Skip to content

Commit 902a7da

Browse files
haircommanderhaircommander
committed
libctr: Reset the inherited cpu affinity
Old kernels do that automatically, but new kernels remember the affinity that was set before the cgroup move due to https://lore.kernel.org/lkml/[email protected] This is undesirable for containers, because they inherit the systemd affinity when the should really move to the container space cpus. see https://issues.redhat.com/browse/OCPBUGS-15102 for more information Signed-off-by: Martin Sivak <[email protected]> Signed-off-by: Peter Hunt <[email protected]>
1 parent 1614cab commit 902a7da

File tree

1 file changed

+16
-0
lines changed

1 file changed

+16
-0
lines changed

libcontainer/process_linux.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,6 +144,14 @@ func (p *setnsProcess) start() (retErr error) {
144144
}
145145
}
146146
}
147+
// Reset the inherited cpu affinity. Old kernels do that automatically, but
148+
// new kernels remember the affinity that was set before the cgroup move.
149+
// This is undesirable, because it inherits the systemd affinity when the container
150+
// should really move to the container space cpus.
151+
if err = unix.SchedSetaffinity(p.pid(), &unix.CPUSet{}); err != nil && err != unix.EINVAL && err != unix.ENODEV { //nolint:errorlint
152+
return fmt.Errorf("error resetting pid %d affinity: %w", p.pid(), err)
153+
}
154+
147155
if p.intelRdtPath != "" {
148156
// if Intel RDT "resource control" filesystem path exists
149157
_, err := os.Stat(p.intelRdtPath)
@@ -419,6 +427,14 @@ func (p *initProcess) start() (retErr error) {
419427
if err := p.manager.Apply(p.pid()); err != nil {
420428
return fmt.Errorf("unable to apply cgroup configuration: %w", err)
421429
}
430+
431+
// Reset the inherited cpu affinity. Old kernels do that automatically, but
432+
// new kernels remember the affinity that was set before the cgroup move.
433+
// This is undesirable, because it inherits the systemd affinity when the container
434+
// should really move to the container space cpus.
435+
if err = unix.SchedSetaffinity(p.pid(), &unix.CPUSet{}); err != nil && err != unix.EINVAL && err != unix.ENODEV { //nolint:errorlint
436+
return fmt.Errorf("error resetting pid %d affinity: %w", p.pid(), err)
437+
}
422438
if p.intelRdtManager != nil {
423439
if err := p.intelRdtManager.Apply(p.pid()); err != nil {
424440
return fmt.Errorf("unable to apply Intel RDT configuration: %w", err)

0 commit comments

Comments
 (0)