pass cgroup2 mount options to the kernel

[chrishenzie]

When mounting the cgroup v2 filesystem, VFS options such as "nsdelegate" were previously ignored because the mount data argument was hardcoded to NULL in do_mount_cgroup_v2().

This commit updates do_mount_cgroup() and do_mount_cgroup_v2() to accept and pass the data parameter from process_single_mount(), ensuring that custom cgroup mount options are successfully propagated to the kernel.

A new test case has been added to verify this behavior by intentionally passing an invalid mount option and checking for the expected mount failure.

Assisted-by: gemini-cli

@samuelkarp @Divya063

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical bug where cgroup v2 mount options were not being propagated to the kernel, leading to ignored VFS options. By modifying the core cgroup mounting functions to correctly accept and pass the data parameter, custom mount options are now properly applied. This enhancement improves the flexibility and correctness of cgroup v2 usage, and its functionality is validated by a new, dedicated test case.

Highlights

• Cgroup Mount Options Propagation: The do_mount_cgroup_v2 and do_mount_cgroup functions were updated to accept a data parameter, ensuring that cgroup mount options are correctly passed to the kernel.
• Fix for Ignored VFS Options: This change resolves an issue where VFS options like 'nsdelegate' were previously ignored during cgroup v2 filesystem mounts due to a hardcoded NULL argument.
• New Test Case Added: A new test, test_cgroup_mount_options, was introduced to verify this behavior by intentionally passing an invalid mount option and asserting that the mount fails as expected.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• src/libcrun/linux.c
  • Updated do_mount_cgroup_v2 function signature to include a data parameter.
  • Modified calls to do_mount within do_mount_cgroup_v2 to pass the new data parameter.
  • Updated do_mount_cgroup function signature to include a data parameter.
  • Adjusted the call to do_mount_cgroup_v2 within do_mount_cgroup to pass the data parameter.
  • Modified the process_single_mount function to pass the data parameter to do_mount_cgroup.
• tests/test_cgroup_setup.py
  • Added a new test function test_cgroup_mount_options to verify cgroup mount option propagation.
  • Registered the new test in the all_tests dictionary for execution.

Activity

• The pull request was created by chrishenzie to address an issue with cgroup v2 mount options.
• The changes were assisted by gemini-cli.
• Reviewers @samuelkarp and @Divya063 were mentioned for their attention.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request addresses an issue where cgroup v2 mount options were being ignored. The changes correctly propagate the mount data from process_single_mount down to do_mount_cgroup_v2, ensuring that options like nsdelegate are passed to the kernel. The fix is implemented by adding a data parameter to do_mount_cgroup and do_mount_cgroup_v2. A new test case has been added, which validates the change by confirming that an invalid mount option now correctly results in a mount failure. The implementation appears correct and the test effectively verifies the intended behavior.

[packit-as-a-service]

Ephemeral COPR build failed. @containers/packit-build please check.

[packit-as-a-service]

TMT tests failed. @containers/packit-build please check.

[chrishenzie]

/packit retest-failed

[giuseppe]

restarted tests

LGTM

[giuseppe]

@kolyshkin are you fine with the last version?

[kolyshkin]

@giuseppe few more nits with the test code only, feel free to ignore (or address in a followup).

[chrishenzie]

Ty for feedback, I can address these before merging, will take a look tomorrow

[kolyshkin]

LGTM, thanks!