lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170824225857.ihxvcpgawb4fxda2@gmail.com>
Date:   Fri, 25 Aug 2017 00:58:58 +0200
From:   Christian Brauner <christian.brauner@...onical.com>
To:     Tejun Heo <tj@...nel.org>
Cc:     Waiman Long <longman@...hat.com>, Li Zefan <lizefan@...wei.com>,
        Johannes Weiner <hannes@...xchg.org>, cgroups@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Stéphane Graber <stgraber@...ntu.com>,
        Serge Hallyn <serge@...lyn.com>
Subject: Re: [PATCH] cpuset: Allow cpuset controller in default hierarchy

On Thu, Aug 24, 2017 at 08:02:22AM -0700, Tejun Heo wrote:
> Hello,
> 
> On Thu, Aug 24, 2017 at 10:56:21AM -0400, Waiman Long wrote:
> > The main reason for sending out this patch is to figure out what exactly
> > is in your mind before enabling cpuset in v2.
> > 
> > From my point of view, the exclusive setting makes cpuset behave more
> > like a resource domain that a resource allocated to one cgroup won't be
> > available for another cgroup. So we can argue it both ways whether it
> > violates the basic hierarchy rules or not.
> 
> It's not even siblings interfering with other siblings.  The resource
> knobs belong to the parent, right?  So, the only thing it's doing is
> restricting the parent itself from creating certain configurations,
> which can be argued to be a feature but it's a really weird policy
> enforcement implemented in kernel.
> 
> > I will be in the Plumbers Conference next month and we can talk more
> > about this. My goal is to make cgroup v2 ready for prime time hopefully
> > by the end of the year.

Hi,

I've been following this thread and the cpuset controller being enabled on
cgroup v2 is a really important step. As one of many container runtime
maintainers this is obviously a big step for us with a lot of impact. It'd be
really nice if we could have a little little discussion just to see what the
plan is like and what sort of features are going to expose to userspace. This is
all a very rapid development which is good. I'd just like to make sure to know
what we're in for. Sort of like what we did last year at Plumber but less
offical and without microphones and the overhead of having hundreds of people in
the room. :) Also it likely be way more relaxed given that a lot of the problems
dicussed back then seem to have been resolved.

CCing Serge and Stéphane. :)

Thanks!
Christian

> 
> Sure, the only thing I think we need for cpuset is cutting down the
> interface to the minimal set which provides all the features to
> userspace.
> 
> Thanks.
> 
> -- 
> tejun
> --
> To unsubscribe from this list: send the line "unsubscribe cgroups" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ