Ubuntu
linux package

cgroup namespaces: add a 'nsroot=' mountinfo field

Bug #1560489 reported by Tim Gardner on 2016-03-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Undecided	Serge Hallyn
	Xenial	Fix Released	Undecided	Serge Hallyn

Bug Description

    [ note - this is a version of the patch I just sent to lkml ported to
      our xenial tree. It's needed for things like docker and lxc to
      be certain of which cgroup tasks file is their own in certain nesting
      situations. We currently work around it by blindly assuming that
      there are no legacy container managers running on cgroup-ns-enabled
      kernels ]

    One practical problem I've found with cgroup namespaces is that there
    is no way to disambiguate between a cgroupfs mount which was done in
    a cgroup namespace, and a bind mount of a cgroupfs directory. So
    whether I do

unshare --cgroup -- bash -c "mount -t cgroup -o freezer f /mnt; cat /proc/self/mountinfo"

or whether I just

mount --bind /sys/fs/cgroup/freezer/$(awk -F: '/freezer/ { print $3 }' /proc/self/cgroup) /mnt

'mount root' field (field 3) in /proc/self/mountinfo will show the
same thing, the result of awk -F: '/freezer/ { print $3 }' /proc/self/cgroup.

    This patch adds a 'nsroot=' field to cgroup mountinfo entries, so that
    userspace can distinguish a mount made in a cgroup namespace from a bind
    mount from a cgroup subdirectory.

Tim Gardner (timg-tpi) on 2016-03-22

Changed in linux (Ubuntu Xenial):
assignee:	nobody → Serge Hallyn (serge-hallyn)
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-29:

Download full text (4.2 KiB)

This bug was fixed in the package linux - 4.4.0-16.32

---------------
linux (4.4.0-16.32) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1561727

  * fix thermal throttling due to commit "Thermal: initialize thermal zone
    device correctly" (LP: #1561676)
    - Thermal: Ignore invalid trip points

  * Thinkpad T460: Trackpoint mouse buttons instantly generate "release" event
    on press (LP: #1553811)
    - SAUCE: (noup) Input: synaptics - handle spurious release of trackstick
      buttons, again

  * reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADMIN
    (LP: #1560583)
    - SAUCE: apparmor: Allow ns_root processes to open profiles file
    - SAUCE: apparmor: Consult sysctl when reading profiles in a user ns

* linux: sync virtualbox drivers to 5.0.16-dfsg-2 (LP: #1561492)
- ubuntu: vbox -- update to 5.0.16-dfsg-2

  * s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense on
    s390x (LP: #1557690)
    - [Config] CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=n for s390x

  * spl/zfs fails to build on s390x (LP: #1519814)
    - [Config] s390x -- re-enable zfs
    - [Config] zfs -- disable powerpc until the test failures can be resolved

* linux: sync to ZFS 0.6.5.6 stable release (LP: #1561483)
- SAUCE: (noup) Update spl to 0.6.5.6-0ubuntu1, zfs to 0.6.5.6-0ubuntu1

  * zfs: enable zfs for 64bit powerpc kernels (LP: #1558871)
    - [Packaging] zfs -- handle rprovides via dpkg-gencontrol
    - [Config] powerpc -- convert zfs configuration to custom_override

  * Memory arena corruption with FUSE (was Memory allocation failure crashes
    kernel hard, presumably related to FUSE) (LP: #1505948)
    - SAUCE: (noup) fuse: do not use iocb after it may have been freed
    - SAUCE: (noup) fuse: Add reference counting for fuse_io_priv

* cgroup namespaces: add a 'nsroot=' mountinfo field (LP: #1560489)
- SAUCE: (noup) cgroup namespaces: add a 'nsroot=' mountinfo field

* linux packaging: clear remaining redundant delta (LP: #1560445)
- [Debian] Remove generated intermediate files on clean

  * arm64: guest hangs when ntpd is running (LP: #1549494)
    - Revert "hrtimer: Add support for CLOCK_MONOTONIC_RAW"
    - Revert "hrtimer: Catch illegal clockids"
    - Revert "KVM: arm/arm64: timer: Switch to CLOCK_MONOTONIC_RAW"

  * Need enough contiguous memory to support GICv3 ITS table (LP: #1558828)
    - [Config] CONFIG_FORCE_MAX_ZONEORDER=13 on arm64
    - SAUCE: (no-up) arm64: gicv3: its: Increase FORCE_MAX_ZONEORDER for Cavium
      ThunderX

  * update arcmsr to version v1.30.00.22-20151126 to fix card timeouts
    (LP: #1559609)
    - arcmsr: fixed getting wrong configuration data
    - arcmsr: fixes not release allocated resource
    - arcmsr: make code more readable
    - arcmsr: adds code to support new Areca adapter ARC1203
    - arcmsr: changes driver version number
    - arcmsr: more readability improvements
    - arcmsr: Split dma resource allocation to a new function
    - arcmsr: change driver version to v1.30.00.22-20151126

* server image has no keyboard, desktop image works (LP: #1559692)
- [Config] Rework input-modules (d-i) list

* PMU sup...

This bug was fixed in the package linux - 4.4.0-16.32

---------------
linux (4.4.0-16.32) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1561727

* fix thermal throttling due to commit "Thermal: initialize thermal zone
    device correctly"  (LP: #1561676)
    - Thermal: Ignore invalid trip points

* linux: sync virtualbox drivers to 5.0.16-dfsg-2 (LP: #1561492)
    - ubuntu: vbox -- update to 5.0.16-dfsg-2

* s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense on
    s390x (LP: #1557690)
    - [Config] CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=n for s390x

* spl/zfs fails to build on s390x (LP: #1519814)
    - [Config] s390x -- re-enable zfs
    - [Config] zfs -- disable powerpc until the test failures can be resolved

* linux: sync to ZFS 0.6.5.6 stable release (LP: #1561483)
    - SAUCE: (noup) Update spl to 0.6.5.6-0ubuntu1, zfs to 0.6.5.6-0ubuntu1

* zfs: enable zfs for 64bit powerpc kernels (LP: #1558871)
    - [Packaging] zfs -- handle rprovides via dpkg-gencontrol
    - [Config] powerpc -- convert zfs configuration to custom_override

* cgroup namespaces: add a 'nsroot=' mountinfo field (LP: #1560489)
    - SAUCE: (noup) cgroup namespaces: add a 'nsroot=' mountinfo field

* linux packaging: clear remaining redundant delta (LP: #1560445)
    - [Debian] Remove generated intermediate files on clean

* server image has no keyboard, desktop image works (LP: #1559692)
    - [Config] Rework input-modules (d-i) list

* PMU support for Cavium ThunderX (LP: #1559349)
    - arm64: perf: Rename Cortex A57 events
    - arm64/perf: Add Cavium ThunderX PMU support
    - arm64: perf: Enable PMCR long cycle counter bit
    - arm64: perf: Extend event mask for ARMv8.1
    - arm64: dts: Add Cavium ThunderX specific PMU

* Show ARM PMU events in perf stat (LP: #1559350)
    - drivers/perf: kill armpmu_register
    - arm: perf: Convert event enums to #defines
    - arm: perf: Add event descriptions
    - arm64: perf: Convert event enums to #defines
    - arm64: perf: Add event descriptions
    - ARM: perf: add format entry to describe event -> config mapping
    - arm64: perf: add format entry to describe event -> config mapping

* [Bug]HSW/BDW EDAC driver reports wrong DIMM (LP: #1559904)
    - EDAC/sb_edac: Fix computation of channel address

* 5-10 second delay in kernel boot with kernel command line ip= (LP: #1259861)
    - [Config] disable CONFIG_IP_PNP

* Miscellaneous Ubuntu changes
    - [Debian] Silence the reconstruct script

-- Tim Gardner <tim.gardner@canonical.com>  Mon, 21 Mar 2016 10:15:31 -0600

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

cgroup namespaces: add a 'nsroot=' mountinfo field

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
linux package