| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Feb 2021 19:24:55 +0100
From: Michal Koutný <mkoutny@...e.com>
To: Vipin Sharma <vipinsh@...gle.com>
Cc: tj@...nel.org, thomas.lendacky@....com, brijesh.singh@....com,
jon.grimm@....com, eric.vantassell@....com, pbonzini@...hat.com,
hannes@...xchg.org, frankja@...ux.ibm.com, borntraeger@...ibm.com,
corbet@....net, seanjc@...gle.com, vkuznets@...hat.com,
wanpengli@...cent.com, jmattson@...gle.com, joro@...tes.org,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com,
gingell@...gle.com, rientjes@...gle.com, dionnaglaze@...gle.com,
kvm@...r.kernel.org, x86@...nel.org, cgroups@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC 1/2] cgroup: sev: Add misc cgroup controller
On Thu, Feb 18, 2021 at 11:55:48AM -0800, Vipin Sharma <vipinsh@...gle.com> wrote:
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> [...]
> +#ifndef CONFIG_KVM_AMD_SEV
> +/*
> + * When this config is not defined, SEV feature is not supported and APIs in
> + * this file are not used but this file still gets compiled into the KVM AMD
> + * module.
I'm not familiar with the layout of KVM/SEV compile targets but wouldn't
it be simpler to exclude whole svm/sev.c when !CONFIG_KVM_AMD_SEV?
> +++ b/kernel/cgroup/misc.c
> [...]
> +/**
> + * misc_cg_set_capacity() - Set the capacity of the misc cgroup res.
> + * @type: Type of the misc res.
> + * @capacity: Supported capacity of the misc res on the host.
> + *
> + * If capacity is 0 then the charging a misc cgroup fails for that type.
> + *
> + * The caller must serialize invocations on the same resource.
> + *
> + * Context: Process context.
> + * Return:
> + * * %0 - Successfully registered the capacity.
> + * * %-EINVAL - If @type is invalid.
> + * * %-EBUSY - If current usage is more than the capacity.
When is this function supposed to be called? At boot only or is this
meant for some kind of hot unplug functionality too?
> +int misc_cg_try_charge(enum misc_res_type type, struct misc_cg **cg,
> + unsigned int amount)
> [...]
> + new_usage = atomic_add_return(amount, &res->usage);
> + if (new_usage > res->max ||
> + new_usage > misc_res_capacity[type]) {
> + ret = -EBUSY;
I'm not sure the user of this resource accounting will always be able to
interpret EBUSY returned from depths of the subsystem.
See what's done in pids controller in order to give some useful
information about why operation failed.
> + goto err_charge;
> + }
> +
> + // First one to charge gets a reference.
> + if (new_usage == amount)
> + css_get(&i->css);
1) Use the /* comment */ style.
2) You pin the whole path from task_cg up to root (on the first charge).
That's unnecessary since children reference their parents.
Also why do you get the reference only for the first charger? While it
may work, it seems too convoluted to me.
It'd be worth documenting what the caller can expect wrt to ref count of
the returned misc_cg.
Thanks,
Michal
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists