From f2f2d69a27be0790ad57c40173b4a19943c6eece Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 30 Dec 2014 01:56:42 +0100
Subject: [PATCH] cgroup: downgrade log messages when we cannot write to cgroup
trees that are mounted read-only
(cherry picked from commit 714e2e1d56b97dcf2ebae2d0447b48f21e38a600)
---
src/core/cgroup.c | 38 ++++++++++++++++++++++++++++----------
1 file changed, 28 insertions(+), 10 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index b19e442dfa..6b3b9541b5 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -200,7 +200,8 @@ static int whitelist_device(const char *path, const char *node, const char *acc)
r = cg_set_attribute("devices", path, "devices.allow", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set devices.allow on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS, -EINVAL) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set devices.allow on %s: %s", path, strerror(-r));
return r;
}
@@ -272,7 +273,8 @@ static int whitelist_major(const char *path, const char *name, char type, const
r = cg_set_attribute("devices", path, "devices.allow", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set devices.allow on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS, -EINVAL) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set devices.allow on %s: %s", path, strerror(-r));
}
return 0;
@@ -296,6 +298,10 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
* hence silently ignore */
is_root = isempty(path) || path_equal(path, "/");
+ /* We generally ignore errors caused by read-only mounted
+ * cgroup trees (assuming we are running in a container then),
+ * and missing cgroups, i.e. EROFS and ENOENT. */
+
if ((mask & CGROUP_CPU) && !is_root) {
char buf[MAX(DECIMAL_STR_MAX(unsigned long), DECIMAL_STR_MAX(usec_t)) + 1];
@@ -304,12 +310,14 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
c->cpu_shares != (unsigned long) -1 ? c->cpu_shares : 1024);
r = cg_set_attribute("cpu", path, "cpu.shares", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set cpu.shares on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set cpu.shares on %s: %s", path, strerror(-r));
sprintf(buf, USEC_FMT "\n", CGROUP_CPU_QUOTA_PERIOD_USEC);
r = cg_set_attribute("cpu", path, "cpu.cfs_period_us", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set cpu.cfs_period_us on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set cpu.cfs_period_us on %s: %s", path, strerror(-r));
if (c->cpu_quota_per_sec_usec != USEC_INFINITY) {
sprintf(buf, USEC_FMT "\n", c->cpu_quota_per_sec_usec * CGROUP_CPU_QUOTA_PERIOD_USEC / USEC_PER_SEC);
@@ -317,7 +325,8 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
} else
r = cg_set_attribute("cpu", path, "cpu.cfs_quota_us", "-1");
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set cpu.cfs_quota_us on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set cpu.cfs_quota_us on %s: %s", path, strerror(-r));
}
if (mask & CGROUP_BLKIO) {
@@ -332,7 +341,8 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
c->blockio_weight != (unsigned long) -1 ? c->blockio_weight : 1000);
r = cg_set_attribute("blkio", path, "blkio.weight", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set blkio.weight on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set blkio.weight on %s: %s", path, strerror(-r));
/* FIXME: no way to reset this list */
LIST_FOREACH(device_weights, w, c->blockio_device_weights) {
@@ -345,7 +355,8 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
sprintf(buf, "%u:%u %lu", major(dev), minor(dev), w->weight);
r = cg_set_attribute("blkio", path, "blkio.weight_device", buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set blkio.weight_device on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set blkio.weight_device on %s: %s", path, strerror(-r));
}
}
@@ -363,7 +374,8 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
sprintf(buf, "%u:%u %" PRIu64 "\n", major(dev), minor(dev), b->bandwidth);
r = cg_set_attribute("blkio", path, a, buf);
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set %s on %s: %s", a, path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set %s on %s: %s", a, path, strerror(-r));
}
}
@@ -377,18 +389,24 @@ void cgroup_context_apply(CGroupContext *c, CGroupControllerMask mask, const cha
r = cg_set_attribute("memory", path, "memory.limit_in_bytes", "-1");
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to set memory.limit_in_bytes on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to set memory.limit_in_bytes on %s: %s", path, strerror(-r));
}
if ((mask & CGROUP_DEVICE) && !is_root) {
CGroupDeviceAllow *a;
+ /* Changing the devices list of a populated cgroup
+ * might result in EINVAL, hence ignore EINVAL
+ * here. */
+
if (c->device_allow || c->device_policy != CGROUP_AUTO)
r = cg_set_attribute("devices", path, "devices.deny", "a");
else
r = cg_set_attribute("devices", path, "devices.allow", "a");
if (r < 0)
- log_full(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, "Failed to reset devices.list on %s: %s", path, strerror(-r));
+ log_full(IN_SET(r, -ENOENT, -EROFS, -EINVAL) ? LOG_DEBUG : LOG_WARNING,
+ "Failed to reset devices.list on %s: %s", path, strerror(-r));
if (c->device_policy == CGROUP_CLOSED ||
(c->device_policy == CGROUP_AUTO && c->device_allow)) {