On Mon, May 5, 2008 at 2:54 AM, Miklos Szeredi <miklos@xxxxxxxxxx> wrote: > From: Miklos Szeredi <mszeredi@xxxxxxx> > > cgroup_clone() calls vfs_mkdir() to create a directory in the cgroup > filesystem. Replace with explicit call to cgroup_mkdir() and > fsnotify_mkdir(). > > This is equivalent, except that the following functions are not called > before cgroup_mkdir(): > > - may_create() > - security_inode_mkdir() > - DQUOT_INIT() > > Permission to clone the cgroup has already been checked in > copy_namespaces() (requiring CAP_SYS_ADMIN). Additional file system > related capability checks are inappropriate and confusing. > > The quota check is unnecessary, as quotas don't make any sense for > this filesystem. > > Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxx> > CC: Paul Menage <menage@xxxxxxxxxx> This looks like it behaves correctly, but I don't really have any view on whether the change is the right thing to do - I'll leave that to the VFS gurus. FWIW, I'd regard cgroup_clone() as being outside the filesystem rather than inside. It does have some knowledge of the cgroupfs internals, but it tries to leave as much as possible up to the real filesystem code. Paul -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
