* [PATCH 0/4] cgroups: show correct file mode
@ 2009-03-02 2:13 Li Zefan
2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan
` (3 more replies)
0 siblings, 4 replies; 35+ messages in thread
From: Li Zefan @ 2009-03-02 2:13 UTC (permalink / raw)
To: Andrew Morton; +Cc: Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers
Now a cgroup subsystem can set default file mode of its control files,
so here is a patchset to correct file mode of each subsystem's files.
Should be applied after:
cgroup-allow-subsys-to-set-default-mode-of-its-own-file.patch
[PATCH 1/4] cgroup debug: show correct file mode
[PATCH 2/4] cpuacct: show correct file mode
[PATCH 3/4] devcgroup: show correct file mode
[PATCH 4/4] cpuset: show correct file mode
^ permalink raw reply [flat|nested] 35+ messages in thread* [PATCH 3/4] devcgroup: show correct file mode 2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan @ 2009-03-02 2:15 ` Li Zefan 2009-03-02 13:06 ` Serge E. Hallyn [not found] ` <49AB4143.9050704-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan ` (2 subsequent siblings) 3 siblings, 2 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:15 UTC (permalink / raw) To: Andrew Morton Cc: Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers, Serge E. Hallyn devices.allow and devices.deny are write-only, and devices.list is read-only. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> --- security/device_cgroup.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 3aacd0f..b13fbb8 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -439,16 +439,19 @@ static struct cftype dev_cgroup_files[] = { .name = "allow", .write_string = devcgroup_access_write, .private = DEVCG_ALLOW, + .mode = 0200, }, { .name = "deny", .write_string = devcgroup_access_write, .private = DEVCG_DENY, + .mode = 0200, }, { .name = "list", .read_seq_string = devcgroup_seq_read, .private = DEVCG_LIST, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH 3/4] devcgroup: show correct file mode 2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan @ 2009-03-02 13:06 ` Serge E. Hallyn [not found] ` <49AB4143.9050704-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 1 sibling, 0 replies; 35+ messages in thread From: Serge E. Hallyn @ 2009-03-02 13:06 UTC (permalink / raw) To: Li Zefan Cc: Andrew Morton, Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers Quoting Li Zefan (lizf@cn.fujitsu.com): > devices.allow and devices.deny are write-only, and devices.list is read-only. > > Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> Yup that should be intuitive for people. Acked-by: Serge Hallyn <serue@us.ibm.com> thanks, -serge > --- > security/device_cgroup.c | 3 +++ > 1 files changed, 3 insertions(+), 0 deletions(-) > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > index 3aacd0f..b13fbb8 100644 > --- a/security/device_cgroup.c > +++ b/security/device_cgroup.c > @@ -439,16 +439,19 @@ static struct cftype dev_cgroup_files[] = { > .name = "allow", > .write_string = devcgroup_access_write, > .private = DEVCG_ALLOW, > + .mode = 0200, > }, > { > .name = "deny", > .write_string = devcgroup_access_write, > .private = DEVCG_DENY, > + .mode = 0200, > }, > { > .name = "list", > .read_seq_string = devcgroup_seq_read, > .private = DEVCG_LIST, > + .mode = 0444, > }, > }; > > -- 1.5.4.rc3 ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <49AB4143.9050704-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 3/4] devcgroup: show correct file mode [not found] ` <49AB4143.9050704-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> @ 2009-03-02 13:06 ` Serge E. Hallyn 0 siblings, 0 replies; 35+ messages in thread From: Serge E. Hallyn @ 2009-03-02 13:06 UTC (permalink / raw) To: Li Zefan; +Cc: Linux Containers, Andrew Morton, Paul Menage, LKML Quoting Li Zefan (lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org): > devices.allow and devices.deny are write-only, and devices.list is read-only. > > Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> Yup that should be intuitive for people. Acked-by: Serge Hallyn <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> thanks, -serge > --- > security/device_cgroup.c | 3 +++ > 1 files changed, 3 insertions(+), 0 deletions(-) > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > index 3aacd0f..b13fbb8 100644 > --- a/security/device_cgroup.c > +++ b/security/device_cgroup.c > @@ -439,16 +439,19 @@ static struct cftype dev_cgroup_files[] = { > .name = "allow", > .write_string = devcgroup_access_write, > .private = DEVCG_ALLOW, > + .mode = 0200, > }, > { > .name = "deny", > .write_string = devcgroup_access_write, > .private = DEVCG_DENY, > + .mode = 0200, > }, > { > .name = "list", > .read_seq_string = devcgroup_seq_read, > .private = DEVCG_LIST, > + .mode = 0444, > }, > }; > > -- 1.5.4.rc3 ^ permalink raw reply [flat|nested] 35+ messages in thread
* [PATCH 4/4] cpuset: show correct file mode 2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan 2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan @ 2009-03-02 2:16 ` Li Zefan 2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage [not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 3 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:16 UTC (permalink / raw) To: Andrew Morton; +Cc: Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers cpuset.memory_pressure is read-only. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> --- kernel/cpuset.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/kernel/cpuset.c b/kernel/cpuset.c index a46d693..1ed507c 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c @@ -1671,6 +1671,7 @@ static struct cftype files[] = { .read_u64 = cpuset_read_u64, .write_u64 = cpuset_write_u64, .private = FILE_MEMORY_MIGRATE, + .mode = 0444, }, { -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan 2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan @ 2009-03-02 18:19 ` Paul Menage [not found] ` <6599ad830903021019p3b29c173oc7772af6679d90e0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2009-03-03 0:09 ` KAMEZAWA Hiroyuki [not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 3 siblings, 2 replies; 35+ messages in thread From: Paul Menage @ 2009-03-02 18:19 UTC (permalink / raw) To: Li Zefan; +Cc: Andrew Morton, KAMEZAWA Hiroyuki, LKML, Linux Containers On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf@cn.fujitsu.com> wrote: > Now a cgroup subsystem can set default file mode of its control files, > so here is a patchset to correct file mode of each subsystem's files. I really think that we should be defaulting this based on whether the control file has read or write handlers. Sure, there are special cases like "tasks" that we'd need to set a manual value for, but most of these patches would be unnecessary. Paul > > Should be applied after: > cgroup-allow-subsys-to-set-default-mode-of-its-own-file.patch > > [PATCH 1/4] cgroup debug: show correct file mode > [PATCH 2/4] cpuacct: show correct file mode > [PATCH 3/4] devcgroup: show correct file mode > [PATCH 4/4] cpuset: show correct file mode > > ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <6599ad830903021019p3b29c173oc7772af6679d90e0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <6599ad830903021019p3b29c173oc7772af6679d90e0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> @ 2009-03-03 0:09 ` KAMEZAWA Hiroyuki 2009-03-03 1:08 ` Li Zefan 1 sibling, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 0:09 UTC (permalink / raw) To: Paul Menage Cc: Containers, Andrew Morton, LKML, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA On Mon, 2 Mar 2009 10:19:15 -0800 Paul Menage <menage-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> wrote: > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > > Now a cgroup subsystem can set default file mode of its control files, > > so here is a patchset to correct file mode of each subsystem's files. > > I really think that we should be defaulting this based on whether the > control file has read or write handlers. > > Sure, there are special cases like "tasks" that we'd need to set a > manual value for, but most of these patches would be unnecessary. > like this ? int mode; if (cft->mode) mode = cft->mode; else if (cft->write_xxx || .....) mode = 0644; else mode = 0444; Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage @ 2009-03-03 1:08 ` Li Zefan 2009-03-03 0:09 ` KAMEZAWA Hiroyuki 1 sibling, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-03 1:08 UTC (permalink / raw) To: Paul Menage; +Cc: Linux Containers, Andrew Morton, LKML Paul Menage wrote: > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: >> Now a cgroup subsystem can set default file mode of its control files, >> so here is a patchset to correct file mode of each subsystem's files. > > I really think that we should be defaulting this based on whether the > control file has read or write handlers. > > Sure, there are special cases like "tasks" that we'd need to set a > manual value for, but most of these patches would be unnecessary. > Those patches are small and trivial, but it's ok for me to do this automatically. How about below patch. Note cpuset.memory_pressure is read-only though it has read handler. Since if the read handler is removed, it'll return EINVAL instead of the current EACCESS, I think it's better to leave as it is. ===================== cgroups: show correct file mode Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> --- include/linux/cgroup.h | 5 +++++ kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ kernel/cpuset.c | 1 + 3 files changed, 36 insertions(+) diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index 6ad1989..af3c10f 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h @@ -258,6 +258,11 @@ struct cftype { */ char name[MAX_CFTYPE_NAME]; int private; + /* + * If not 0, file mode is set to this value, otherwise it will + * be figured out automatically + */ + int mode; /* * If non-zero, defines the maximum length of string that can diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 379baa3..0b19204 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, return error; } +/** + * cgroup_file_mode - deduce file mode of a control file + * @cft: the control file in question + * + * returns cftype->mode if ->mode is not 0 + * returns 0644 if it has both a read and a write handler + * returns 0444 if it has only a read handler + * returns 0200 if it has only a write hander + */ +static int cgroup_file_mode(const struct cftype *cft) +{ + int mode = 0; + + if (cft->mode) + return cft->mode; + + if (cft->read || cft->read_u64 || cft->read_s64 || + cft->read_map || cft->read_seq_string) + mode += 0444; + + if (cft->write || cft->write_u64 || cft->write_s64 || + cft->write_string || cft->trigger) + mode += 0200; + + return mode; +} + int cgroup_add_file(struct cgroup *cgrp, struct cgroup_subsys *subsys, const struct cftype *cft) @@ -1757,6 +1784,7 @@ int cgroup_add_file(struct cgroup *cgrp, struct dentry *dir = cgrp->dentry; struct dentry *dentry; int error; + int mode; char name[MAX_CGROUP_TYPE_NAMELEN + MAX_CFTYPE_NAME + 2] = { 0 }; if (subsys && !test_bit(ROOT_NOPREFIX, &cgrp->root->flags)) { @@ -1767,6 +1795,7 @@ int cgroup_add_file(struct cgroup *cgrp, BUG_ON(!mutex_is_locked(&dir->d_inode->i_mutex)); dentry = lookup_one_len(name, dir, strlen(name)); if (!IS_ERR(dentry)) { + mode = cgroup_file_mode(cft); error = cgroup_create_file(dentry, 0644 | S_IFREG, cgrp->root->sb); if (!error) @@ -2349,6 +2378,7 @@ static struct cftype files[] = { .write_u64 = cgroup_tasks_write, .release = cgroup_tasks_release, .private = FILE_TASKLIST, + .mode = 0644, }, { diff --git a/kernel/cpuset.c b/kernel/cpuset.c index a46d693..31e28b3 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c @@ -1678,6 +1678,7 @@ static struct cftype files[] = { .read_u64 = cpuset_read_u64, .write_u64 = cpuset_write_u64, .private = FILE_MEMORY_PRESSURE, + .mode = 0444, }, { ^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode @ 2009-03-03 1:08 ` Li Zefan 0 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-03 1:08 UTC (permalink / raw) To: Paul Menage; +Cc: Andrew Morton, KAMEZAWA Hiroyuki, LKML, Linux Containers Paul Menage wrote: > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf@cn.fujitsu.com> wrote: >> Now a cgroup subsystem can set default file mode of its control files, >> so here is a patchset to correct file mode of each subsystem's files. > > I really think that we should be defaulting this based on whether the > control file has read or write handlers. > > Sure, there are special cases like "tasks" that we'd need to set a > manual value for, but most of these patches would be unnecessary. > Those patches are small and trivial, but it's ok for me to do this automatically. How about below patch. Note cpuset.memory_pressure is read-only though it has read handler. Since if the read handler is removed, it'll return EINVAL instead of the current EACCESS, I think it's better to leave as it is. ===================== cgroups: show correct file mode Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> --- include/linux/cgroup.h | 5 +++++ kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ kernel/cpuset.c | 1 + 3 files changed, 36 insertions(+) diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index 6ad1989..af3c10f 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h @@ -258,6 +258,11 @@ struct cftype { */ char name[MAX_CFTYPE_NAME]; int private; + /* + * If not 0, file mode is set to this value, otherwise it will + * be figured out automatically + */ + int mode; /* * If non-zero, defines the maximum length of string that can diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 379baa3..0b19204 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, return error; } +/** + * cgroup_file_mode - deduce file mode of a control file + * @cft: the control file in question + * + * returns cftype->mode if ->mode is not 0 + * returns 0644 if it has both a read and a write handler + * returns 0444 if it has only a read handler + * returns 0200 if it has only a write hander + */ +static int cgroup_file_mode(const struct cftype *cft) +{ + int mode = 0; + + if (cft->mode) + return cft->mode; + + if (cft->read || cft->read_u64 || cft->read_s64 || + cft->read_map || cft->read_seq_string) + mode += 0444; + + if (cft->write || cft->write_u64 || cft->write_s64 || + cft->write_string || cft->trigger) + mode += 0200; + + return mode; +} + int cgroup_add_file(struct cgroup *cgrp, struct cgroup_subsys *subsys, const struct cftype *cft) @@ -1757,6 +1784,7 @@ int cgroup_add_file(struct cgroup *cgrp, struct dentry *dir = cgrp->dentry; struct dentry *dentry; int error; + int mode; char name[MAX_CGROUP_TYPE_NAMELEN + MAX_CFTYPE_NAME + 2] = { 0 }; if (subsys && !test_bit(ROOT_NOPREFIX, &cgrp->root->flags)) { @@ -1767,6 +1795,7 @@ int cgroup_add_file(struct cgroup *cgrp, BUG_ON(!mutex_is_locked(&dir->d_inode->i_mutex)); dentry = lookup_one_len(name, dir, strlen(name)); if (!IS_ERR(dentry)) { + mode = cgroup_file_mode(cft); error = cgroup_create_file(dentry, 0644 | S_IFREG, cgrp->root->sb); if (!error) @@ -2349,6 +2378,7 @@ static struct cftype files[] = { .write_u64 = cgroup_tasks_write, .release = cgroup_tasks_release, .private = FILE_TASKLIST, + .mode = 0644, }, { diff --git a/kernel/cpuset.c b/kernel/cpuset.c index a46d693..31e28b3 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c @@ -1678,6 +1678,7 @@ static struct cftype files[] = { .read_u64 = cpuset_read_u64, .write_u64 = cpuset_write_u64, .private = FILE_MEMORY_PRESSURE, + .mode = 0444, }, { ^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 1:08 ` Li Zefan (?) @ 2009-03-03 1:08 ` KAMEZAWA Hiroyuki [not found] ` <20090303100827.43d82c3a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> 2009-03-03 1:15 ` Li Zefan -1 siblings, 2 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 1:08 UTC (permalink / raw) To: Li Zefan; +Cc: Paul Menage, Andrew Morton, LKML, Linux Containers On Tue, 03 Mar 2009 09:08:23 +0800 Li Zefan <lizf@cn.fujitsu.com> wrote: > Paul Menage wrote: > > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf@cn.fujitsu.com> wrote: > >> Now a cgroup subsystem can set default file mode of its control files, > >> so here is a patchset to correct file mode of each subsystem's files. > > > > I really think that we should be defaulting this based on whether the > > control file has read or write handlers. > > > > Sure, there are special cases like "tasks" that we'd need to set a > > manual value for, but most of these patches would be unnecessary. > > > > Those patches are small and trivial, but it's ok for me to do this > automatically. How about below patch. > > Note cpuset.memory_pressure is read-only though it has read handler. > Since if the read handler is removed, it'll return EINVAL instead of > the current EACCESS, I think it's better to leave as it is. > > ===================== > > cgroups: show correct file mode > > Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> > --- > include/linux/cgroup.h | 5 +++++ > kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ > kernel/cpuset.c | 1 + > 3 files changed, 36 insertions(+) > > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h > index 6ad1989..af3c10f 100644 > --- a/include/linux/cgroup.h > +++ b/include/linux/cgroup.h > @@ -258,6 +258,11 @@ struct cftype { > */ > char name[MAX_CFTYPE_NAME]; > int private; > + /* > + * If not 0, file mode is set to this value, otherwise it will > + * be figured out automatically > + */ > + int mode; > > /* > * If non-zero, defines the maximum length of string that can > diff --git a/kernel/cgroup.c b/kernel/cgroup.c > index 379baa3..0b19204 100644 > --- a/kernel/cgroup.c > +++ b/kernel/cgroup.c > @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, > return error; > } > > +/** > + * cgroup_file_mode - deduce file mode of a control file > + * @cft: the control file in question > + * > + * returns cftype->mode if ->mode is not 0 > + * returns 0644 if it has both a read and a write handler > + * returns 0444 if it has only a read handler > + * returns 0200 if it has only a write hander > + */ > +static int cgroup_file_mode(const struct cftype *cft) > +{ > + int mode = 0; > + > + if (cft->mode) > + return cft->mode; > + > + if (cft->read || cft->read_u64 || cft->read_s64 || > + cft->read_map || cft->read_seq_string) > + mode += 0444; > + > + if (cft->write || cft->write_u64 || cft->write_s64 || > + cft->write_string || cft->trigger) > + mode += 0200; > + += is not |=... Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <20090303100827.43d82c3a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <20090303100827.43d82c3a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 1:15 ` Li Zefan 0 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-03 1:15 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Linux Containers, Paul Menage, Andrew Morton, LKML >> +/** >> + * cgroup_file_mode - deduce file mode of a control file >> + * @cft: the control file in question >> + * >> + * returns cftype->mode if ->mode is not 0 >> + * returns 0644 if it has both a read and a write handler >> + * returns 0444 if it has only a read handler >> + * returns 0200 if it has only a write hander >> + */ >> +static int cgroup_file_mode(const struct cftype *cft) >> +{ >> + int mode = 0; >> + >> + if (cft->mode) >> + return cft->mode; >> + >> + if (cft->read || cft->read_u64 || cft->read_s64 || >> + cft->read_map || cft->read_seq_string) >> + mode += 0444; >> + >> + if (cft->write || cft->write_u64 || cft->write_s64 || >> + cft->write_string || cft->trigger) >> + mode += 0200; >> + > > += is not |=... > Ah, yes, though both happen to result in 0644. ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 1:08 ` KAMEZAWA Hiroyuki [not found] ` <20090303100827.43d82c3a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 1:15 ` Li Zefan [not found] ` <49AC84BE.5020501-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 2009-03-03 1:19 ` KAMEZAWA Hiroyuki 1 sibling, 2 replies; 35+ messages in thread From: Li Zefan @ 2009-03-03 1:15 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Paul Menage, Andrew Morton, LKML, Linux Containers >> +/** >> + * cgroup_file_mode - deduce file mode of a control file >> + * @cft: the control file in question >> + * >> + * returns cftype->mode if ->mode is not 0 >> + * returns 0644 if it has both a read and a write handler >> + * returns 0444 if it has only a read handler >> + * returns 0200 if it has only a write hander >> + */ >> +static int cgroup_file_mode(const struct cftype *cft) >> +{ >> + int mode = 0; >> + >> + if (cft->mode) >> + return cft->mode; >> + >> + if (cft->read || cft->read_u64 || cft->read_s64 || >> + cft->read_map || cft->read_seq_string) >> + mode += 0444; >> + >> + if (cft->write || cft->write_u64 || cft->write_s64 || >> + cft->write_string || cft->trigger) >> + mode += 0200; >> + > > += is not |=... > Ah, yes, though both happen to result in 0644. ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <49AC84BE.5020501-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <49AC84BE.5020501-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 1:19 ` KAMEZAWA Hiroyuki 0 siblings, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 1:19 UTC (permalink / raw) To: Li Zefan Cc: Containers, Paul Menage, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, Andrew Morton, LKML On Tue, 03 Mar 2009 09:15:42 +0800 Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > >> +/** > >> + * cgroup_file_mode - deduce file mode of a control file > >> + * @cft: the control file in question > >> + * > >> + * returns cftype->mode if ->mode is not 0 > >> + * returns 0644 if it has both a read and a write handler > >> + * returns 0444 if it has only a read handler > >> + * returns 0200 if it has only a write hander > >> + */ > >> +static int cgroup_file_mode(const struct cftype *cft) > >> +{ > >> + int mode = 0; > >> + > >> + if (cft->mode) > >> + return cft->mode; > >> + > >> + if (cft->read || cft->read_u64 || cft->read_s64 || > >> + cft->read_map || cft->read_seq_string) > >> + mode += 0444; > >> + > >> + if (cft->write || cft->write_u64 || cft->write_s64 || > >> + cft->write_string || cft->trigger) > >> + mode += 0200; > >> + > > > > += is not |=... > > > > Ah, yes, though both happen to result in 0644. > yes but I like |= rather than += in bit ops. Reviewed-by; KAMEZAWA Hiroyuki <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 1:15 ` Li Zefan [not found] ` <49AC84BE.5020501-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 1:19 ` KAMEZAWA Hiroyuki 1 sibling, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 1:19 UTC (permalink / raw) To: Li Zefan; +Cc: Paul Menage, Andrew Morton, LKML, Linux Containers On Tue, 03 Mar 2009 09:15:42 +0800 Li Zefan <lizf@cn.fujitsu.com> wrote: > >> +/** > >> + * cgroup_file_mode - deduce file mode of a control file > >> + * @cft: the control file in question > >> + * > >> + * returns cftype->mode if ->mode is not 0 > >> + * returns 0644 if it has both a read and a write handler > >> + * returns 0444 if it has only a read handler > >> + * returns 0200 if it has only a write hander > >> + */ > >> +static int cgroup_file_mode(const struct cftype *cft) > >> +{ > >> + int mode = 0; > >> + > >> + if (cft->mode) > >> + return cft->mode; > >> + > >> + if (cft->read || cft->read_u64 || cft->read_s64 || > >> + cft->read_map || cft->read_seq_string) > >> + mode += 0444; > >> + > >> + if (cft->write || cft->write_u64 || cft->write_s64 || > >> + cft->write_string || cft->trigger) > >> + mode += 0200; > >> + > > > > += is not |=... > > > > Ah, yes, though both happen to result in 0644. > yes but I like |= rather than += in bit ops. Reviewed-by; KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <49AC8307.7090008-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <49AC8307.7090008-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 1:08 ` KAMEZAWA Hiroyuki 2009-03-03 1:16 ` Paul Menage 1 sibling, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 1:08 UTC (permalink / raw) To: Li Zefan Cc: Containers, Paul Menage, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, Andrew Morton, LKML On Tue, 03 Mar 2009 09:08:23 +0800 Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > Paul Menage wrote: > > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > >> Now a cgroup subsystem can set default file mode of its control files, > >> so here is a patchset to correct file mode of each subsystem's files. > > > > I really think that we should be defaulting this based on whether the > > control file has read or write handlers. > > > > Sure, there are special cases like "tasks" that we'd need to set a > > manual value for, but most of these patches would be unnecessary. > > > > Those patches are small and trivial, but it's ok for me to do this > automatically. How about below patch. > > Note cpuset.memory_pressure is read-only though it has read handler. > Since if the read handler is removed, it'll return EINVAL instead of > the current EACCESS, I think it's better to leave as it is. > > ===================== > > cgroups: show correct file mode > > Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> > --- > include/linux/cgroup.h | 5 +++++ > kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ > kernel/cpuset.c | 1 + > 3 files changed, 36 insertions(+) > > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h > index 6ad1989..af3c10f 100644 > --- a/include/linux/cgroup.h > +++ b/include/linux/cgroup.h > @@ -258,6 +258,11 @@ struct cftype { > */ > char name[MAX_CFTYPE_NAME]; > int private; > + /* > + * If not 0, file mode is set to this value, otherwise it will > + * be figured out automatically > + */ > + int mode; > > /* > * If non-zero, defines the maximum length of string that can > diff --git a/kernel/cgroup.c b/kernel/cgroup.c > index 379baa3..0b19204 100644 > --- a/kernel/cgroup.c > +++ b/kernel/cgroup.c > @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, > return error; > } > > +/** > + * cgroup_file_mode - deduce file mode of a control file > + * @cft: the control file in question > + * > + * returns cftype->mode if ->mode is not 0 > + * returns 0644 if it has both a read and a write handler > + * returns 0444 if it has only a read handler > + * returns 0200 if it has only a write hander > + */ > +static int cgroup_file_mode(const struct cftype *cft) > +{ > + int mode = 0; > + > + if (cft->mode) > + return cft->mode; > + > + if (cft->read || cft->read_u64 || cft->read_s64 || > + cft->read_map || cft->read_seq_string) > + mode += 0444; > + > + if (cft->write || cft->write_u64 || cft->write_s64 || > + cft->write_string || cft->trigger) > + mode += 0200; > + += is not |=... Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 1:08 ` Li Zefan @ 2009-03-03 1:16 ` Paul Menage -1 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 1:16 UTC (permalink / raw) To: Li Zefan; +Cc: Linux Containers, Andrew Morton, LKML On Mon, Mar 2, 2009 at 5:08 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > > Those patches are small and trivial, but it's ok for me to do this > automatically. How about below patch. > > Note cpuset.memory_pressure is read-only though it has read handler. > Since if the read handler is removed, it'll return EINVAL instead of > the current EACCESS, I think it's better to leave as it is. Hmm. I find it hard to believe that anyone would have behaviour that depends on cpuset.memory_pressure returning EACCES rather than EINVAL, but I guess it's not a big deal. On the += or |= issue, I think |= is slightly more familiar to most readers given that you're doing bit options, although the end result is the same in this case. Acked-by: Paul Menage <menage-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> > > ===================== > > cgroups: show correct file mode > > Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> > --- > include/linux/cgroup.h | 5 +++++ > kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ > kernel/cpuset.c | 1 + > 3 files changed, 36 insertions(+) > > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h > index 6ad1989..af3c10f 100644 > --- a/include/linux/cgroup.h > +++ b/include/linux/cgroup.h > @@ -258,6 +258,11 @@ struct cftype { > */ > char name[MAX_CFTYPE_NAME]; > int private; > + /* > + * If not 0, file mode is set to this value, otherwise it will > + * be figured out automatically > + */ > + int mode; > > /* > * If non-zero, defines the maximum length of string that can > diff --git a/kernel/cgroup.c b/kernel/cgroup.c > index 379baa3..0b19204 100644 > --- a/kernel/cgroup.c > +++ b/kernel/cgroup.c > @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, > return error; > } > > +/** > + * cgroup_file_mode - deduce file mode of a control file > + * @cft: the control file in question > + * > + * returns cftype->mode if ->mode is not 0 > + * returns 0644 if it has both a read and a write handler > + * returns 0444 if it has only a read handler > + * returns 0200 if it has only a write hander > + */ > +static int cgroup_file_mode(const struct cftype *cft) > +{ > + int mode = 0; > + > + if (cft->mode) > + return cft->mode; > + > + if (cft->read || cft->read_u64 || cft->read_s64 || > + cft->read_map || cft->read_seq_string) > + mode += 0444; > + > + if (cft->write || cft->write_u64 || cft->write_s64 || > + cft->write_string || cft->trigger) > + mode += 0200; > + > + return mode; > +} > + > int cgroup_add_file(struct cgroup *cgrp, > struct cgroup_subsys *subsys, > const struct cftype *cft) > @@ -1757,6 +1784,7 @@ int cgroup_add_file(struct cgroup *cgrp, > struct dentry *dir = cgrp->dentry; > struct dentry *dentry; > int error; > + int mode; > > char name[MAX_CGROUP_TYPE_NAMELEN + MAX_CFTYPE_NAME + 2] = { 0 }; > if (subsys && !test_bit(ROOT_NOPREFIX, &cgrp->root->flags)) { > @@ -1767,6 +1795,7 @@ int cgroup_add_file(struct cgroup *cgrp, > BUG_ON(!mutex_is_locked(&dir->d_inode->i_mutex)); > dentry = lookup_one_len(name, dir, strlen(name)); > if (!IS_ERR(dentry)) { > + mode = cgroup_file_mode(cft); > error = cgroup_create_file(dentry, 0644 | S_IFREG, > cgrp->root->sb); > if (!error) > @@ -2349,6 +2378,7 @@ static struct cftype files[] = { > .write_u64 = cgroup_tasks_write, > .release = cgroup_tasks_release, > .private = FILE_TASKLIST, > + .mode = 0644, > }, > > { > diff --git a/kernel/cpuset.c b/kernel/cpuset.c > index a46d693..31e28b3 100644 > --- a/kernel/cpuset.c > +++ b/kernel/cpuset.c > @@ -1678,6 +1678,7 @@ static struct cftype files[] = { > .read_u64 = cpuset_read_u64, > .write_u64 = cpuset_write_u64, > .private = FILE_MEMORY_PRESSURE, > + .mode = 0444, > }, > > { > > ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode @ 2009-03-03 1:16 ` Paul Menage 0 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 1:16 UTC (permalink / raw) To: Li Zefan; +Cc: Andrew Morton, KAMEZAWA Hiroyuki, LKML, Linux Containers On Mon, Mar 2, 2009 at 5:08 PM, Li Zefan <lizf@cn.fujitsu.com> wrote: > > Those patches are small and trivial, but it's ok for me to do this > automatically. How about below patch. > > Note cpuset.memory_pressure is read-only though it has read handler. > Since if the read handler is removed, it'll return EINVAL instead of > the current EACCESS, I think it's better to leave as it is. Hmm. I find it hard to believe that anyone would have behaviour that depends on cpuset.memory_pressure returning EACCES rather than EINVAL, but I guess it's not a big deal. On the += or |= issue, I think |= is slightly more familiar to most readers given that you're doing bit options, although the end result is the same in this case. Acked-by: Paul Menage <menage@google.com> > > ===================== > > cgroups: show correct file mode > > Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> > --- > include/linux/cgroup.h | 5 +++++ > kernel/cgroup.c | 30 ++++++++++++++++++++++++++++++ > kernel/cpuset.c | 1 + > 3 files changed, 36 insertions(+) > > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h > index 6ad1989..af3c10f 100644 > --- a/include/linux/cgroup.h > +++ b/include/linux/cgroup.h > @@ -258,6 +258,11 @@ struct cftype { > */ > char name[MAX_CFTYPE_NAME]; > int private; > + /* > + * If not 0, file mode is set to this value, otherwise it will > + * be figured out automatically > + */ > + int mode; > > /* > * If non-zero, defines the maximum length of string that can > diff --git a/kernel/cgroup.c b/kernel/cgroup.c > index 379baa3..0b19204 100644 > --- a/kernel/cgroup.c > +++ b/kernel/cgroup.c > @@ -1750,6 +1750,33 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry, > return error; > } > > +/** > + * cgroup_file_mode - deduce file mode of a control file > + * @cft: the control file in question > + * > + * returns cftype->mode if ->mode is not 0 > + * returns 0644 if it has both a read and a write handler > + * returns 0444 if it has only a read handler > + * returns 0200 if it has only a write hander > + */ > +static int cgroup_file_mode(const struct cftype *cft) > +{ > + int mode = 0; > + > + if (cft->mode) > + return cft->mode; > + > + if (cft->read || cft->read_u64 || cft->read_s64 || > + cft->read_map || cft->read_seq_string) > + mode += 0444; > + > + if (cft->write || cft->write_u64 || cft->write_s64 || > + cft->write_string || cft->trigger) > + mode += 0200; > + > + return mode; > +} > + > int cgroup_add_file(struct cgroup *cgrp, > struct cgroup_subsys *subsys, > const struct cftype *cft) > @@ -1757,6 +1784,7 @@ int cgroup_add_file(struct cgroup *cgrp, > struct dentry *dir = cgrp->dentry; > struct dentry *dentry; > int error; > + int mode; > > char name[MAX_CGROUP_TYPE_NAMELEN + MAX_CFTYPE_NAME + 2] = { 0 }; > if (subsys && !test_bit(ROOT_NOPREFIX, &cgrp->root->flags)) { > @@ -1767,6 +1795,7 @@ int cgroup_add_file(struct cgroup *cgrp, > BUG_ON(!mutex_is_locked(&dir->d_inode->i_mutex)); > dentry = lookup_one_len(name, dir, strlen(name)); > if (!IS_ERR(dentry)) { > + mode = cgroup_file_mode(cft); > error = cgroup_create_file(dentry, 0644 | S_IFREG, > cgrp->root->sb); > if (!error) > @@ -2349,6 +2378,7 @@ static struct cftype files[] = { > .write_u64 = cgroup_tasks_write, > .release = cgroup_tasks_release, > .private = FILE_TASKLIST, > + .mode = 0644, > }, > > { > diff --git a/kernel/cpuset.c b/kernel/cpuset.c > index a46d693..31e28b3 100644 > --- a/kernel/cpuset.c > +++ b/kernel/cpuset.c > @@ -1678,6 +1678,7 @@ static struct cftype files[] = { > .read_u64 = cpuset_read_u64, > .write_u64 = cpuset_write_u64, > .private = FILE_MEMORY_PRESSURE, > + .mode = 0444, > }, > > { > > ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage [not found] ` <6599ad830903021019p3b29c173oc7772af6679d90e0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> @ 2009-03-03 0:09 ` KAMEZAWA Hiroyuki [not found] ` <20090303090950.60cea53a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> 2009-03-03 0:15 ` Paul Menage 1 sibling, 2 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 0:09 UTC (permalink / raw) To: Paul Menage; +Cc: Li Zefan, Andrew Morton, LKML, Linux Containers On Mon, 2 Mar 2009 10:19:15 -0800 Paul Menage <menage@google.com> wrote: > On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf@cn.fujitsu.com> wrote: > > Now a cgroup subsystem can set default file mode of its control files, > > so here is a patchset to correct file mode of each subsystem's files. > > I really think that we should be defaulting this based on whether the > control file has read or write handlers. > > Sure, there are special cases like "tasks" that we'd need to set a > manual value for, but most of these patches would be unnecessary. > like this ? int mode; if (cft->mode) mode = cft->mode; else if (cft->write_xxx || .....) mode = 0644; else mode = 0444; Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <20090303090950.60cea53a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <20090303090950.60cea53a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 0:15 ` Paul Menage 0 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:15 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Linux Containers, Andrew Morton, LKML On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> wrote: > > int mode; > if (cft->mode) > mode = cft->mode; > else if (cft->write_xxx || .....) > mode = 0644; > else > mode = 0444; Almost: int mode; if (cft->mode) { mode = cft->mode; } else { if (cft->write_xxx || ....) mode |= 0600; if (cft->read_xxx || ...) mode |= 0444; } Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 0:09 ` KAMEZAWA Hiroyuki [not found] ` <20090303090950.60cea53a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 0:15 ` Paul Menage [not found] ` <6599ad830903021615j6e1380e2l1544b67b187c1f5e-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 1 sibling, 1 reply; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:15 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Li Zefan, Andrew Morton, LKML, Linux Containers On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> wrote: > > int mode; > if (cft->mode) > mode = cft->mode; > else if (cft->write_xxx || .....) > mode = 0644; > else > mode = 0444; Almost: int mode; if (cft->mode) { mode = cft->mode; } else { if (cft->write_xxx || ....) mode |= 0600; if (cft->read_xxx || ...) mode |= 0444; } Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <6599ad830903021615j6e1380e2l1544b67b187c1f5e-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 0:15 ` Paul Menage @ 2009-03-03 0:20 ` KAMEZAWA Hiroyuki 0 siblings, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 0:20 UTC (permalink / raw) To: Paul Menage Cc: Containers, Andrew Morton, LKML, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA On Mon, 2 Mar 2009 16:15:51 -0800 Paul Menage <menage-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> wrote: > On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki > <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> wrote: > > > > int mode; > > if (cft->mode) > > mode = cft->mode; > > else if (cft->write_xxx || .....) > > mode = 0644; > > else > > mode = 0444; > > Almost: > > int mode; > if (cft->mode) { > mode = cft->mode; > } else { > if (cft->write_xxx || ....) > mode |= 0600; > if (cft->read_xxx || ...) > mode |= 0444; > } > Oh, I see. But int mode=0, at first ;) I have no objections but please forgive subsys to set mode=0644 explicitly. Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode @ 2009-03-03 0:20 ` KAMEZAWA Hiroyuki 0 siblings, 0 replies; 35+ messages in thread From: KAMEZAWA Hiroyuki @ 2009-03-03 0:20 UTC (permalink / raw) To: Paul Menage; +Cc: Li Zefan, Andrew Morton, LKML, Linux Containers On Mon, 2 Mar 2009 16:15:51 -0800 Paul Menage <menage@google.com> wrote: > On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki > <kamezawa.hiroyu@jp.fujitsu.com> wrote: > > > > int mode; > > if (cft->mode) > > mode = cft->mode; > > else if (cft->write_xxx || .....) > > mode = 0644; > > else > > mode = 0444; > > Almost: > > int mode; > if (cft->mode) { > mode = cft->mode; > } else { > if (cft->write_xxx || ....) > mode |= 0600; > if (cft->read_xxx || ...) > mode |= 0444; > } > Oh, I see. But int mode=0, at first ;) I have no objections but please forgive subsys to set mode=0644 explicitly. Thanks, -Kame ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 0:20 ` KAMEZAWA Hiroyuki (?) @ 2009-03-03 0:23 ` Paul Menage -1 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:23 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Li Zefan, Andrew Morton, LKML, Linux Containers On Mon, Mar 2, 2009 at 4:20 PM, KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> wrote: >> >> int mode; >> if (cft->mode) { >> mode = cft->mode; >> } else { >> if (cft->write_xxx || ....) >> mode |= 0600; >> if (cft->read_xxx || ...) >> mode |= 0444; >> } >> > Oh, I see. But int mode=0, at first ;) Oops, yes. > I have no objections but please forgive subsys to set mode=0644 explicitly. Do you mean "allow" rather than "forgive"? if so, then yes, a subsystem should be able to override this to whatever it wants. Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <20090303092021.93e69b96.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <20090303092021.93e69b96.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> @ 2009-03-03 0:23 ` Paul Menage 2009-03-03 0:23 ` Mike Waychison 1 sibling, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:23 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Linux Containers, Andrew Morton, LKML On Mon, Mar 2, 2009 at 4:20 PM, KAMEZAWA Hiroyuki <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> wrote: >> >> int mode; >> if (cft->mode) { >> mode = cft->mode; >> } else { >> if (cft->write_xxx || ....) >> mode |= 0600; >> if (cft->read_xxx || ...) >> mode |= 0444; >> } >> > Oh, I see. But int mode=0, at first ;) Oops, yes. > I have no objections but please forgive subsys to set mode=0644 explicitly. Do you mean "allow" rather than "forgive"? if so, then yes, a subsystem should be able to override this to whatever it wants. Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <20090303092021.93e69b96.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> 2009-03-03 0:23 ` Paul Menage @ 2009-03-03 0:23 ` Mike Waychison 1 sibling, 0 replies; 35+ messages in thread From: Mike Waychison @ 2009-03-03 0:23 UTC (permalink / raw) To: KAMEZAWA Hiroyuki Cc: Paul Menage, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, Containers, Andrew Morton, LKML KAMEZAWA Hiroyuki wrote: > On Mon, 2 Mar 2009 16:15:51 -0800 > Paul Menage <menage-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> wrote: > >> On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki >> <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> wrote: >>> int mode; >>> if (cft->mode) >>> mode = cft->mode; >>> else if (cft->write_xxx || .....) >>> mode = 0644; >>> else >>> mode = 0444; >> Almost: >> >> int mode; >> if (cft->mode) { >> mode = cft->mode; >> } else { >> if (cft->write_xxx || ....) >> mode |= 0600; 0200 ? >> if (cft->read_xxx || ...) >> mode |= 0444; >> } >> > Oh, I see. But int mode=0, at first ;) > I have no objections but please forgive subsys to set mode=0644 explicitly. > > Thanks, > -Kame > > _______________________________________________ > Containers mailing list > Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org > https://lists.linux-foundation.org/mailman/listinfo/containers ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 0:20 ` KAMEZAWA Hiroyuki ` (2 preceding siblings ...) (?) @ 2009-03-03 0:23 ` Mike Waychison [not found] ` <49AC789D.5050209-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> 2009-03-03 0:26 ` Paul Menage -1 siblings, 2 replies; 35+ messages in thread From: Mike Waychison @ 2009-03-03 0:23 UTC (permalink / raw) To: KAMEZAWA Hiroyuki; +Cc: Paul Menage, Containers, Andrew Morton, LKML, Linux KAMEZAWA Hiroyuki wrote: > On Mon, 2 Mar 2009 16:15:51 -0800 > Paul Menage <menage@google.com> wrote: > >> On Mon, Mar 2, 2009 at 4:09 PM, KAMEZAWA Hiroyuki >> <kamezawa.hiroyu@jp.fujitsu.com> wrote: >>> int mode; >>> if (cft->mode) >>> mode = cft->mode; >>> else if (cft->write_xxx || .....) >>> mode = 0644; >>> else >>> mode = 0444; >> Almost: >> >> int mode; >> if (cft->mode) { >> mode = cft->mode; >> } else { >> if (cft->write_xxx || ....) >> mode |= 0600; 0200 ? >> if (cft->read_xxx || ...) >> mode |= 0444; >> } >> > Oh, I see. But int mode=0, at first ;) > I have no objections but please forgive subsys to set mode=0644 explicitly. > > Thanks, > -Kame > > _______________________________________________ > Containers mailing list > Containers@lists.linux-foundation.org > https://lists.linux-foundation.org/mailman/listinfo/containers ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <49AC789D.5050209-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>]
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <49AC789D.5050209-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> @ 2009-03-03 0:26 ` Paul Menage 0 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:26 UTC (permalink / raw) To: Mike Waychison Cc: Containers, Linux-FOgKQjlUJ6BQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, Andrew Morton, LKML On Mon, Mar 2, 2009 at 4:23 PM, Mike Waychison <mikew-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> wrote: >>> if (cft->write_xxx || ....) >>> mode |= 0600; > > 0200 ? Oops (again). Yes, that's what I meant. Coding in email considered harmful :-) Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode 2009-03-03 0:23 ` Mike Waychison [not found] ` <49AC789D.5050209-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org> @ 2009-03-03 0:26 ` Paul Menage 1 sibling, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-03 0:26 UTC (permalink / raw) To: Mike Waychison; +Cc: KAMEZAWA Hiroyuki, Containers, Andrew Morton, LKML, Linux On Mon, Mar 2, 2009 at 4:23 PM, Mike Waychison <mikew@google.com> wrote: >>> if (cft->write_xxx || ....) >>> mode |= 0600; > > 0200 ? Oops (again). Yes, that's what I meant. Coding in email considered harmful :-) Paul ^ permalink raw reply [flat|nested] 35+ messages in thread
[parent not found: <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>]
* [PATCH 1/4] cgroup debug: show correct file mode 2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan @ 2009-03-02 2:13 ` Li Zefan 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan ` (2 subsequent siblings) 3 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:13 UTC (permalink / raw) To: Li Zefan; +Cc: Linux Containers, Andrew Morton, Paul Menage, LKML All control files in debug subsystem are read-only. Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> --- kernel/cgroup_debug.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/kernel/cgroup_debug.c b/kernel/cgroup_debug.c index daca620..2ba54c6 100644 --- a/kernel/cgroup_debug.c +++ b/kernel/cgroup_debug.c @@ -71,25 +71,30 @@ static struct cftype files[] = { { .name = "cgroup_refcount", .read_u64 = cgroup_refcount_read, + .mode = 0444, }, { .name = "taskcount", .read_u64 = taskcount_read, + .mode = 0444, }, { .name = "current_css_set", .read_u64 = current_css_set_read, + .mode = 0444, }, { .name = "current_css_set_refcount", .read_u64 = current_css_set_refcount_read, + .mode = 0444, }, { .name = "releasable", .read_u64 = releasable_read, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH 1/4] cgroup debug: show correct file mode @ 2009-03-02 2:13 ` Li Zefan 0 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:13 UTC (permalink / raw) To: Li Zefan Cc: Andrew Morton, Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers All control files in debug subsystem are read-only. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> --- kernel/cgroup_debug.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/kernel/cgroup_debug.c b/kernel/cgroup_debug.c index daca620..2ba54c6 100644 --- a/kernel/cgroup_debug.c +++ b/kernel/cgroup_debug.c @@ -71,25 +71,30 @@ static struct cftype files[] = { { .name = "cgroup_refcount", .read_u64 = cgroup_refcount_read, + .mode = 0444, }, { .name = "taskcount", .read_u64 = taskcount_read, + .mode = 0444, }, { .name = "current_css_set", .read_u64 = current_css_set_read, + .mode = 0444, }, { .name = "current_css_set_refcount", .read_u64 = current_css_set_refcount_read, + .mode = 0444, }, { .name = "releasable", .read_u64 = releasable_read, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH 2/4] cpuacct: show correct file mode 2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan @ 2009-03-02 2:14 ` Li Zefan 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan ` (2 subsequent siblings) 3 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:14 UTC (permalink / raw) To: Andrew Morton; +Cc: Linux Containers, Paul Menage, LKML, Balbir Singh cpuacct.usage_percpu is read-only. Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> --- kernel/sched.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/kernel/sched.c b/kernel/sched.c index e66f009..638aa4d 100644 --- a/kernel/sched.c +++ b/kernel/sched.c @@ -9734,6 +9734,7 @@ static struct cftype files[] = { { .name = "usage_percpu", .read_seq_string = cpuacct_percpu_seq_read, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH 2/4] cpuacct: show correct file mode @ 2009-03-02 2:14 ` Li Zefan 0 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:14 UTC (permalink / raw) To: Andrew Morton Cc: Paul Menage, KAMEZAWA Hiroyuki, LKML, Linux Containers, Balbir Singh cpuacct.usage_percpu is read-only. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> --- kernel/sched.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/kernel/sched.c b/kernel/sched.c index e66f009..638aa4d 100644 --- a/kernel/sched.c +++ b/kernel/sched.c @@ -9734,6 +9734,7 @@ static struct cftype files[] = { { .name = "usage_percpu", .read_seq_string = cpuacct_percpu_seq_read, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH 3/4] devcgroup: show correct file mode [not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> 2009-03-02 2:13 ` Li Zefan 2009-03-02 2:14 ` Li Zefan @ 2009-03-02 2:15 ` Li Zefan 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan 2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage 4 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:15 UTC (permalink / raw) To: Andrew Morton; +Cc: Linux Containers, Paul Menage, LKML devices.allow and devices.deny are write-only, and devices.list is read-only. Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> --- security/device_cgroup.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 3aacd0f..b13fbb8 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -439,16 +439,19 @@ static struct cftype dev_cgroup_files[] = { .name = "allow", .write_string = devcgroup_access_write, .private = DEVCG_ALLOW, + .mode = 0200, }, { .name = "deny", .write_string = devcgroup_access_write, .private = DEVCG_DENY, + .mode = 0200, }, { .name = "list", .read_seq_string = devcgroup_seq_read, .private = DEVCG_LIST, + .mode = 0444, }, }; -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH 4/4] cpuset: show correct file mode [not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> ` (2 preceding siblings ...) 2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan @ 2009-03-02 2:16 ` Li Zefan 2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage 4 siblings, 0 replies; 35+ messages in thread From: Li Zefan @ 2009-03-02 2:16 UTC (permalink / raw) To: Andrew Morton; +Cc: Linux Containers, Paul Menage, LKML cpuset.memory_pressure is read-only. Signed-off-by: Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> --- kernel/cpuset.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/kernel/cpuset.c b/kernel/cpuset.c index a46d693..1ed507c 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c @@ -1671,6 +1671,7 @@ static struct cftype files[] = { .read_u64 = cpuset_read_u64, .write_u64 = cpuset_write_u64, .private = FILE_MEMORY_MIGRATE, + .mode = 0444, }, { -- 1.5.4.rc3 ^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH 0/4] cgroups: show correct file mode [not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> ` (3 preceding siblings ...) 2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan @ 2009-03-02 18:19 ` Paul Menage 4 siblings, 0 replies; 35+ messages in thread From: Paul Menage @ 2009-03-02 18:19 UTC (permalink / raw) To: Li Zefan; +Cc: Linux Containers, Andrew Morton, LKML On Sun, Mar 1, 2009 at 6:13 PM, Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> wrote: > Now a cgroup subsystem can set default file mode of its control files, > so here is a patchset to correct file mode of each subsystem's files. I really think that we should be defaulting this based on whether the control file has read or write handlers. Sure, there are special cases like "tasks" that we'd need to set a manual value for, but most of these patches would be unnecessary. Paul > > Should be applied after: > cgroup-allow-subsys-to-set-default-mode-of-its-own-file.patch > > [PATCH 1/4] cgroup debug: show correct file mode > [PATCH 2/4] cpuacct: show correct file mode > [PATCH 3/4] devcgroup: show correct file mode > [PATCH 4/4] cpuset: show correct file mode > > ^ permalink raw reply [flat|nested] 35+ messages in thread
end of thread, other threads:[~2009-03-03 1:21 UTC | newest]
Thread overview: 35+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-03-02 2:13 [PATCH 0/4] cgroups: show correct file mode Li Zefan
2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan
2009-03-02 13:06 ` Serge E. Hallyn
[not found] ` <49AB4143.9050704-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2009-03-02 13:06 ` Serge E. Hallyn
2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan
2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage
[not found] ` <6599ad830903021019p3b29c173oc7772af6679d90e0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-03-03 0:09 ` KAMEZAWA Hiroyuki
2009-03-03 1:08 ` Li Zefan
2009-03-03 1:08 ` Li Zefan
2009-03-03 1:08 ` KAMEZAWA Hiroyuki
[not found] ` <20090303100827.43d82c3a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>
2009-03-03 1:15 ` Li Zefan
2009-03-03 1:15 ` Li Zefan
[not found] ` <49AC84BE.5020501-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2009-03-03 1:19 ` KAMEZAWA Hiroyuki
2009-03-03 1:19 ` KAMEZAWA Hiroyuki
[not found] ` <49AC8307.7090008-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2009-03-03 1:08 ` KAMEZAWA Hiroyuki
2009-03-03 1:16 ` Paul Menage
2009-03-03 1:16 ` Paul Menage
2009-03-03 0:09 ` KAMEZAWA Hiroyuki
[not found] ` <20090303090950.60cea53a.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>
2009-03-03 0:15 ` Paul Menage
2009-03-03 0:15 ` Paul Menage
[not found] ` <6599ad830903021615j6e1380e2l1544b67b187c1f5e-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-03-03 0:20 ` KAMEZAWA Hiroyuki
2009-03-03 0:20 ` KAMEZAWA Hiroyuki
2009-03-03 0:23 ` Paul Menage
[not found] ` <20090303092021.93e69b96.kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org>
2009-03-03 0:23 ` Paul Menage
2009-03-03 0:23 ` Mike Waychison
2009-03-03 0:23 ` Mike Waychison
[not found] ` <49AC789D.5050209-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2009-03-03 0:26 ` Paul Menage
2009-03-03 0:26 ` Paul Menage
[not found] ` <49AB40BF.4030706-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2009-03-02 2:13 ` [PATCH 1/4] cgroup debug: " Li Zefan
2009-03-02 2:13 ` Li Zefan
2009-03-02 2:14 ` [PATCH 2/4] cpuacct: " Li Zefan
2009-03-02 2:14 ` Li Zefan
2009-03-02 2:15 ` [PATCH 3/4] devcgroup: " Li Zefan
2009-03-02 2:16 ` [PATCH 4/4] cpuset: " Li Zefan
2009-03-02 18:19 ` [PATCH 0/4] cgroups: " Paul Menage
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.