On Wed, 17 Oct 2007, KAMEZAWA Hiroyuki wrote: > > > +static ssize_t mem_force_empty_read(struct cgroup *cont, > > > + struct cftype *cft, > > > + struct file *file, char __user *userbuf, > > > + size_t nbytes, loff_t *ppos) > > > +{ > > > + static const char buf[2] = "0"; > > > + return simple_read_from_buffer((void __user *)userbuf, nbytes, > > > + ppos, buf, strlen(buf)); > > > > Reading memory.force_empty is pretty useless, so why allow it to be read > > at all? > > Ah, yes. How can I make this as read-only ? just remove .read ? > > Thanks, You mean make it write-only? Typically it would be as easy as only specifying a mode of S_IWUSR so that it can only be written to, the S_IFREG is already provided by cgroup_add_file(). Unfortunately, cgroups do not appear to allow that. It hardcodes the permissions of 0644 | S_IFREG into the cgroup_create_file() call from cgroup_add_file(), which is a bug. Cgroup files should be able to be marked as read-only or write-only depending on their semantics. So until that bug gets fixed and you're allowed to pass your own file modes to cgroup_add_files(), you'll have to provide the read function. David _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers