lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 30 Sep 2011 13:36:25 +0200
From:	Witold Krecicki <wpk@...m.net>
To:	Paul Menage <paul@...lmenage.org>, Li Zefan <lizf@...fujitsu.com>,
	containers@...ts.linux-foundation.org
Cc:	linux-kernel@...r.kernel.org, Witold Krecicki <wpk@...m.net>
Subject: [PATCH 6/6] cgroup: documentation of isolation_root cgroup flag

Documentation of isolation_root cgroup flag.

Signed-off-by: Witold Krecicki <wpk@...m.net>
---
 Documentation/cgroups/cgroups.txt |   20 ++++++++++++++++++--
 1 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/Documentation/cgroups/cgroups.txt b/Documentation/cgroups/cgroups.txt
index cd67e90..66880a6 100644
--- a/Documentation/cgroups/cgroups.txt
+++ b/Documentation/cgroups/cgroups.txt
@@ -19,7 +19,8 @@ CONTENTS:
   1.3 How are cgroups implemented ?
   1.4 What does notify_on_release do ?
   1.5 What does clone_children do ?
-  1.6 How do I use cgroups ?
+  1.6 What does isolation_root do ?
+  1.7 How do I use cgroups ?
 2. Usage Examples and Syntax
   2.1 Basic Usage
   2.2 Attaching processes
@@ -304,7 +305,22 @@ subsystem of the newly created cgroup. Usually when this callback is
 implemented for a subsystem, it copies the values of the parent
 subsystem, this is the case for the cpuset.
 
-1.6 How do I use cgroups ?
+1.6 What does isolation_root do ?
+---------------------------------
+
+If the isolation_root flag is enabled (1) in a cgroup, then all tasks
+in this cgroup and its children will see this group as its top group
+in /proc/$PID/cgroup. Also mounts of cgroup filesystem performed by a task
+in isolation root cgroup will see isolation root cgroup as top cgroup.
+It is impossible for a task to exit isolated root. Flag may only be set or
+cleared when the cgroup is not in use.
+The preffered way to use isolation_root for containers (eg. lxc) is to
+create 'master' cgroup - /sys/fs/cgroup/cpu/container_name with settings
+for the container, then create /sys/fs/cgroup/cpu/container_name/root with
+isolation_root flag set and add the 'init' task for the container to
+this cgroup.
+
+1.7 How do I use cgroups ?
 --------------------------
 
 To start a new job that is to be contained within a cgroup, using
-- 
1.7.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ