lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Jan 2018 07:50:29 -0800
From:   Tejun Heo <tj@...nel.org>
To:     Yafang Shao <laoar.shao@...il.com>
Cc:     guro@...com, davem@...emloft.net, longman@...hat.com,
        lizefan@...wei.com, hannes@...xchg.org, cgroups@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next] cgroup: support attaching eBPF programs to
 net_prio cgroup

On Thu, Jan 25, 2018 at 11:38:48PM +0800, Yafang Shao wrote:
> If net_prio is used, we could also use eBPF programs to attach it,
> because the net_prio cgroup could be got with prioidx in struct
> sock_cgroup_data.
> Hence it should not only be limited to cgroup2.

I really don't wanna do this.  This comes with all sorts of reverse
lookup and naming issues.  In addition, cgroup1 and 2 aren't mutually
exclusive.  If the use case is on cgroup1 and wants to use cgroup bpf
programs, just replicate the cgroup2 hierarchy for bpf.  Hierarchy
replication across different controllers is how most use cgroup1 after
all.  With recent versions of systemd which defaults to using cgroup2
for process management, you get the replication for free too.

Thanks.

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ