> @@ -213,10 +227,21 @@ static int pids_can_fork(struct task_struct *task)
> {
> struct cgroup_subsys_state *css;
> struct pids_cgroup *pids;
> + int err;
>
> css = task_css_check(current, pids_cgrp_id, true);
> pids = css_pids(css);
> - return pids_try_charge(pids, 1);
> + err = pids_try_charge(pids, 1);
> + if (err) {
> + atomic64_inc(&pids->events_limit);
> + cgroup_file_notify(&pids->events_file);
> + if (!atomic_xchg(&pids->events_limit_logged, 1)) {
> + pr_info("cgroup: fork rejected by pids controller in ");
> + pr_cont_cgroup_path(task_cgroup(current, pids_cgrp_id));
> + pr_cont("\n");
> + }
> + }
> + return err;
> }
Why are we logging this? Isn't the pids.events file enough
information? I feel like you could remove a lot of logic if you don't
log this.
And even if we do end up logging it, why have the boolean flag (the
counter always increases, just log if the counter is currently 0 and
you're incrementing it).
--
Aleksa Sarai (cyphar)
www.cyphar.com
--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
