lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 3 Dec 2020 16:20:22 -0800
From:   Josh Don <>
To:     Peter Zijlstra <>
Cc:     Joel Fernandes <>,
        Nishanth Aravamudan <>,
        Julien Desfossez <>,
        Tim Chen <>,
        Vineeth Pillai <>,
        Aaron Lu <>,
        Aubrey Li <>,
        Thomas Gleixner <>,
        linux-kernel <>,,,,
        Kees Cook <>,
        Greg Kerr <>, Phil Auld <>,
        Valentin Schneider <>,
        Mel Gorman <>,
        Pawan Gupta <>,
        Paolo Bonzini <>,,
        Chen Yu <>,
        Christian Brauner <>,
        Agata Gruza <>,
        Antonio Gomez Iglesias <>,,,,
        Paul Turner <>,
        Steven Rostedt <>,
        Patrick Bellasi <>,,
        Alexandre Chartre <>,,,
        Dhaval Giani <>,
        Junaid Shahid <>,
        Jesse Barnes <>,,
        Ben Segall <>, Hao Luo <>,
        Tom Lendacky <>,
        Aubrey Li <>,
        "Paul E. McKenney" <>,
        Tim Chen <>,
        Oleg Rombakh <>
Subject: Re: [PATCH -tip 22/32] sched: Split the cookie and setup per-task
 cookie on fork

On Tue, Dec 1, 2020 at 11:55 PM Peter Zijlstra <> wrote:
> Then disallow sharing a task cookie when the tasks are in different
> cgroups or disallow cgroup movement when they share a cookie.

Yes, we could restrict task cookie sharing to tasks that are in the
same cgroup. Then the cookie easily just becomes a single value;
either the task cookie or group cookie.

The advantage of the approach with the cookie struct is that it is
easily extensible, and allows for trust models that don't conform
exactly to the cgroup hierarchy (ie. our discussion on cookie color).
The overhead of the approach seems tolerable, given that updates to a
task's cookie are not in fast paths (ie. prctl, setting cgroup cookie,
sched_move_task).  Are you more concerned with the added complexity of
maintaining the RB tree, refcounts, etc?

Powered by blists - more mailing lists