From 57e62ee00ae4fd001cf8b3c0e95f3a05a2565543 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Thu, 14 Apr 2016 15:16:22 +0100 Subject: [PATCH] libvirt-lxc: add virDomainLxcEnterCGroup API Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so file. This method moves the calling process into the cgroups associated with the container. Signed-off-by: Daniel P. Berrange --- config-post.h | 2 ++ include/libvirt/libvirt-lxc.h | 2 ++ src/Makefile.am | 4 +++ src/libvirt-lxc.c | 47 +++++++++++++++++++++++++++++++++++ src/libvirt_lxc.syms | 5 ++++ 5 files changed, 60 insertions(+) diff --git a/config-post.h b/config-post.h index 2398d3d9ce..f43521bd34 100644 --- a/config-post.h +++ b/config-post.h @@ -32,6 +32,7 @@ # undef HAVE_LIBSASL2 # undef WITH_CAPNG # undef WITH_CURL +# undef WITH_DBUS # undef WITH_DTRACE_PROBES # undef WITH_GNUTLS # undef WITH_GNUTLS_GCRYPT @@ -39,6 +40,7 @@ # undef WITH_NUMACTL # undef WITH_SASL # undef WITH_SSH2 +# undef WITH_SYSTEMD_DAEMON # undef WITH_VIRTUALPORT # undef WITH_YAJL # undef WITH_YAJL2 diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h index 1901fce4f8..0d16a5c44d 100644 --- a/include/libvirt/libvirt-lxc.h +++ b/include/libvirt/libvirt-lxc.h @@ -46,6 +46,8 @@ int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model, virSecurityLabelPtr label, virSecurityLabelPtr oldlabel, unsigned int flags); +int virDomainLxcEnterCGroup(virDomainPtr domain, + unsigned int flags); # ifdef __cplusplus } diff --git a/src/Makefile.am b/src/Makefile.am index 04ef9a506c..ee4a7bf941 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -2327,8 +2327,10 @@ libvirt_setuid_rpc_client_la_SOURCES = \ util/viratomic.h \ util/virbitmap.c \ util/virbuffer.c \ + util/vircgroup.c \ util/vircommand.c \ util/virconf.c \ + util/virdbus.c \ util/virerror.c \ util/virevent.c \ util/vireventpoll.c \ @@ -2336,6 +2338,7 @@ libvirt_setuid_rpc_client_la_SOURCES = \ util/virgettext.c \ util/virhash.c \ util/virhashcode.c \ + util/virhostcpu.c \ util/virjson.c \ util/virlog.c \ util/virobject.c \ @@ -2344,6 +2347,7 @@ libvirt_setuid_rpc_client_la_SOURCES = \ util/virrandom.c \ util/virsocketaddr.c \ util/virstring.c \ + util/virsystemd.c \ util/virtime.c \ util/virthread.c \ util/virthreadjob.c \ diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c index 8553570c6a..16e08e9db8 100644 --- a/src/libvirt-lxc.c +++ b/src/libvirt-lxc.c @@ -36,6 +36,7 @@ #ifdef WITH_APPARMOR # include #endif +#include "vircgroup.h" #define VIR_FROM_THIS VIR_FROM_NONE @@ -269,3 +270,49 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model, virDispatchError(NULL); return -1; } + + +/** + * virDomainLxcEnterCGroup: + * @domain: a domain object + * @flags: currently unused, pass 0 + * + * This API is LXC specific, so it will only work with hypervisor + * connections to the LXC driver. + * + * Attaches the process to the control cgroups associated + * with the container @domain. + * + * Returns 0 on success, -1 on error + */ +int virDomainLxcEnterCGroup(virDomainPtr domain, + unsigned int flags) +{ + virConnectPtr conn; + virCgroupPtr cgroup = NULL; + + VIR_DOMAIN_DEBUG(domain, "flags=%x", flags); + + virResetLastError(); + + virCheckDomainReturn(domain, -1); + conn = domain->conn; + + virCheckReadOnlyGoto(conn->flags, error); + virCheckFlagsGoto(0, error); + + if (virCgroupNewDetect(domain->id, -1, &cgroup) < 0) + goto error; + + if (virCgroupAddTask(cgroup, getpid()) < 0) + goto error; + + virCgroupFree(&cgroup); + + return 0; + + error: + virDispatchError(NULL); + virCgroupFree(&cgroup); + return -1; +} diff --git a/src/libvirt_lxc.syms b/src/libvirt_lxc.syms index ccf1be9897..56c24c00f7 100644 --- a/src/libvirt_lxc.syms +++ b/src/libvirt_lxc.syms @@ -20,3 +20,8 @@ LIBVIRT_LXC_1.0.4 { global: virDomainLxcEnterSecurityLabel; } LIBVIRT_LXC_1.0.2; + +LIBVIRT_LXC_1.3.6 { + global: + virDomainLxcEnterCGroup; +} LIBVIRT_LXC_1.0.4;