[libvirt] [PATCH 09/17] libvirt-lxc: add virDomainLxcEnterCGroup API

John Ferlan jferlan at redhat.com
Wed Apr 27 17:48:00 UTC 2016 


On 04/14/2016 11:22 AM, Daniel P. Berrange wrote:
> Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so
> file. This method moves the calling process into the cgroups
> associated with the container.
> 
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
>  include/libvirt/libvirt-lxc.h |  2 ++
>  src/libvirt-lxc.c             | 47 +++++++++++++++++++++++++++++++++++++++++++
>  src/libvirt_lxc.syms          |  5 +++++
>  3 files changed, 54 insertions(+)
> 
> diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h
> index 1901fce..0d16a5c 100644
> --- a/include/libvirt/libvirt-lxc.h
> +++ b/include/libvirt/libvirt-lxc.h
> @@ -46,6 +46,8 @@ int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
>                                     virSecurityLabelPtr label,
>                                     virSecurityLabelPtr oldlabel,
>                                     unsigned int flags);
> +int virDomainLxcEnterCGroup(virDomainPtr domain,
> +                            unsigned int flags);
>  
>  # ifdef __cplusplus
>  }
> diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
> index 8553570..16e08e9 100644
> --- a/src/libvirt-lxc.c
> +++ b/src/libvirt-lxc.c
> @@ -36,6 +36,7 @@
>  #ifdef WITH_APPARMOR
>  # include <sys/apparmor.h>
>  #endif
> +#include "vircgroup.h"
>  
>  #define VIR_FROM_THIS VIR_FROM_NONE
>  
> @@ -269,3 +270,49 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
>      virDispatchError(NULL);
>      return -1;
>  }
> +
> +
> +/**
> + * virDomainLxcEnterCGroup:
> + * @domain: a domain object
> + * @flags: currently unused, pass 0
> + *
> + * This API is LXC specific, so it will only work with hypervisor
> + * connections to the LXC driver.
> + *
> + * Attaches the process to the control cgroups associated
> + * with the container @domain.
> + *
> + * Returns 0 on success, -1 on error
> + */
> +int virDomainLxcEnterCGroup(virDomainPtr domain,
> +                            unsigned int flags)
> +{
> +    virConnectPtr conn;
> +    virCgroupPtr cgroup = NULL;
> +
> +    VIR_DOMAIN_DEBUG(domain, "flags=%x", flags);
> +
> +    virResetLastError();
> +
> +    virCheckDomainReturn(domain, -1);
> +    conn = domain->conn;
> +
> +    virCheckReadOnlyGoto(conn->flags, error);
> +    virCheckFlagsGoto(0, error);
> +
> +    if (virCgroupNewDetect(domain->id, -1, &cgroup) < 0)

virCgroupNewDetect takes a pid as parameter 1


ACK with that (your call on 1.3.4 or wait for 1.3.5 in which case the
next file would need adjustment)

John
> +        goto error;
> +
> +    if (virCgroupAddTask(cgroup, getpid()) < 0)
> +        goto error;
> +
> +    virCgroupFree(&cgroup);
> +
> +    return 0;
> +
> + error:
> +    virDispatchError(NULL);
> +    virCgroupFree(&cgroup);
> +    return -1;
> +}
> diff --git a/src/libvirt_lxc.syms b/src/libvirt_lxc.syms
> index ccf1be9..061152a 100644
> --- a/src/libvirt_lxc.syms
> +++ b/src/libvirt_lxc.syms
> @@ -20,3 +20,8 @@ LIBVIRT_LXC_1.0.4 {
>      global:
>          virDomainLxcEnterSecurityLabel;
>  } LIBVIRT_LXC_1.0.2;
> +
> +LIBVIRT_LXC_1.3.4 {
> +    global:
> +        virDomainLxcEnterCGroup;
> +} LIBVIRT_LXC_1.0.4;
>

More information about the libvir-list mailing list