_alloc(&ss->css_idr, NULL, 2, 0, GFP_KERNEL);
4966 goto err_free_percpu_ref;
4969 /* @css is ready to be brought online now, make it visible */
4970 list_add_tail_rcu(&css->sibling, &parent_css->children);
4971 cgroup_idr_replace(&ss->css_idr, css, css->id);
4973 err = online_css(css);
4977 if (ss->broken_hierarchy && !ss->warned_broken_hierarchy &&
4978 cgroup_parent(parent)) {
4979 pr_warn("%s (%d) created nested cgroup for controller \"%s\" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.\n",
4980 current->comm, current->pid, ss->name);
4981 if (!strcmp(ss->name, "memory"))
4982 pr_warn("\"memory\" requires setting use_hierarchy to 1 on the root\n");
4983 ss->warned_broken_hierarchy = true;
4989 list_del_rcu(&css->sibling);
4990 cgroup_idr_remove(&ss->css_idr, css->id);
4991 err_free_percpu_ref:
4992 percpu_ref_exit(&css->refcnt);
4994 call_rcu(&css->rcu_head, css_free_rcu_fn);
4995 return ERR_PTR(err);
4998 static struct cgroup *cgroup_create(struct cgroup *parent)
5000 struct cgroup_root *root = parent->root;
5001 struct cgroup *cgrp, *tcgrp;
5002 int level = parent->level + 1;
5005 /* allocate the cgroup and its ID, 0 is reserved for the root */
5006 cgrp = kzalloc(sizeof(*cgrp) +
5007 sizeof(cgrp->ancestor_ids[0]) * (level + 1), GFP_KERNEL);
5009 return ERR_PTR(-ENOMEM);
5011 ret = percpu_ref_init(&cgrp->self.refcnt, css_release, 0, GFP_KERNEL);
5016 * Temporarily set the pointer to NULL, so idr_find() won't return
5017 * a half-baked cgroup.
5019 cgrp->id = cgroup_idr_alloc(&root->cgroup_idr, NULL, 2, 0, GFP_KERNEL);
5022 goto out_cancel_ref;
5025 init_cgroup_housekeeping(cgrp);
5027 cgrp->self.parent = &parent->self;
5029 cgrp->level = level;
5031 for (tcgrp = cgrp; tcgrp; tcgrp = cgroup_parent(tcgrp))
5032 cgrp->ancestor_ids[tcgrp->level] = tcgrp->id;
5034 if (notify_on_release(parent))
5035 set_bit(CGRP_NOTIFY_ON_RELEASE, &cgrp->flags);
5037 if (test_bit(CGRP_CPUSET_CLONE_CHILDREN, &parent->flags))
5038 set_bit(CGRP_CPUSET_CLONE_CHILDREN, &cgrp->flags);
5040 cgrp->self.serial_nr = css_serial_nr_next++;
5042 /* allocation complete, commit to creation */
5043 list_add_tail_rcu(&cgrp->self.sibling, &cgroup_parent(cgrp)->self.children);
5044 atomic_inc(&root->nr_cgrps);
5048 * @cgrp is now fully operational. If something fails after this
5049 * point, it'll be released via the normal destruction path.
5051 cgroup_idr_replace(&root->cgroup_idr, cgrp, cgrp->id);
5054 * On the default hierarchy, a child doesn't automatically inherit
5055 * subtree_control from the parent. Each is configured manually.
5057 if (!cgroup_on_dfl(cgrp))
5058 cgrp->subtree_control = cgroup_control(cgrp);
5060 cgroup_propagate_control(cgrp);
5062 /* @cgrp doesn't have dir yet so the following will only create csses */
5063 ret = cgroup_apply_control_enable(cgrp);
5070 percpu_ref_exit(&cgrp->self.refcnt);
5073 return ERR_PTR(ret);
5075 cgroup_destroy_locked(cgrp);
5076 return ERR_PTR(ret);
5079 static int cgroup_mkdir(struct kernfs_node *parent_kn, const char *name,
5082 struct cgroup *parent, *cgrp;
5083 struct kernfs_node *kn;
5086 /* do not accept '\n' to prevent making /proc/<pid>/cgroup unparsable */
5087 if (strchr(name, '\n'))
5090 parent = cgroup_kn_lock_live(parent_kn, false);
5094 cgrp = cgroup_create(parent);
5096 ret = PTR_ERR(cgrp);
5100 /* create the directory */
5101 kn = kernfs_create_dir(parent->kn, name, mode, cgrp);
5109 * This extra ref will be put in cgroup_free_fn() and guarantees
5110 * that @cgrp->kn is always accessible.
5114 ret = cgroup_kn_set_ugid(kn);
5118 ret = css_populate_dir(&cgrp->self);
5122 ret = cgroup_apply_control_enable(cgrp);
5126 /* let's create and online css's */
5127 kernfs_activate(kn);
5133 cgroup_destroy_locked(cgrp);
5135 cgroup_kn_unlock(parent_kn);
5140 * This is called when the refcnt of a css is confirmed to be killed.
5141 * css_tryget_online() is now guaranteed to fail. Tell the subsystem to
5142 * initate destruction and put the css ref from kill_css().
5144 static void css_killed_work_fn(struct work_struct *work)
5146 struct cgroup_subsys_state *css =
5147 container_of(work, struct cgroup_subsys_state, destroy_work);
5149 mutex_lock(&cgroup_mutex);
5154 /* @css can't go away while we're holding cgroup_mutex */
5156 } while (css && atomic_dec_and_test(&css->online_cnt));
5158 mutex_unlock(&cgroup_mutex);
5161 /* css kill confirmation processing requires process context, bounce */
5162 static void css_killed_ref_fn(struct percpu_ref *ref)
5164 struct cgroup_subsys_state *css =
5165 container_of(ref, struct cgroup_subsys_state, refcnt);
5167 if (atomic_dec_and_test(&css->online_cnt)) {
5168 INIT_WORK(&css->destroy_work, css_killed_work_fn);
5169 queue_work(cgroup_destroy_wq, &css->destroy_work);
5174 * kill_css - destroy a css
5175 * @css: css to destroy
5177 * This function initiates destruction of @css by removing cgroup interface
5178 * files and putting its base reference. ->css_offline() will be invoked
5179 * asynchronously once css_tryget_online() is guaranteed to fail and when
5180 * the reference count reaches zero, @css will be released.
5182 static void kill_css(struct cgroup_subsys_state *css)
5184 lockdep_assert_held(&cgroup_mutex);
5187 * This must happen before css is disassociated with its cgroup.
5188 * See seq_css() for details.
5193 * Killing would put the base ref, but we need to keep it alive
5194 * until after ->css_offline().
5199 * cgroup core guarantees that, by the time ->css_offline() is
5200 * invoked, no new css reference will be given out via
5201 * css_tryget_online(). We can't simply call percpu_ref_kill() and
5202 * proceed to offlining css's because percpu_ref_kill() doesn't
5203 * guarantee that the ref is seen as killed on all CPUs on return.
5205 * Use percpu_ref_kill_and_confirm() to get notifications as each
5206 * css is confirmed to be seen as killed on all CPUs.
5208 percpu_ref_kill_and_confirm(&css->refcnt, css_killed_ref_fn);
5212 * cgroup_destroy_locked - the first stage of cgroup destruction
5213 * @cgrp: cgroup to be destroyed
5215 * css's make use of percpu refcnts whose killing latency shouldn't be
5216 * exposed to userland and are RCU protected. Also, cgroup core needs to
5217 * guarantee that css_tryget_online() won't succeed by the time
5218 * ->css_offline() is invoked. To satisfy all the requirements,
5219 * destruction is implemented in the following two steps.
5221 * s1. Verify @cgrp can be destroyed and mark it dying. Remove all
5222 * userland visible parts and start killing the percpu refcnts of
5223 * css's. Set up so that the next stage will be kicked off once all
5224 * the percpu refcnts are confirmed to be killed.
5226 * s2. Invoke ->css_offline(), mark the cgroup dead and proceed with the
5227 * rest of destruction. Once all cgroup references are gone, the
5228 * cgroup is RCU-freed.
5230 * This function implements s1. After this step, @cgrp is gone as far as
5231 * the userland is concerned and a new cgroup with the same name may be
5232 * created. As cgroup doesn't care about the names internally, this
5233 * doesn't cause any problem.
5235 static int cgroup_destroy_locked(struct cgroup *cgrp)
5236 __releases(&cgroup_mutex) __acquires(&cgroup_mutex)
5238 struct cgroup_subsys_state *css;
5241 lockdep_assert_held(&cgroup_mutex);
5244 * Only migration can raise populated from zero and we're already
5245 * holding cgroup_mutex.
5247 if (cgroup_is_populated(cgrp))
5251 * Make sure there's no live children. We can't test emptiness of
5252 * ->self.children as dead children linger on it while being
5253 * drained; otherwise, "rmdir parent/child parent" may fail.
5255 if (css_has_online_children(&cgrp->self))
5259 * Mark @cgrp dead. This prevents further task migration and child
5260 * creation by disabling cgroup_lock_live_group().
5262 cgrp->self.flags &= ~CSS_ONLINE;
5264 /* initiate massacre of all css's */
5265 for_each_css(css, ssid, cgrp)
5269 * Remove @cgrp directory along with the base files. @cgrp has an
5270 * extra ref on its kn.
5272 kernfs_remove(cgrp->kn);
5274 check_for_release(cgroup_parent(cgrp));
5276 /* put the base reference */
5277 percpu_ref_kill(&cgrp->self.refcnt);
5282 static int cgroup_rmdir(struct kernfs_node *kn)
5284 struct cgroup *cgrp;
5287 cgrp = cgroup_kn_lock_live(kn, false);
5291 ret = cgroup_destroy_locked(cgrp);
5293 cgroup_kn_unlock(kn);
5297 static struct kernfs_syscall_ops cgroup_kf_syscall_ops = {
5298 .remount_fs = cgroup_remount,
5299 .show_options = cgroup_show_options,
5300 .mkdir = cgroup_mkdir,
5301 .rmdir = cgroup_rmdir,
5302 .rename = cgroup_rename,
5305 static void __init cgroup_init_subsys(struct cgroup_subsys *ss, bool early)
5307 struct cgroup_subsys_state *css;
5309 pr_debug("Initializing cgroup subsys %s\n", ss->name);
5311 mutex_lock(&cgroup_mutex);
5313 idr_init(&ss->css_idr);
5314 INIT_LIST_HEAD(&ss->cfts);
5316 /* Create the root cgroup state for this subsystem */
5317 ss->root = &cgrp_dfl_root;
5318 css = ss->css_alloc(cgroup_css(&cgrp_dfl_root.cgrp, ss));
5319 /* We don't handle early failures gracefully */
5320 BUG_ON(IS_ERR(css));
5321 init_and_link_css(css, ss, &cgrp_dfl_root.cgrp);
5324 * Root csses are never destroyed and we can't initialize
5325 * percpu_ref during early init. Disable refcnting.
5327 css->flags |= CSS_NO_REF;
5330 /* allocation can't be done safely during early init */
5333 css->id = cgroup_idr_alloc(&ss->css_idr, css, 1, 2, GFP_KERNEL);
5334 BUG_ON(css->id < 0);
5337 /* Update the init_css_set to contain a subsys
5338 * pointer to this state - since the subsystem is
5339 * newly registered, all tasks and hence the
5340 * init_css_set is in the subsystem's root cgroup. */
5341 init_css_set.subsys[ss->id] = css;
5343 have_fork_callback |= (bool)ss->fork << ss->id;
5344 have_exit_callback |= (bool)ss->exit << ss->id;
5345 have_free_callback |= (bool)ss->free << ss->id;
5346 have_canfork_callback |= (bool)ss->can_fork << ss->id;
5348 /* At system boot, before all subsystems have been
5349 * registered, no tasks have been forked, so we don't
5350 * need to invoke fork callbacks here. */
5351 BUG_ON(!list_empty(&init_task.tasks));
5353 BUG_ON(online_css(css));
5355 mutex_unlock(&cgroup_mutex);
5359 * cgroup_init_early - cgroup initialization at system boot
5361 * Initialize cgroups at system boot, and initialize any
5362 * subsystems that request early init.
5364 int __init cgroup_init_early(void)
5366 static struct cgroup_sb_opts __initdata opts;
5367 struct cgroup_subsys *ss;
5370 init_cgroup_root(&cgrp_dfl_root, &opts);
5371 cgrp_dfl_root.cgrp.self.flags |= CSS_NO_REF;
5373 RCU_INIT_POINTER(init_task.cgroups, &init_css_set);
5375 for_each_subsys(ss, i) {
5376 WARN(!ss->css_alloc || !ss->css_free || ss->name || ss->id,
5377 "invalid cgroup_subsys %d:%s css_alloc=%p css_free=%p id:name=%d:%s\n",
5378 i, cgroup_subsys_name[i], ss->css_alloc, ss->css_free,
5380 WARN(strlen(cgroup_subsys_name[i]) > MAX_CGROUP_TYPE_NAMELEN,
5381 "cgroup_subsys_name %s too long\n", cgroup_subsys_name[i]);
5384 ss->name = cgroup_subsys_name[i];
5385 if (!ss->legacy_name)
5386 ss->legacy_name = cgroup_subsys_name[i];
5389 cgroup_init_subsys(ss, true);
5394 static u16 cgroup_disable_mask __initdata;
5397 * cgroup_init - cgroup initialization
5399 * Register cgroup filesystem and /proc file, and initialize
5400 * any subsystems that didn't request early init.
5402 int __init cgroup_init(void)
5404 struct cgroup_subsys *ss;
5407 BUILD_BUG_ON(CGROUP_SUBSYS_COUNT > 16);
5408 BUG_ON(percpu_init_rwsem(&cgroup_threadgroup_rwsem));
5409 BUG_ON(cgroup_init_cftypes(NULL, cgroup_dfl_base_files));
5410 BUG_ON(cgroup_init_cftypes(NULL, cgroup_legacy_base_files));
5412 mutex_lock(&cgroup_mutex);
5415 * Add init_css_set to the hash table so that dfl_root can link to
5418 hash_add(css_set_table, &init_css_set.hlist,
5419 css_set_hash(init_css_set.subsys));
5421 BUG_ON(cgroup_setup_root(&cgrp_dfl_root, 0));
5423 mutex_unlock(&cgroup_mutex);
5425 for_each_subsys(ss, ssid) {
5426 if (ss->early_init) {
5427 struct cgroup_subsys_state *css =
5428 init_css_set.subsys[ss->id];
5430 css->id = cgroup_idr_alloc(&ss->css_idr, css, 1, 2,
5432 BUG_ON(css->id < 0);
5434 cgroup_init_subsys(ss, false);
5437 list_add_tail(&init_css_set.e_cset_node[ssid],
5438 &cgrp_dfl_root.cgrp.e_csets[ssid]);
5441 * Setting dfl_root subsys_mask needs to consider the
5442 * disabled flag and cftype registration needs kmalloc,
5443 * both of which aren't available during early_init.
5445 if (cgroup_disable_mask & (1 << ssid)) {
5446 static_branch_disable(cgroup_subsys_enabled_key[ssid]);
5447 printk(KERN_INFO "Disabling %s control group subsystem\n",
5452 if (cgroup_ssid_no_v1(ssid))
5453 printk(KERN_INFO "Disabling %s control group subsystem in v1 mounts\n",
5456 cgrp_dfl_root.subsys_mask |= 1 << ss->id;
5458 if (!ss->dfl_cftypes)
5459 cgrp_dfl_inhibit_ss_mask |= 1 << ss->id;
5461 if (ss->dfl_cftypes == ss->legacy_cftypes) {
5462 WARN_ON(cgroup_add_cftypes(ss, ss->dfl_cftypes));
5464 WARN_ON(cgroup_add_dfl_cftypes(ss, ss->dfl_cftypes));
5465 WARN_ON(cgroup_add_legacy_cftypes(ss, ss->legacy_cftypes));
5469 ss->bind(init_css_set.subsys[ssid]);
5472 /* init_css_set.subsys[] has been updated, re-hash */
5473 hash_del(&init_css_set.hlist);
5474 hash_add(css_set_table, &init_css_set.hlist,
5475 css_set_hash(init_css_set.subsys));
5477 WARN_ON(sysfs_create_mount_point(fs_kobj, "cgroup"));
5478 WARN_ON(register_filesystem(&cgroup_fs_type));
5479 WARN_ON(register_filesystem(&cgroup2_fs_type));
5480 WARN_ON(!proc_create("cgroups", 0, NULL, &proc_cgroupstats_operations));
5485 static int __init cgroup_wq_init(void)
5488 * There isn't much point in executing destruction path in
5489 * parallel. Good chunk is serialized with cgroup_mutex anyway.
5490 * Use 1 for @max_active.
5492 * We would prefer to do this in cgroup_init() above, but that
5493 * is called before init_workqueues(): so leave this until after.
5495 cgroup_destroy_wq = alloc_workqueue("cgroup_destroy", 0, 1);
5496 BUG_ON(!cgroup_destroy_wq);
5499 * Used to destroy pidlists and separate to serve as flush domain.
5500 * Cap @max_active to 1 too.
5502 cgroup_pidlist_destroy_wq = alloc_workqueue("cgroup_pidlist_destroy",
5504 BUG_ON(!cgroup_pidlist_destroy_wq);
5508 core_initcall(cgroup_wq_init);
5511 * proc_cgroup_show()
5512 * - Print task's cgroup paths into seq_file, one line for each hierarchy
5513 * - Used for /proc/<pid>/cgroup.
5515 int proc_cgroup_show(struct seq_file *m, struct pid_namespace *ns,
5516 struct pid *pid, struct task_struct *tsk)
5520 struct cgroup_root *root;
5523 buf = kmalloc(PATH_MAX, GFP_KERNEL);
5527 mutex_lock(&cgroup_mutex);
5528 spin_lock_bh(&css_set_lock);
5530 for_each_root(root) {
5531 struct cgroup_subsys *ss;
5532 struct cgroup *cgrp;
5533 int ssid, count = 0;
5535 if (root == &cgrp_dfl_root && !cgrp_dfl_visible)
5538 seq_printf(m, "%d:", root->hierarchy_id);
5539 if (root != &cgrp_dfl_root)
5540 for_each_subsys(ss, ssid)
5541 if (root->subsys_mask & (1 << ssid))
5542 seq_printf(m, "%s%s", count++ ? "," : "",
5544 if (strlen(root->name))
5545 seq_printf(m, "%sname=%s", count ? "," : "",
5549 cgrp = task_cgroup_from_root(tsk, root);
5552 * On traditional hierarchies, all zombie tasks show up as
5553 * belonging to the root cgroup. On the default hierarchy,
5554 * while a zombie doesn't show up in "cgroup.procs" and
5555 * thus can't be migrated, its /proc/PID/cgroup keeps
5556 * reporting the cgroup it belonged to before exiting. If
5557 * the cgroup is removed before the zombie is reaped,
5558 * " (deleted)" is appended to the cgroup path.
5560 if (cgroup_on_dfl(cgrp) || !(tsk->flags & PF_EXITING)) {
5561 path = cgroup_path(cgrp, buf, PATH_MAX);
5563 retval = -ENAMETOOLONG;
5572 if (cgroup_on_dfl(cgrp) && cgroup_is_dead(cgrp))
5573 seq_puts(m, " (deleted)\n");
5580 spin_unlock_bh(&css_set_lock);
5581 mutex_unlock(&cgroup_mutex);
5587 /* Display information about each subsystem and each hierarchy */
5588 static int proc_cgroupstats_show(struct seq_file *m, void *v)
5590 struct cgroup_subsys *ss;
5593 seq_puts(m, "#subsys_name\thierarchy\tnum_cgroups\tenabled\n");
5595 * ideally we don't want subsystems moving around while we do this.
5596 * cgroup_mutex is also necessary to guarantee an atomic snapshot of
5597 * subsys/hierarchy state.
5599 mutex_lock(&cgroup_mutex);
5601 for_each_subsys(ss, i)
5602 seq_printf(m, "%s\t%d\t%d\t%d\n",
5603 ss->legacy_name, ss->root->hierarchy_id,
5604 atomic_read(&ss->root->nr_cgrps),
5605 cgroup_ssid_enabled(i));
5607 mutex_unlock(&cgroup_mutex);
5611 static int cgroupstats_open(struct inode *inode, struct file *file)
5613 return single_open(file, proc_cgroupstats_show, NULL);
5616 static const struct file_operations proc_cgroupstats_operations = {
5617 .open = cgroupstats_open,
5619 .llseek = seq_lseek,
5620 .release = single_release,
5624 * cgroup_fork - initialize cgroup related fields during copy_process()
5625 * @child: pointer to task_struct of forking parent process.
5627 * A task is associated with the init_css_set until cgroup_post_fork()
5628 * attaches it to the parent's css_set. Empty cg_list indicates that
5629 * @child isn't holding reference to its css_set.
5631 void cgroup_fork(struct task_struct *child)
5633 RCU_INIT_POINTER(child->cgroups, &init_css_set);
5634 INIT_LIST_HEAD(&child->cg_list);
5638 * cgroup_can_fork - called on a new task before the process is exposed
5639 * @child: the task in question.
5641 * This calls the subsystem can_fork() callbacks. If the can_fork() callback
5642 * returns an error, the fork aborts with that error code. This allows for
5643 * a cgroup subsystem to conditionally allow or deny new forks.
5645 int cgroup_can_fork(struct task_struct *child)
5647 struct cgroup_subsys *ss;
5650 do_each_subsys_mask(ss, i, have_canfork_callback) {
5651 ret = ss->can_fork(child);
5654 } while_each_subsys_mask();
5659 for_each_subsys(ss, j) {
5662 if (ss->cancel_fork)
5663 ss->cancel_fork(child);
5670 * cgroup_cancel_fork - called if a fork failed after cgroup_can_fork()
5671 * @child: the task in question
5673 * This calls the cancel_fork() callbacks if a fork failed *after*
5674 * cgroup_can_fork() succeded.
5676 void cgroup_cancel_fork(struct task_struct *child)
5678 struct cgroup_subsys *ss;
5681 for_each_subsys(ss, i)
5682 if (ss->cancel_fork)
5683 ss->cancel_fork(child);
5687 * cgroup_post_fork - called on a new task after adding it to the task list
5688 * @child: the task in question
5690 * Adds the task to the list running through its css_set if necessary and
5691 * call the subsystem fork() callbacks. Has to be after the task is
5692 * visible on the task list in case we race with the first call to
5693 * cgroup_task_iter_start() - to guarantee that the new task ends up on its
5696 void cgroup_post_fork(struct task_struct *child)
5698 struct cgroup_subsys *ss;
5702 * This may race against cgroup_enable_task_cg_lists(). As that
5703 * function sets use_task_css_set_links before grabbing
5704 * tasklist_lock and we just went through tasklist_lock to add
5705 * @child, it's guaranteed that either we see the set
5706 * use_task_css_set_links or cgroup_enable_task_cg_lists() sees
5707 * @child during its iteration.
5709 * If we won the race, @child is associated with %current's
5710 * css_set. Grabbing css_set_lock guarantees both that the
5711 * association is stable, and, on completion of the parent's
5712 * migration, @child is visible in the source of migration or
5713 * already in the destination cgroup. This guarantee is necessary
5714 * when implementing operations which need to migrate all tasks of
5715 * a cgroup to another.
5717 * Note that if we lose to cgroup_enable_task_cg_lists(), @child
5718 * will remain in init_css_set. This is safe because all tasks are
5719 * in the init_css_set before cg_links is enabled and there's no
5720 * operation which transfers all tasks out of init_css_set.
5722 if (use_task_css_set_links) {
5723 struct css_set *cset;
5725 spin_lock_bh(&css_set_lock);
5726 cset = task_css_set(current);
5727 if (list_empty(&child->cg_list)) {
5729 css_set_move_task(child, NULL, cset, false);
5731 spin_unlock_bh(&css_set_lock);
5735 * Call ss->fork(). This must happen after @child is linked on
5736 * css_set; otherwise, @child might change state between ->fork()
5737 * and addition to css_set.
5739 do_each_subsys_mask(ss, i, have_fork_callback) {
5741 } while_each_subsys_mask();
5745 * cgroup_exit - detach cgroup from exiting task
5746 * @tsk: pointer to task_struct of exiting process
5748 * Description: Detach cgroup from @tsk and release it.
5750 * Note that cgroups marked notify_on_release force every task in
5751 * them to take the global cgroup_mutex mutex when exiting.
5752 * This could impact scaling on very large systems. Be reluctant to
5753 * use notify_on_release cgroups where very high task exit scaling
5754 * is required on large systems.
5756 * We set the exiting tasks cgroup to the root cgroup (top_cgroup). We
5757 * call cgroup_exit() while the task is still competent to handle
5758 * notify_on_release(), then leave the task attached to the root cgroup in
5759 * each hierarchy for the remainder of its exit. No need to bother with
5760 * init_css_set refcnting. init_css_set never goes away and we can't race
5761 * with migration path - PF_EXITING is visible to migration path.
5763 void cgroup_exit(struct task_struct *tsk)
5765 struct cgroup_subsys *ss;
5766 struct css_set *cset;
5770 * Unlink from @tsk from its css_set. As migration path can't race
5771 * with us, we can check css_set and cg_list without synchronization.
5773 cset = task_css_set(tsk);
5775 if (!list_empty(&tsk->cg_list)) {
5776 spin_lock_bh(&css_set_lock);
5777 css_set_move_task(tsk, cset, NULL, false);
5778 spin_unlock_bh(&css_set_lock);
5783 /* see cgroup_post_fork() for details */
5784 do_each_subsys_mask(ss, i, have_exit_callback) {
5786 } while_each_subsys_mask();
5789 void cgroup_free(struct task_struct *task)
5791 struct css_set *cset = task_css_set(task);
5792 struct cgroup_subsys *ss;
5795 do_each_subsys_mask(ss, ssid, have_free_callback) {
5797 } while_each_subsys_mask();
5802 static void check_for_release(struct cgroup *cgrp)
5804 if (notify_on_release(cgrp) && !cgroup_is_populated(cgrp) &&
5805 !css_has_online_children(&cgrp->self) && !cgroup_is_dead(cgrp))
5806 schedule_work(&cgrp->release_agent_work);
5810 * Notify userspace when a cgroup is released, by running the
5811 * configured release agent with the name of the cgroup (path
5812 * relative to the root of cgroup file system) as the argument.
5814 * Most likely, this user command will try to rmdir this cgroup.
5816 * This races with the possibility that some other task will be
5817 * attached to this cgroup before it is removed, or that some other
5818 * user task will 'mkdir' a child cgroup of this cgroup. That's ok.
5819 * The presumed 'rmdir' will fail quietly if this cgroup is no longer
5820 * unused, and this cgroup will be reprieved from its death sentence,
5821 * to continue to serve a useful existence. Next time it's released,
5822 * we will get notified again, if it still has 'notify_on_release' set.
5824 * The final arg to call_usermodehelper() is UMH_WAIT_EXEC, which
5825 * means only wait until the task is successfully execve()'d. The
5826 * separate release agent task is forked by call_usermodehelper(),
5827 * then control in this thread returns here, without waiting for the
5828 * release agent task. We don't bother to wait because the caller of
5829 * this routine has no use for the exit status of the release agent
5830 * task, so no sense holding our caller up for that.
5832 static void cgroup_release_agent(struct work_struct *work)
5834 struct cgroup *cgrp =
5835 container_of(work, struct cgroup, release_agent_work);
5836 char *pathbuf = NULL, *agentbuf = NULL, *path;
5837 char *argv[3], *envp[3];
5839 mutex_lock(&cgroup_mutex);
5841 pathbuf = kmalloc(PATH_MAX, GFP_KERNEL);
5842 agentbuf = kstrdup(cgrp->root->release_agent_path, GFP_KERNEL);
5843 if (!pathbuf || !agentbuf)
5846 path = cgroup_path(cgrp, pathbuf, PATH_MAX);
5854 /* minimal command environment */
5856 envp[1] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
5859 mutex_unlock(&cgroup_mutex);
5860 call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
5863 mutex_unlock(&cgroup_mutex);
5869 static int __init cgroup_disable(char *str)
5871 struct cgroup_subsys *ss;
5875 while ((token = strsep(&str, ",")) != NULL) {
5879 for_each_subsys(ss, i) {
5880 if (strcmp(token, ss->name) &&
5881 strcmp(token, ss->legacy_name))
5883 cgroup_disable_mask |= 1 << i;
5888 __setup("cgroup_disable=", cgroup_disable);
5890 static int __init cgroup_no_v1(char *str)
5892 struct cgroup_subsys *ss;
5896 while ((token = strsep(&str, ",")) != NULL) {
5900 if (!strcmp(token, "all")) {
5901 cgroup_no_v1_mask = U16_MAX;
5905 for_each_subsys(ss, i) {
5906 if (strcmp(token, ss->name) &&
5907 strcmp(token, ss->legacy_name))
5910 cgroup_no_v1_mask |= 1 << i;
5915 __setup("cgroup_no_v1=", cgroup_no_v1);
5918 * css_tryget_online_from_dir - get corresponding css from a cgroup dentry
5919 * @dentry: directory dentry of interest
5920 * @ss: subsystem of interest
5922 * If @dentry is a directory for a cgroup which has @ss enabled on it, try
5923 * to get the corresponding css and return it. If such css doesn't exist
5924 * or can't be pinned, an ERR_PTR value is returned.
5926 struct cgroup_subsys_state *css_tryget_online_from_dir(struct dentry *dentry,
5927 struct cgroup_subsys *ss)
5929 struct kernfs_node *kn = kernfs_node_from_dentry(dentry);
5930 struct file_system_type *s_type = dentry->d_sb->s_type;
5931 struct cgroup_subsys_state *css = NULL;
5932 struct cgroup *cgrp;
5934 /* is @dentry a cgroup dir? */
5935 if ((s_type != &cgroup_fs_type && s_type != &cgroup2_fs_type) ||
5936 !kn || kernfs_type(kn) != KERNFS_DIR)
5937 return ERR_PTR(-EBADF);
5942 * This path doesn't originate from kernfs and @kn could already
5943 * have been or be removed at any point. @kn->priv is RCU
5944 * protected for this access. See css_release_work_fn() for details.
5946 cgrp = rcu_dereference(kn->priv);
5948 css = cgroup_css(cgrp, ss);
5950 if (!css || !css_tryget_online(css))
5951 css = ERR_PTR(-ENOENT);
5958 * css_from_id - lookup css by id
5959 * @id: the cgroup id
5960 * @ss: cgroup subsys to be looked into
5962 * Returns the css if there's valid one with @id, otherwise returns NULL.
5963 * Should be called under rcu_read_lock().
5965 struct cgroup_subsys_state *css_from_id(int id, struct cgroup_subsys *ss)
5967 WARN_ON_ONCE(!rcu_read_lock_held());
5968 return id > 0 ? idr_find(&ss->css_idr, id) : NULL;
5972 * cgroup_get_from_path - lookup and get a cgroup from its default hierarchy path
5973 * @path: path on the default hierarchy
5975 * Find the cgroup at @path on the default hierarchy, increment its
5976 * reference count and return it. Returns pointer to the found cgroup on
5977 * success, ERR_PTR(-ENOENT) if @path doens't exist and ERR_PTR(-ENOTDIR)
5978 * if @path points to a non-directory.
5980 struct cgroup *cgroup_get_from_path(const char *path)
5982 struct kernfs_node *kn;
5983 struct cgroup *cgrp;
5985 mutex_lock(&cgroup_mutex);
5987 kn = kernfs_walk_and_get(cgrp_dfl_root.cgrp.kn, path);
5989 if (kernfs_type(kn) == KERNFS_DIR) {
5993 cgrp = ERR_PTR(-ENOTDIR);
5997 cgrp = ERR_PTR(-ENOENT);
6000 mutex_unlock(&cgroup_mutex);
6003 EXPORT_SYMBOL_GPL(cgroup_get_from_path);
6006 * sock->sk_cgrp_data handling. For more info, see sock_cgroup_data
6007 * definition in cgroup-defs.h.
6009 #ifdef CONFIG_SOCK_CGROUP_DATA
6011 #if defined(CONFIG_CGROUP_NET_PRIO) || defined(CONFIG_CGROUP_NET_CLASSID)
6013 DEFINE_SPINLOCK(cgroup_sk_update_lock);
6014 static bool cgroup_sk_alloc_disabled __read_mostly;
6016 void cgroup_sk_alloc_disable(void)
6018 if (cgroup_sk_alloc_disabled)
6020 pr_info("cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation\n");
6021 cgroup_sk_alloc_disabled = true;
6026 #define cgroup_sk_alloc_disabled false
6030 void cgroup_sk_alloc(struct sock_cgroup_data *skcd)
6032 if (cgroup_sk_alloc_disabled)
6038 struct css_set *cset;
6040 cset = task_css_set(current);
6041 if (likely(cgroup_tryget(cset->dfl_cgrp))) {
6042 skcd->val = (unsigned long)cset->dfl_cgrp;
6051 void cgroup_sk_free(struct sock_cgroup_data *skcd)
6053 cgroup_put(sock_cgroup_ptr(skcd));
6056 #endif /* CONFIG_SOCK_CGROUP_DATA */
6058 #ifdef CONFIG_CGROUP_DEBUG
6059 static struct cgroup_subsys_state *
6060 debug_css_alloc(struct cgroup_subsys_state *parent_css)
6062 struct cgroup_subsys_state *css = kzalloc(sizeof(*css), GFP_KERNEL);
6065 return ERR_PTR(-ENOMEM);
6070 static void debug_css_free(struct cgroup_subsys_state *css)
6075 static u64 debug_taskcount_read(struct cgroup_subsys_state *css,
6078 return cgroup_task_count(css->cgroup);
6081 static u64 current_css_set_read(struct cgroup_subsys_state *css,
6084 return (u64)(unsigned long)current->cgroups;
6087 static u64 current_css_set_refcount_read(struct cgroup_subsys_state *css,
6093 count = atomic_read(&task_css_set(current)->refcount);
6098 static int current_css_set_cg_links_read(struct seq_file *seq, void *v)
6100 struct cgrp_cset_link *link;
6101 struct css_set *cset;
6104 name_buf = kmalloc(NAME_MAX + 1, GFP_KERNEL);
6108 spin_lock_bh(&css_set_lock);
6110 cset = rcu_dereference(current->cgroups);
6111 list_for_each_entry(link, &cset->cgrp_links, cgrp_link) {
6112 struct cgroup *c = link->cgrp;
6114 cgroup_name(c, name_buf, NAME_MAX + 1);
6115 seq_printf(seq, "Root %d group %s\n",
6116 c->root->hierarchy_id, name_buf);
6119 spin_unlock_bh(&css_set_lock);
6124 #define MAX_TASKS_SHOWN_PER_CSS 25
6125 static int cgroup_css_links_read(struct seq_file *seq, void *v)
6127 struct cgroup_subsys_state *css = seq_css(seq);
6128 struct cgrp_cset_link *link;
6130 spin_lock_bh(&css_set_lock);
6131 list_for_each_entry(link, &css->cgroup->cset_links, cset_link) {
6132 struct css_set *cset = link->cset;
6133 struct task_struct *task;
6136 seq_printf(seq, "css_set %p\n", cset);
6138 list_for_each_entry(task, &cset->tasks, cg_list) {
6139 if (count++ > MAX_TASKS_SHOWN_PER_CSS)
6141 seq_printf(seq, " task %d\n", task_pid_vnr(task));
6144 list_for_each_entry(task, &cset->mg_tasks, cg_list) {
6145 if (count++ > MAX_TASKS_SHOWN_PER_CSS)
6147 seq_printf(seq, " task %d\n", task_pid_vnr(task));
6151 seq_puts(seq, " ...\n");
6153 spin_unlock_bh(&css_set_lock);
6157 static u64 releasable_read(struct cgroup_subsys_state *css, struct cftype *cft)
6159 return (!cgroup_is_populated(css->cgroup) &&
6160 !css_has_online_children(&css->cgroup->self));
6163 static struct cftype debug_files[] = {
6165 .name = "taskcount",
6166 .read_u64 = debug_taskcount_read,
6170 .name = "current_css_set",
6171 .read_u64 = current_css_set_read,
6175 .name = "current_css_set_refcount",
6176 .read_u64 = current_css_set_refcount_read,
6180 .name = "current_css_set_cg_links",
6181 .seq_show = current_css_set_cg_links_read,
6185 .name = "cgroup_css_links",
6186 .seq_show = cgroup_css_links_read,
6190 .name = "releasable",
6191 .read_u64 = releasable_read,
6197 struct cgroup_subsys debug_cgrp_subsys = {
6198 .css_alloc = debug_css_alloc,
6199 .css_free = debug_css_free,
6200 .legacy_cftypes = debug_files,
6202 #endif /* CONFIG_CGROUP_DEBUG */
projects / cascardo / linux.git / blob