cgroup: disallow rename(2) if sane_behavior
authorTejun Heo <tj@kernel.org>
Fri, 14 Jun 2013 18:18:22 +0000 (11:18 -0700)
committerTejun Heo <tj@kernel.org>
Tue, 18 Jun 2013 15:14:23 +0000 (08:14 -0700)
cgroup's rename(2) isn't a proper migration implementation - it can't
move the cgroup to a different parent in the hierarchy.  All it can do
is swapping the name string for that cgroup.  This isn't useful and
can mislead users to think that cgroup supports proper cgroup-level
migration.  Disallow rename(2) if sane_behavior.

v2: Fail with -EPERM instead of -EINVAL so that it matches the vfs
    return value when ->rename is not implemented as suggested by Li.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
include/linux/cgroup.h
kernel/cgroup.c

index 17604767adfd4063f2646aebdb4608524103d05a..f975227906823e71c4c12bbc957ac31b94ef4ca4 100644 (file)
@@ -270,6 +270,8 @@ enum {
         * - "release_agent" and "notify_on_release" are removed.
         *   Replacement notification mechanism will be implemented.
         *
+        * - rename(2) is disallowed.
+        *
         * - memcg: use_hierarchy is on by default and the cgroup file for
         *   the flag is not created.
         */
index 2e9da7bf25cb740a2738b86ff3e211f8cf8d5306..c2c64005bbc2dc061d1b52322393644fdc14e3de 100644 (file)
@@ -2508,6 +2508,13 @@ static int cgroup_rename(struct inode *old_dir, struct dentry *old_dentry,
 
        cgrp = __d_cgrp(old_dentry);
 
+       /*
+        * This isn't a proper migration and its usefulness is very
+        * limited.  Disallow if sane_behavior.
+        */
+       if (cgroup_sane_behavior(cgrp))
+               return -EPERM;
+
        name = cgroup_alloc_name(new_dentry);
        if (!name)
                return -ENOMEM;