| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 May 2015 18:44:39 +1000 From: Aleksa Sarai <cyphar@...har.com> To: Peter Zijlstra <peterz@...radead.org> Cc: Tejun Heo <tj@...nel.org>, lizefan@...wei.com, mingo@...hat.com, richard@....at, Frédéric Weisbecker <fweisbec@...il.com>, linux-kernel@...r.kernel.org, cgroups@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [PATCH v12 8/8] cgroup: implement the PIDs subsystem >> However, it should be noted that organisational operations (adding and >> removing tasks from a PIDs hierarchy) will *not* be prevented. > > This is how you spell: broken controller. This has been discussed before. Organisational operations (i.e. attaching to a cgroup) are not to be blocked by a cgroup controller in the unified hierarchy. You simply can't escape out of a parent cgroup's limit through attaching to a child cgroup (because you will attach either before the fork checks against the cgroup [in which case the child's limit is followed -- which means you also follow the parent's limit] or after it checks [which means you'll hit the parent's limit and won't be able to fork]). -- Aleksa Sarai (cyphar) www.cyphar.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists