cgroup: Add named hierarchy disabling to cgroup_no_v1 boot param

It can be useful to inhibit all cgroup1 hierarchies especially during
transition and for debugging.  cgroup_no_v1 can block hierarchies with
controllers which leaves out the named hierarchies.  Expand it to
cover the named hierarchies so that "cgroup_no_v1=all,named" disables
all cgroup1 hierarchies.

Signed-off-by: Tejun Heo <tj@kernel.org>
Suggested-by: Marcin Pawlowski <mpawlowski@fb.com>
Signed-off-by: Tejun Heo <tj@kernel.org>

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 81d1d5a..8b76524 100644 (file)
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -486,10 +486,14 @@
                        cut the overhead, others just disable the usage. So
                        only cgroup_disable=memory is actually worthy}
 
-       cgroup_no_v1=   [KNL] Disable one, multiple, all cgroup controllers in v1
-                       Format: { controller[,controller...] | "all" }
+       cgroup_no_v1=   [KNL] Disable cgroup controllers and named hierarchies in v1
+                       Format: { { controller | "all" | "named" }
+                                 [,{ controller | "all" | "named" }...] }
                        Like cgroup_disable, but only applies to cgroup v1;
                        the blacklisted controllers remain available in cgroup2.
+                       "all" blacklists all controllers and "named" disables
+                       named mounts. Specifying both "all" and "named" disables
+                       all v1 hierarchies.
 
        cgroup.memory=  [KNL] Pass options to the cgroup memory controller.
                        Format: <string>

diff --git a/kernel/cgroup/cgroup-v1.c b/kernel/cgroup/cgroup-v1.c
index 51063e7..583b969 100644 (file)
--- a/kernel/cgroup/cgroup-v1.c
+++ b/kernel/cgroup/cgroup-v1.c
@@ -27,6 +27,9 @@
 /* Controllers blocked by the commandline in v1 */
 static u16 cgroup_no_v1_mask;
 
+/* disable named v1 mounts */
+static bool cgroup_no_v1_named;
+
 /*
  * pidlist destructions need to be flushed on cgroup destruction.  Use a
  * separate workqueue as flush domain.
@@ -963,6 +966,10 @@ static int parse_cgroupfs_options(char *data, struct cgroup_sb_opts *opts)
                }
                if (!strncmp(token, "name=", 5)) {
                        const char *name = token + 5;
+
+                       /* blocked by boot param? */
+                       if (cgroup_no_v1_named)
+                               return -ENOENT;
                        /* Can't specify an empty name */
                        if (!strlen(name))
                                return -EINVAL;
@@ -1292,7 +1299,12 @@ static int __init cgroup_no_v1(char *str)
 
                if (!strcmp(token, "all")) {
                        cgroup_no_v1_mask = U16_MAX;
-                       break;
+                       continue;
+               }
+
+               if (!strcmp(token, "named")) {
+                       cgroup_no_v1_named = true;
+                       continue;
                }
 
                for_each_subsys(ss, i) {