lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130422214159.GG12543@htj.dyndns.org>
Date:	Mon, 22 Apr 2013 14:41:59 -0700
From:	Tejun Heo <tj@...nel.org>
To:	Tim Hockin <thockin@...kin.org>
Cc:	Li Zefan <lizefan@...wei.com>,
	Containers <containers@...ts.linux-foundation.org>,
	Cgroups <cgroups@...r.kernel.org>, bsingharora@...il.com,
	dhaval.giani@...il.com, Kay Sievers <kay.sievers@...y.org>,
	jpoimboe@...hat.com, "Daniel P. Berrange" <berrange@...hat.com>,
	lpoetter@...hat.com, workman-devel@...hat.com,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: cgroup: status-quo and userland efforts

Hello, Tim.

On Mon, Apr 22, 2013 at 11:26:48PM +0200, Tim Hockin wrote:
> We absolutely depend on the ability to split cgroup hierarchies.  It
> pretty much saved our fleet from imploding, in a way that a unified
> hierarchy just could not do.  A mandated unified hierarchy is madness.
>  Please step away from the ledge.

You need to be a lot more specific about why unified hierarchy can't
be implemented.  The last time I asked around blk/memcg people in
google, while they said that they'll need different levels of
granularities for different controllers, google's use of cgroup
doesn't require multiple orthogonal classifications of the same group
of tasks.

Also, cgroup isn't dropping multiple hierarchy support over-night.
What has been working till now will continue to work for very long
time.  If there is no fundamental conflict with the future changes,
there should be enough time to migrate gradually as desired.

> More, going towards a unified hierarchy really limits what we can
> delegate, and that is the word of the day.  We've got a central
> authority agent running which manages cgroups, and we want out of this
> business.  At least, we want to be able to grant users a set of
> constraints, and then let them run wild within those constraints.
> Forcing all such work to go through a daemon has proven to be very
> problematic, and it has been great now that users can have DIY
> sub-cgroups.

Sorry, but that doesn't work properly now.  It gives you the illusion
of proper delegation but it's inherently dangerous.  If that sort of
illusion has been / is good enough for your setup, fine.  Delegate at
your own risks, but cgroup in itself doesn't support delegation to
lesser security domains and it won't in the foreseeable future.

> Strong disagreement, here.  We use split hierarchies to great effect.
> Containment should be composable.  If your users or abstractions can't
> handle it, please feel free to co-mount the universe, but please
> PLEASE don't force us to.
> 
> I'm happy to talk more about what we do and why.

Please do so.  Why do you need multiple orthogonal hierarchies?

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ