aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTejun Heo <tj@kernel.org>2014-05-14 19:33:07 -0400
committerTejun Heo <tj@kernel.org>2014-05-19 16:37:06 -0400
commit5533e0114425dcdb878f11b291f2727af8667a7c (patch)
tree4dbbe79b3cee1ab19765ee9984db4b24f283f83d
parenta3e3354d56d8c121dad42ee7f63d96bf81522c0e (diff)
cgroup: disallow debug controller on the default hierarchy
The debug controller, as its name suggests, exposes cgroup core internals to userland to aid debugging. Unfortunately, except for the name, there's no provision to prevent its usage in production configurations and the controller is widely enabled and mounted leaking internal details to userland. Like most other debug information, the information exposed by debug isn't interesting even for debugging itself once the related parts are working reliably. This controller has no reason for existing. This patch implements cgrp_dfl_root_inhibit_ss_mask which can suppress specific subsystems on the default hierarchy and adds the debug subsystem to it so that it can be gradually deprecated as usages move towards the unified hierarchy. Signed-off-by: Tejun Heo <tj@kernel.org>
Diffstat
-rw-r--r--include/linux/cgroup.h2
-rw-r--r--include/linux/cgroup_subsys.h11
-rw-r--r--kernel/cgroup.c21
3 files changed, 27 insertions, 7 deletions
diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
index 4afe544d3547..8a111dd42d7a 100644
--- a/include/linux/cgroup.h
+++ b/include/linux/cgroup.h
@@ -305,6 +305,8 @@ enum {
305 * the flag is not created. 305 * the flag is not created.
306 * 306 *
307 * - blkcg: blk-throttle becomes properly hierarchical. 307 * - blkcg: blk-throttle becomes properly hierarchical.
308 *
309 * - debug: disallowed on the default hierarchy.
308 */ 310 */
309 CGRP_ROOT_SANE_BEHAVIOR = (1 << 0), 311 CGRP_ROOT_SANE_BEHAVIOR = (1 << 0),
310 312
diff --git a/include/linux/cgroup_subsys.h b/include/linux/cgroup_subsys.h
index 768fe44e19f0..98c4f9b12b03 100644
--- a/include/linux/cgroup_subsys.h
+++ b/include/linux/cgroup_subsys.h
@@ -7,10 +7,6 @@
7SUBSYS(cpuset) 7SUBSYS(cpuset)
8#endif 8#endif
9 9
10#if IS_ENABLED(CONFIG_CGROUP_DEBUG)
11SUBSYS(debug)
12#endif
13
14#if IS_ENABLED(CONFIG_CGROUP_SCHED) 10#if IS_ENABLED(CONFIG_CGROUP_SCHED)
15SUBSYS(cpu) 11SUBSYS(cpu)
16#endif 12#endif
@@ -50,6 +46,13 @@ SUBSYS(net_prio)
50#if IS_ENABLED(CONFIG_CGROUP_HUGETLB) 46#if IS_ENABLED(CONFIG_CGROUP_HUGETLB)
51SUBSYS(hugetlb) 47SUBSYS(hugetlb)
52#endif 48#endif
49
50/*
51 * The following subsystems are not supported on the default hierarchy.
52 */
53#if IS_ENABLED(CONFIG_CGROUP_DEBUG)
54SUBSYS(debug)
55#endif
53/* 56/*
54 * DO NOT ADD ANY SUBSYSTEM WITHOUT EXPLICIT ACKS FROM CGROUP MAINTAINERS. 57 * DO NOT ADD ANY SUBSYSTEM WITHOUT EXPLICIT ACKS FROM CGROUP MAINTAINERS.
55 */ 58 */
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 082bb842b11a..a5f75ac4e793 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -148,6 +148,13 @@ struct cgroup_root cgrp_dfl_root;
148 */ 148 */
149static bool cgrp_dfl_root_visible; 149static bool cgrp_dfl_root_visible;
150 150
151/* some controllers are not supported in the default hierarchy */
152static const unsigned int cgrp_dfl_root_inhibit_ss_mask = 0
153#ifdef CONFIG_CGROUP_DEBUG
154 | (1 << debug_cgrp_id)
155#endif
156 ;
157
151/* The list of hierarchy roots */ 158/* The list of hierarchy roots */
152 159
153static LIST_HEAD(cgroup_roots); 160static LIST_HEAD(cgroup_roots);
@@ -1126,6 +1133,7 @@ static void cgroup_clear_dir(struct cgroup *cgrp, unsigned int subsys_mask)
1126static int rebind_subsystems(struct cgroup_root *dst_root, unsigned int ss_mask) 1133static int rebind_subsystems(struct cgroup_root *dst_root, unsigned int ss_mask)
1127{ 1134{
1128 struct cgroup_subsys *ss; 1135 struct cgroup_subsys *ss;
1136 unsigned int tmp_ss_mask;
1129 int ssid, i, ret; 1137 int ssid, i, ret;
1130 1138
1131 lockdep_assert_held(&cgroup_mutex); 1139 lockdep_assert_held(&cgroup_mutex);
@@ -1143,7 +1151,12 @@ static int rebind_subsystems(struct cgroup_root *dst_root, unsigned int ss_mask)
1143 return -EBUSY; 1151 return -EBUSY;
1144 } 1152 }
1145 1153
1146 ret = cgroup_populate_dir(&dst_root->cgrp, ss_mask); 1154 /* skip creating root files on dfl_root for inhibited subsystems */
1155 tmp_ss_mask = ss_mask;
1156 if (dst_root == &cgrp_dfl_root)
1157 tmp_ss_mask &= ~cgrp_dfl_root_inhibit_ss_mask;
1158
1159 ret = cgroup_populate_dir(&dst_root->cgrp, tmp_ss_mask);
1147 if (ret) { 1160 if (ret) {
1148 if (dst_root != &cgrp_dfl_root) 1161 if (dst_root != &cgrp_dfl_root)
1149 return ret; 1162 return ret;
@@ -2426,7 +2439,8 @@ static int cgroup_root_controllers_show(struct seq_file *seq, void *v)
2426{ 2439{
2427 struct cgroup *cgrp = seq_css(seq)->cgroup; 2440 struct cgroup *cgrp = seq_css(seq)->cgroup;
2428 2441
2429 cgroup_print_ss_mask(seq, cgrp->root->subsys_mask); 2442 cgroup_print_ss_mask(seq, cgrp->root->subsys_mask &
2443 ~cgrp_dfl_root_inhibit_ss_mask);
2430 return 0; 2444 return 0;
2431} 2445}
2432 2446
@@ -2564,7 +2578,8 @@ static ssize_t cgroup_subtree_control_write(struct kernfs_open_file *of,
2564 if (tok[0] == '\0') 2578 if (tok[0] == '\0')
2565 continue; 2579 continue;
2566 for_each_subsys(ss, ssid) { 2580 for_each_subsys(ss, ssid) {
2567 if (ss->disabled || strcmp(tok + 1, ss->name)) 2581 if (ss->disabled || strcmp(tok + 1, ss->name) ||
2582 ((1 << ss->id) & cgrp_dfl_root_inhibit_ss_mask))
2568 continue; 2583 continue;
2569 2584
2570 if (*tok == '+') { 2585 if (*tok == '+') {
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-17 04:40:56 -0400