[Devel] Re: [RFC][PATCH] IP address restricting cgroup subsystem
Paul Menage
menage at google.com
Sat Jan 10 08:14:19 PST 2009
On Fri, Jan 9, 2009 at 8:50 PM, Li Zefan <lizf at cn.fujitsu.com> wrote:
>>
>> For checking the "children" list, you can just lock
>> ipaddr_subsys.hierarchy_mutex.
>>
>
> Unfortunately hierarchy_mutex can't be used here, since hierarchy_mutex
> doesn't protect subsys's create() method, and the create() will access
> parent cgroup's data.
>
But that can be solved by putting a spinlock in the ipaddr_cgroup
structure and taking it in the write handler (and the connect/bind
handlers, which should also be using RCU), and taking the parent
structure's lock before copying from it in the create callback. No
need for something as heavy as cgroup_lock().
Paul
More information about the Containers
mailing list