lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170722134358.GB3329631@devbig577.frc2.facebook.com>
Date:   Sat, 22 Jul 2017 09:43:58 -0400
From:   Tejun Heo <tj@...nel.org>
To:     Waiman Long <longman@...hat.com>
Cc:     Li Zefan <lizefan@...wei.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>, cgroups@...r.kernel.org,
        linux-kernel@...r.kernel.org, kernel-team@...com, pjt@...gle.com,
        luto@...capital.net, efault@....de, torvalds@...ux-foundation.org,
        guro@...com
Subject: Re: [PATCH v2 1/4] cgroup: Child cgroup creation not allowed on
 invalid domain

Hello, Waiman.

On Fri, Jul 21, 2017 at 04:34:50PM -0400, Waiman Long wrote:
> When thread mode is used, it is possible that some cgroups may be
> in an invalid state. Currently users may not be aware that they are
> invalid until they try to migrate tasks over. This patch disallows
> child cgroup creation on invalid domain. This adds one more failure
> point in reminding users that they are dealing with invalid domains.
> It also minimizes the number of invalid domains outstanding as much
> as possible.

It's a bit inconsistent because we can reach the same forbidden state
by turning a sibling cgroup threaded.  Please consider the following.

     A
    / \
   B   C
        \
	 D

Let's say all are domains and we make B threaded.  A becomes the
threaded domain, C and D become invalid, which is the configuration
you're trying to prevent.  We can either enabling threaded on B too or
relax type modifications further so that people can make C threaded
which makes sense given that that would lead to a topology which has
to supported anyway (if C were threaded before D was created, it'd
look the same).

So, I'm leaning more towards relaxing restrictions and tightening it,
and given that we have to expose invalid state anyway, I think there's
actual benefit in doing so as it gives more flexibility while building
the hierarchy.

Thanks.

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ