lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1365808259-31073-1-git-send-email-tj@kernel.org>
Date:	Fri, 12 Apr 2013 16:10:55 -0700
From:	Tejun Heo <tj@...nel.org>
To:	lizefan@...wei.com
Cc:	containers@...ts.linux-foundation.org, cgroups@...r.kernel.org,
	mhocko@...e.cz, kamezawa.hiroyu@...fujitsu.com,
	linux-kernel@...r.kernel.org, glommer@...allels.com,
	vgoyal@...hat.com
Subject: [PATCHSET] cgroup, memcg: introduce sane_behavior mount option

It's a sad fact that at this point various cgroup controllers are
carrying so many idiosyncrasies and pure insanities that it simply
isn't possible to reach any sort of sane consistent behavior while
staying compatible with what already has been exposed to userland.

To make progress, those behaviors need to go but we can't simply drop
or change the crazies as those are directly visible to userland.  This
patchset implements a mount option - sane_behavior - which turns on
new saner behaviors, so that we can keep providing the old behaviors
while and after transitioning to saner ones.

As the behaviors which should be changed are still being determined
and then implemented, __DEVEL__ prefix is added to the mount option
and it triggers a warning message when used.

The mount option changes the following behaviors after this patchset.

* Mount options "noprefix" and "clone_children" are disallowed.  Also,
  cgroupfs file cgroup.clone_children is not created.

* When mounting an existing superblock, mount options should match.
  This is currently pretty crazy.  If one mounts a cgroup, creates a
  subdirectory, unmounts it and then mount it again with different
  option, it looks like the new options are applied but they aren't.

* Remount is disallowed.

* memcg: .use_hierarchy is forced on and the cgroupfs file is not
  created.

and there are a lot more to come.  Basically, when turned on, all
controllers should be ready to be mounted in the same hierarchy and
not get in the way unless specifically configured - making blk-throtl
hierarchical would need this to flip the meaning of limits, cpuset to
allow tasks to run by default in new cgroups and handle empty cpusets
in a way friendly to being co-mounted, and so on.

This patchset contains the following four patches.

 0001-cgroup-convert-cgroupfs_root-flag-bits-to-masks-and-.patch
 0002-move-cgroupfs_root-to-include-linux-cgroup.h.patch
 0003-cgroup-introduce-sane_behavior-mount-option.patch
 0004-memcg-force-use_hierarchy-if-sane_behavior.patch

0001-0002 are prep patches.  It exposes cgroupfs_root in cgroup.h so
that flags can be tested with inline helpers.

0003 introduces sane_behavior mount option and implements behavior
changes in cgroup core proper.

0004 makes memcg .use_hierarchy changes.

The memcg patch doesn't conflict with memcg changes in -next, so it
can be routed through the cgroup tree.  Michal, how do you wanna route
it?

This patchset is based on top of cgroup/for-3.10 and also available in
the following git branch.

 git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git review-cgroup-sane_behavior

Thanks.

 include/linux/cgroup.h |  103 +++++++++++++++++++++++++++++++++++++++++
 kernel/cgroup.c        |  121 ++++++++++++++++++++++---------------------------
 mm/memcontrol.c        |   13 +++++
 3 files changed, 172 insertions(+), 65 deletions(-)

--
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ