[lxc-devel] [lxcfs/master] bugfixes
brauner on Github
lxc-bot at linuxcontainers.org
Wed Mar 4 10:24:03 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 365 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200304/54659c64/attachment.bin>
-------------- next part --------------
From 9973cc069b9d4667d3d339252ea46f3cde44de6c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 4 Mar 2020 09:07:35 +0100
Subject: [PATCH 1/2] tree-wide: ensure lxcfs_opts is checked
When we only reload the shared library, then lxcfs_opts even with a
newer version of lxcfs will not be valid.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
bindings.c | 2 +-
proc_cpuview.c | 2 +-
proc_fuse.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/bindings.c b/bindings.c
index 64e6eeb..45a3e57 100644
--- a/bindings.c
+++ b/bindings.c
@@ -244,7 +244,7 @@ static void save_initpid(struct stat *sb, pid_t pid)
struct stat st;
int ino_hash;
- if (opts->use_pidfd && can_use_pidfd) {
+ if (opts && opts->use_pidfd && can_use_pidfd) {
pidfd = pidfd_open(pid, 0);
if (pidfd < 0)
return;
diff --git a/proc_cpuview.c b/proc_cpuview.c
index 8321840..011975e 100644
--- a/proc_cpuview.c
+++ b/proc_cpuview.c
@@ -906,7 +906,7 @@ int proc_cpuinfo_read(char *buf, size_t size, off_t offset,
if (!cpuset)
return 0;
- if (cgroup_ops->can_use_cpuview(cgroup_ops) && opts->use_cfs)
+ if (cgroup_ops->can_use_cpuview(cgroup_ops) && (opts && opts->use_cfs))
use_view = true;
if (use_view)
diff --git a/proc_fuse.c b/proc_fuse.c
index c6a972f..0f4798b 100644
--- a/proc_fuse.c
+++ b/proc_fuse.c
@@ -1037,7 +1037,7 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
__do_free void *fopen_cache = NULL;
__do_fclose FILE *f = NULL;
struct fuse_context *fc = fuse_get_context();
- struct lxcfs_opts *opts = (struct lxcfs_opts *) fuse_get_context()->private_data;
+ struct lxcfs_opts *opts = (struct lxcfs_opts *)fuse_get_context()->private_data;
struct file_info *d = INTTYPE_TO_PTR(fi->fh);
uint64_t memlimit = 0, memusage = 0, memswlimit = 0, memswusage = 0,
hosttotal = 0;
From 9e69f4431c7ace104054292b6d61999dc87bf6ed Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 4 Mar 2020 11:22:13 +0100
Subject: [PATCH 2/2] README: add sections about upgrade + musl
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
README.md | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index e2b92ee..7a8e367 100644
--- a/README.md
+++ b/README.md
@@ -26,7 +26,28 @@ Prior to the implementation of cgroup namespaces by Serge Hallyn `LXCFS` also
provided a container aware `cgroupfs` tree. It took care that the container
only had access to cgroups underneath it's own cgroups and thus provided
additional safety. For systems without support for cgroup namespaces `LXCFS`
-will still provide this feature.
+will still provide this feature but it is mostly considered deprecated.
+
+## Upgrading `LXCFS` versions without resart
+
+`LXCFS` is split into a shared library (a libtool module, to be precise)
+`liblxcfs` and a simple binary `lxcfs`. When upgrading to a newer version to
+`LXCFS` the `lxcfs` binary will not be restarted. Instead it will detect that
+a new version of the shared library is available and will reload it using
+`dlclose(3)` and `dlopen(3)`. This design was chosen so that the fuse main loop
+that `LXCFS` uses will not need to be restarted. If it were then all containers
+using `LXCFS` would need to be restarted since they would end up with broken
+fuse mounts otherwise.
+
+### musl
+
+To achieve smooth upgrades through shared library reloads `LXCFS` also relies
+on the fact that when `dlclose(3)` drops the last reference to the shared
+library destructors are run and when `dlopen(3)` is called constructors are
+run. While this is true for `glibc` it is not true for `musl` (See the section
+[Unloading libraries](https://wiki.musl-libc.org/functional-differences-from-glibc.html).).
+So users of `LXCFS` on `musl` are advised to restart `LXCFS` completely and
+- by extension - all containers.
## Building
Build lxcfs as follows:
More information about the lxc-devel
mailing list