We allow modifying these mount options via remount. Let's add "no" prefixed
variants so that they can be turned off too.
Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
Cc: Christian Brauner <brauner@xxxxxxxxxx>
Cc: Michal Koutný <mkoutny@xxxxxxxx>
---
Documentation/admin-guide/cgroup-v2.rst | 6 +++---
kernel/cgroup/cgroup.c | 20 +++++++++++++++-----
2 files changed, 18 insertions(+), 8 deletions(-)
--- a/Documentation/admin-guide/cgroup-v2.rst
+++ b/Documentation/admin-guide/cgroup-v2.rst
@@ -177,14 +177,14 @@ disabling controllers in v1 and make the
cgroup v2 currently supports the following mount options.
- nsdelegate
+ [no]nsdelegate
Consider cgroup namespaces as delegation boundaries. This
option is system wide and can only be set on mount or modified
through remount from the init namespace. The mount option is
ignored on non-init namespace mounts. Please refer to the
Delegation section for details.
- memory_localevents
+ memory_[no]localevents
Only populate memory.events with data for the current cgroup,
and not any subtrees. This is legacy behaviour, the default
behaviour without this option is to include subtree counts.
@@ -192,7 +192,7 @@ cgroup v2 currently supports the followi
modified through remount from the init namespace. The mount
option is ignored on non-init namespace mounts.
- memory_recursiveprot
+ memory_[no]recursiveprot
Recursively apply memory.min and memory.low protection to
entire subtrees, without requiring explicit downward
propagation into leaf cgroups. This allows protecting entire
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -279,8 +279,6 @@ bool cgroup_ssid_enabled(int ssid)
*
* - When mounting an existing superblock, mount options should match.
*
- * - Remount is disallowed.
- *
* - rename(2) is disallowed.
*
* - "tasks" is removed. Everything should be at process granularity. Use
@@ -1859,16 +1857,19 @@ int cgroup_show_path(struct seq_file *sf
}
enum cgroup2_param {
- Opt_nsdelegate,
- Opt_memory_localevents,
- Opt_memory_recursiveprot,
+ Opt_nsdelegate, Opt_nonsdelegate,
+ Opt_memory_localevents, Opt_memory_nolocalevents,
+ Opt_memory_recursiveprot, Opt_memory_norecursiveprot,
nr__cgroup2_params
};
static const struct fs_parameter_spec cgroup2_fs_parameters[] = {
fsparam_flag("nsdelegate", Opt_nsdelegate),
+ fsparam_flag("nonsdelegate", Opt_nonsdelegate),
fsparam_flag("memory_localevents", Opt_memory_localevents),
+ fsparam_flag("memory_nolocalevents", Opt_memory_nolocalevents),
fsparam_flag("memory_recursiveprot", Opt_memory_recursiveprot),
+ fsparam_flag("memory_norecursiveprot", Opt_memory_norecursiveprot),
{}
};
@@ -1886,12 +1887,21 @@ static int cgroup2_parse_param(struct fs
case Opt_nsdelegate:
ctx->flags |= CGRP_ROOT_NS_DELEGATE;
return 0;
+ case Opt_nonsdelegate:
+ ctx->flags &= ~CGRP_ROOT_NS_DELEGATE;
+ return 0;
case Opt_memory_localevents:
ctx->flags |= CGRP_ROOT_MEMORY_LOCAL_EVENTS;
return 0;
+ case Opt_memory_nolocalevents:
+ ctx->flags &= ~CGRP_ROOT_MEMORY_LOCAL_EVENTS;
+ return 0;
case Opt_memory_recursiveprot:
ctx->flags |= CGRP_ROOT_MEMORY_RECURSIVE_PROT;
return 0;
+ case Opt_memory_norecursiveprot:
+ ctx->flags &= ~CGRP_ROOT_MEMORY_RECURSIVE_PROT;
+ return 0;
}
return -EINVAL;
}
