| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201206173418.GC201514@google.com>
Date: Sun, 6 Dec 2020 12:34:18 -0500
From: Joel Fernandes <joel@...lfernandes.org>
To: Chris Hyser <chris.hyser@...cle.com>
Cc: Nishanth Aravamudan <naravamudan@...italocean.com>,
Julien Desfossez <jdesfossez@...italocean.com>,
Peter Zijlstra <peterz@...radead.org>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Vineeth Pillai <viremana@...ux.microsoft.com>,
Aaron Lu <aaron.lwe@...il.com>,
Aubrey Li <aubrey.intel@...il.com>, tglx@...utronix.de,
linux-kernel@...r.kernel.org, mingo@...nel.org,
torvalds@...ux-foundation.org, fweisbec@...il.com,
keescook@...omium.org, kerrnel@...gle.com,
Phil Auld <pauld@...hat.com>,
Valentin Schneider <valentin.schneider@....com>,
Mel Gorman <mgorman@...hsingularity.net>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Paolo Bonzini <pbonzini@...hat.com>, vineeth@...byteword.org,
Chen Yu <yu.c.chen@...el.com>,
Christian Brauner <christian.brauner@...ntu.com>,
Agata Gruza <agata.gruza@...el.com>,
Antonio Gomez Iglesias <antonio.gomez.iglesias@...el.com>,
graf@...zon.com, konrad.wilk@...cle.com, dfaggioli@...e.com,
pjt@...gle.com, rostedt@...dmis.org, derkling@...gle.com,
benbjiang@...cent.com,
Alexandre Chartre <alexandre.chartre@...cle.com>,
James.Bottomley@...senpartnership.com, OWeisse@...ch.edu,
Dhaval Giani <dhaval.giani@...cle.com>,
Junaid Shahid <junaids@...gle.com>, jsbarnes@...gle.com,
Ben Segall <bsegall@...gle.com>, Josh Don <joshdon@...gle.com>,
Hao Luo <haoluo@...gle.com>,
Tom Lendacky <thomas.lendacky@....com>,
Aubrey Li <aubrey.li@...ux.intel.com>,
"Paul E. McKenney" <paulmck@...nel.org>,
Tim Chen <tim.c.chen@...el.com>
Subject: Re: [PATCH -tip 23/32] sched: Add a per-thread core scheduling
interface
On Wed, Dec 02, 2020 at 04:47:17PM -0500, Chris Hyser wrote:
> On Tue, Nov 17, 2020 at 06:19:53PM -0500, Joel Fernandes (Google) wrote:
> > Add a per-thread core scheduling interface which allows a thread to share a
> > core with another thread, or have a core exclusively for itself.
> >
> > ChromeOS uses core-scheduling to securely enable hyperthreading. This cuts
> > down the keypress latency in Google docs from 150ms to 50ms while improving
> > the camera streaming frame rate by ~3%.
> >
>
> Inline is a patch for comment to extend this interface to make it more useful.
> This patch would still need to provide doc and selftests updates as well.
>
> -chrish
>
> ---8<-----------------------
[..]
> diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
> index 217b048..f8e4e96 100644
> --- a/include/uapi/linux/prctl.h
> +++ b/include/uapi/linux/prctl.h
> @@ -250,5 +250,8 @@ struct prctl_mm_map {
>
> /* Request the scheduler to share a core */
> #define PR_SCHED_CORE_SHARE 59
> +# define PR_SCHED_CORE_CLEAR 0 /* clear core_sched cookie of pid */
> +# define PR_SCHED_CORE_SHARE_FROM 1 /* get core_sched cookie from pid */
> +# define PR_SCHED_CORE_SHARE_TO 2 /* push core_sched cookie to pid */
>
> #endif /* _LINUX_PRCTL_H */
> diff --git a/kernel/sched/coretag.c b/kernel/sched/coretag.c
> index 800c0f8..14feac1 100644
> --- a/kernel/sched/coretag.c
> +++ b/kernel/sched/coretag.c
> @@ -9,6 +9,7 @@
> */
>
> #include "sched.h"
> +#include "linux/prctl.h"
>
> /*
> * Wrapper representing a complete cookie. The address of the cookie is used as
> @@ -456,40 +457,45 @@ int sched_core_share_tasks(struct task_struct *t1, struct task_struct *t2)
> }
>
> /* Called from prctl interface: PR_SCHED_CORE_SHARE */
> -int sched_core_share_pid(pid_t pid)
> +int sched_core_share_pid(unsigned long flags, pid_t pid)
> {
> + struct task_struct *dest;
> + struct task_struct *src;
> struct task_struct *task;
> int err;
>
> - if (pid == 0) { /* Recent current task's cookie. */
> - /* Resetting a cookie requires privileges. */
> - if (current->core_task_cookie)
> - if (!capable(CAP_SYS_ADMIN))
> - return -EPERM;
> - task = NULL;
> - } else {
> - rcu_read_lock();
> - task = pid ? find_task_by_vpid(pid) : current;
> - if (!task) {
> - rcu_read_unlock();
> - return -ESRCH;
> - }
> -
> - get_task_struct(task);
> -
> - /*
> - * Check if this process has the right to modify the specified
> - * process. Use the regular "ptrace_may_access()" checks.
> - */
> - if (!ptrace_may_access(task, PTRACE_MODE_READ_REALCREDS)) {
> - rcu_read_unlock();
> - err = -EPERM;
> - goto out;
> - }
> + rcu_read_lock();
> + task = find_task_by_vpid(pid);
> + if (!task) {
> rcu_read_unlock();
> + return -ESRCH;
> }
>
> - err = sched_core_share_tasks(current, task);
> + get_task_struct(task);
> +
> + /*
> + * Check if this process has the right to modify the specified
> + * process. Use the regular "ptrace_may_access()" checks.
> + */
> + if (!ptrace_may_access(task, PTRACE_MODE_READ_REALCREDS)) {
> + rcu_read_unlock();
> + err = -EPERM;
> + goto out;
> + }
> + rcu_read_unlock();
> +
> + if (flags == PR_SCHED_CORE_CLEAR) {
> + dest = task;
> + src = NULL;
> + } else if (flags == PR_SCHED_CORE_SHARE_TO) {
> + dest = task;
> + src = current;
> + } else if (flags == PR_SCHED_CORE_SHARE_FROM) {
> + dest = current;
> + src = task;
> + }
Looks ok to me except the missing else { } clause you found. Also, maybe
dest/src can be renamed to from/to to make meaning of variables more clear?
Also looking forward to the docs/test updates.
thanks!
- Joel
> +
> + err = sched_core_share_tasks(dest, src);
> out:
> if (task)
> put_task_struct(task);
> diff --git a/kernel/sched/debug.c b/kernel/sched/debug.c
> index cffdfab..50c31f3 100644
> --- a/kernel/sched/debug.c
> +++ b/kernel/sched/debug.c
> @@ -1030,6 +1030,7 @@ void proc_sched_show_task(struct task_struct *p, struct pid_namespace *ns,
>
> #ifdef CONFIG_SCHED_CORE
> __PS("core_cookie", p->core_cookie);
> + __PS("core_task_cookie", p->core_task_cookie);
> #endif
>
> sched_show_numa(p, m);
> diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h
> index b3b89bd..eafb399 100644
> --- a/kernel/sched/sched.h
> +++ b/kernel/sched/sched.h
> @@ -1202,7 +1202,7 @@ void sched_core_dequeue(struct rq *rq, struct task_struct *p);
> void sched_core_get(void);
> void sched_core_put(void);
>
> -int sched_core_share_pid(pid_t pid);
> +int sched_core_share_pid(unsigned long flags, pid_t pid);
> int sched_core_share_tasks(struct task_struct *t1, struct task_struct *t2);
>
> #ifdef CONFIG_CGROUP_SCHED
> diff --git a/kernel/sys.c b/kernel/sys.c
> index 61a3c98..da52a0d 100644
> --- a/kernel/sys.c
> +++ b/kernel/sys.c
> @@ -2530,9 +2530,13 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
>
> error = (current->flags & PR_IO_FLUSHER) == PR_IO_FLUSHER;
> break;
> +#ifdef CONFIG_SCHED_CORE
> case PR_SCHED_CORE_SHARE:
> - error = sched_core_share_pid(arg2);
> + if (arg4 || arg5)
> + return -EINVAL;
> + error = sched_core_share_pid(arg2, arg3);
> break;
> +#endif
> default:
> error = -EINVAL;
> break;
Powered by blists - more mailing lists