lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 20 Jul 2018 18:25:00 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Tejun Heo <tj@...nel.org>
Cc:     Waiman Long <longman@...hat.com>, Li Zefan <lizefan@...wei.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Ingo Molnar <mingo@...hat.com>, cgroups@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
        kernel-team@...com, pjt@...gle.com, luto@...capital.net,
        Mike Galbraith <efault@....de>, torvalds@...ux-foundation.org,
        Roman Gushchin <guro@...com>,
        Juri Lelli <juri.lelli@...hat.com>,
        Patrick Bellasi <patrick.bellasi@....com>
Subject: Re: [PATCH v11 7/9] cpuset: Expose cpus.effective and mems.effective
 on cgroup v2 root

On Fri, Jul 20, 2018 at 08:56:13AM -0700, Tejun Heo wrote:
> Hello, Peter.
> 
> On Fri, Jul 20, 2018 at 05:44:54PM +0200, Peter Zijlstra wrote:
> > > The currently proposed implementation is somewhere in the middle.  It
> > > kinda gets there by restricting a partition to be a child of another
> > > partition, which may be okay but it does make the whole delegation
> > > mechanism less useful.
> > 
> > So the implementation does not set ownership of the 'partition' file to
> > that of the parent directory? Because _that_ is what I understood from
> > Waiman (many versions ago). And that _does_ allow delegation to work
> > nicely.
> 
> So, that part isn't the problem.  The problem is that if we allow
> partitioning nested further away from ancestor, the descendant would
> be able to take away reources from the removed ancestor.

If the partition file is owned by the parent, the descendant cannot take
away anything. It can only read the file, not actually write to it.

To be explicit, if we have:

	/.			(uid = root)
	/A/.			(uid = user1)
	/A/cpuset.partition	(uid = root)

so ./*/cpuset.partition is always owned by .

> Waiman avoids this problem by only allowing partitions to nest but
> then it's kinda weird cuz it's just a separate tree.

The only real constraint is that the parent must have exclusive
'ownership' of the CPUs. Being a partition mandates that to be so. There
is no other way to distinguish exclusive / shared CPUs.

But I don't see how any of this is related to delegation per se. It is a
prerequisite for creating nested partitions, which in turn is a
prerequisite for delegation of partitions.

> > > > > 2. take away any given cpu from ist subtree.

> > Still, the question was, how is this (dispicable or not) behaviour not
> > allowed by the current implementation?
> 
> I'm not quite sure what you're trying to ask.  Can you elaborate?

We can always offline the CPU, so how exactly can the ancestor not take
back it's CPU?

The parent can simply shrink it's cpuset.cpus, no? Then the child gets
to recompute its setup and it might find its sub-partition just became
smaller or empty -- just like hotplug.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ