cgroup: add css_parent()

Currently, controllers have to explicitly follow the cgroup hierarchy
to find the parent of a given css.  cgroup is moving towards using
cgroup_subsys_state as the main controller interface construct, so
let's provide a way to climb the hierarchy using just csses.

This patch implements css_parent() which, given a css, returns its
parent.  The function is guarnateed to valid non-NULL parent css as
long as the target css is not at the top of the hierarchy.

freezer, cpuset, cpu, cpuacct, hugetlb, memory, net_cls and devices
are converted to use css_parent() instead of accessing cgroup->parent
directly.

* __parent_ca() is dropped from cpuacct and its usage is replaced with
  parent_ca().  The only difference between the two was NULL test on
  cgroup->parent which is now embedded in css_parent() making the
  distinction moot.  Note that eventually a css->parent field will be
  added to css and the NULL check in css_parent() will go away.

This patch shouldn't cause any behavior differences.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>

1 files changed, 5 insertions, 13 deletions

diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 90953648c643..635a49db005d 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -198,13 +198,11 @@ static inline bool is_devcg_online(const struct dev_cgroup *devcg)
  */
 static int devcgroup_online(struct cgroup *cgroup)
 {
-        struct dev_cgroup *dev_cgroup, *parent_dev_cgroup = NULL;
+        struct dev_cgroup *dev_cgroup = cgroup_to_devcgroup(cgroup);
+        struct dev_cgroup *parent_dev_cgroup = css_to_devcgroup(css_parent(&dev_cgroup->css));
         int ret = 0;
 
         mutex_lock(&devcgroup_mutex);
-        dev_cgroup = cgroup_to_devcgroup(cgroup);
-        if (cgroup->parent)
-                parent_dev_cgroup = cgroup_to_devcgroup(cgroup->parent);
 
         if (parent_dev_cgroup == NULL)
                 dev_cgroup->behavior = DEVCG_DEFAULT_ALLOW;
@@ -394,12 +392,10 @@ static bool may_access(struct dev_cgroup *dev_cgroup,
 static int parent_has_perm(struct dev_cgroup *childcg,
                                   struct dev_exception_item *ex)
 {
-        struct cgroup *pcg = childcg->css.cgroup->parent;
-        struct dev_cgroup *parent;
+        struct dev_cgroup *parent = css_to_devcgroup(css_parent(&childcg->css));
 
-        if (!pcg)
+        if (!parent)
                 return 1;
-        parent = cgroup_to_devcgroup(pcg);
         return may_access(parent, ex, childcg->behavior);
 }
 
@@ -524,15 +520,11 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
         char temp[12];          /* 11 + 1 characters needed for a u32 */
         int count, rc = 0;
         struct dev_exception_item ex;
-        struct cgroup *p = devcgroup->css.cgroup;
-        struct dev_cgroup *parent = NULL;
+        struct dev_cgroup *parent = css_to_devcgroup(css_parent(&devcgroup->css));
 
         if (!capable(CAP_SYS_ADMIN))
                 return -EPERM;
 
-        if (p->parent)
-                parent = cgroup_to_devcgroup(p->parent);
-
         memset(&ex, 0, sizeof(ex));
         b = buffer;