| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20090109153417.ee79e86d.nishimura@mxp.nes.nec.co.jp>
Date: Fri, 9 Jan 2009 15:34:17 +0900
From: Daisuke Nishimura <nishimura@....nes.nec.co.jp>
To: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
Cc: nishimura@....nes.nec.co.jp,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"menage@...gle.com" <menage@...gle.com>,
"lizf@...fujitsu.com" <lizf@...fujitsu.com>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>
Subject: Re: [RFC][PATCH] NOOP cgroup subsystem
On Fri, 9 Jan 2009 14:32:26 +0900, KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com> wrote:
> How about this idea ? Any comments are welcome.
>
I like this :)
It would be very usefull to define a hierarchy just for grouping processes.
Thanks,
Daisuke Nishimura.
> -Kame
>
> ==
> From: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
>
> Add an NO OPERATION cgroup subsystem.
>
> Cgroup itself is providing a feature to attach a task(PID) to some class.
> This feature itself is very useful but "no operation" cgroup is not supported
> now other than debug cgroup. (But debug cgroup should be for DEBUG. distro
> may not configure it.)
>
> Motivation: Simply classify Applications by cgroup
> When using cgroup for classifying applications, some kind of "control" or
> "account" subsys must be used. For flexible use of cgroup's nature of
> classifying applications, NOOP is useful. It can be used regardless of
> resource accounting unit or name spaces or some controls.
> IOW, NOOP cgroup allows users to tie PIDs with some nickname.
>
> After this, application can be checked whether it's still alive or not by
>
> mount -t cgroup none /var/apps noop
> mkdir /var/apps/mydaemon
> echo 0 > /var/apps/mydaemon
> /etc/init.d/mydaemon start
> exit
>
> This can be used as the same technique of "recording pid into /var/run/xxx.pid"
> and not necessary to remove stale files. If mydaemon dies, tasks file will
> be empty and notify_on_release handler can be used.
>
> I myself want to use this for replacement of "ps -elf | grep" if libcgroup supports
> ps under cgroup.
>
> Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
> ---
> include/linux/cgroup_subsys.h | 4 ++++
> init/Kconfig | 9 +++++++++
> kernel/Makefile | 1 +
> kernel/cgroup_noop.c | 34 ++++++++++++++++++++++++++++++++++
> 4 files changed, 48 insertions(+)
>
> Index: mmotm-2.6.28-Jan8/include/linux/cgroup_subsys.h
> ===================================================================
> --- mmotm-2.6.28-Jan8.orig/include/linux/cgroup_subsys.h
> +++ mmotm-2.6.28-Jan8/include/linux/cgroup_subsys.h
> @@ -59,4 +59,8 @@ SUBSYS(freezer)
> SUBSYS(net_cls)
> #endif
>
> +#ifdef CONFIG_CGROUP_NOOP
> +SUBSYS(noop)
> +#endif
> +
> /* */
> Index: mmotm-2.6.28-Jan8/kernel/Makefile
> ===================================================================
> --- mmotm-2.6.28-Jan8.orig/kernel/Makefile
> +++ mmotm-2.6.28-Jan8/kernel/Makefile
> @@ -61,6 +61,7 @@ obj-$(CONFIG_CGROUP_DEBUG) += cgroup_deb
> obj-$(CONFIG_CGROUP_FREEZER) += cgroup_freezer.o
> obj-$(CONFIG_CPUSETS) += cpuset.o
> obj-$(CONFIG_CGROUP_NS) += ns_cgroup.o
> +obj-$(CONFIG_CGROUP_NOOP) += cgroup_noop.o
> obj-$(CONFIG_UTS_NS) += utsname.o
> obj-$(CONFIG_USER_NS) += user_namespace.o
> obj-$(CONFIG_PID_NS) += pid_namespace.o
> Index: mmotm-2.6.28-Jan8/kernel/cgroup_noop.c
> ===================================================================
> --- /dev/null
> +++ mmotm-2.6.28-Jan8/kernel/cgroup_noop.c
> @@ -0,0 +1,34 @@
> +/*
> + * kernel/cgroup_noop.c - No Operation Cgroup. Just for organizing process tree
> + */
> +
> +#include <linux/cgroup.h>
> +#include <linux/fs.h>
> +#include <linux/slab.h>
> +#include <linux/rcupdate.h>
> +
> +#include <asm/atomic.h>
> +
> +static struct cgroup_subsys_state *noop_create(struct cgroup_subsys *ss,
> + struct cgroup *cont)
> +{
> + struct cgroup_subsys_state *css = kzalloc(sizeof(*css), GFP_KERNEL);
> +
> + if (!css)
> + return ERR_PTR(-ENOMEM);
> +
> + return css;
> +}
> +
> +static void noop_destroy(struct cgroup_subsys *ss, struct cgroup *cont)
> +{
> + kfree(cont->subsys[noop_subsys_id]);
> +}
> +
> +
> +struct cgroup_subsys noop_subsys = {
> + .name = "noop",
> + .subsys_id = noop_subsys_id,
> + .create = noop_create,
> + .destroy = noop_destroy,
> +};
> Index: mmotm-2.6.28-Jan8/init/Kconfig
> ===================================================================
> --- mmotm-2.6.28-Jan8.orig/init/Kconfig
> +++ mmotm-2.6.28-Jan8/init/Kconfig
> @@ -354,6 +354,15 @@ config CGROUP_DEBUG
>
> Say N if unsure
>
> +config CGROUP_NOOP
> + bool "No Operation cgroup subsystem"
> + depends on CGROUPS
> + help
> + This provides cgroup subsystem which has no special features. By
> + this, you can classify applications freely. That is, you can
> + classify applications regardless of accounting or control contexts
> + of the system.
> +
> config CGROUP_NS
> bool "Namespace cgroup subsystem"
> depends on CGROUPS
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists