| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Aug 2021 19:59:43 +0200
From: Michal Koutný <mkoutny@...e.com>
To: Waiman Long <llong@...hat.com>
Cc: Tejun Heo <tj@...nel.org>, Zefan Li <lizefan.x@...edance.com>,
Johannes Weiner <hannes@...xchg.org>,
Jonathan Corbet <corbet@....net>,
Shuah Khan <shuah@...nel.org>, cgroups@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kselftest@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Roman Gushchin <guro@...com>, Phil Auld <pauld@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Juri Lelli <juri.lelli@...hat.com>,
Frederic Weisbecker <frederic@...nel.org>,
Marcelo Tosatti <mtosatti@...hat.com>
Subject: Re: [PATCH v7 5/6] cgroup/cpuset: Update description of
cpuset.cpus.partition in cgroup-v2.rst
Hello.
On Fri, Aug 27, 2021 at 06:50:10PM -0400, Waiman Long <llong@...hat.com> wrote:
> So the new rules will be:
When I followed the thread, it seemed to me you're talking past each
other a bit. I'd suggest the following terminology:
- config space: what's written by the user and saved,
- reality space: what's currently available (primarily subject to
on-/offlinng but I think it'd be helpful to consider here also what's
given by the parent),
- effect space: what's actually possible and happening.
Not all elements of config_space x reality_space (Cartesian product) can
be represented in the effect_space (e.g. root partition with no
(effective) cpus).
IIUC, Waiman's "high bar" is supposed to be defined over transitions in
the config_space. However, there can be independent changes in the
reality_space so the rules should be actually formulated in the
effect_space:
The conditions for being a valid partition root rewritten into the effect
space:
> 1) The "cpuset.cpus" is not empty and the list of CPUs are exclusive.
- effective CPUs are non-empty and exclusive wrt siblings
- (E.g. setting empty cpuset.cpus might be possible but it invalidates
the partition root, same as offlining or removal by an ancestor.)
> 2) The parent cgroup is a partition root (can be an invalid one).
- parent cgroup is a (valid) partition
- (Being valid partition means owning "stolen" cpus from the parent, if
the parent is not valid partition itself, you can't steal what is not
owned.)
- (And I think it's OK that: "the child partitions will stay invalid
forever unless the parent become a valid partition again" [1].)
> 3) The "cpuset.cpus" is a subset of the parent's cpuset.cpus.allowed.
- I'm not sure what is the use of this condition (together with the
rewrite of the 1st condition which covers effective cpus). I think it
would make sense if being a valid parition root guaranteed that all
configured cpuset.cpus will be available, however, that's not the case
IIUC (e.g. due to offlining).
> 4) No child cgroup with cpuset enabled.
- A child cgroup with cpuset enabled is OK in the effect space
(achievable by switching first and creating children later).
- For technical reasons this may be a condition on the transitions in
the config_space.
Generally, most config changes should succeed and user should check (or
watch) how they landed in combination with the reality_space.
Regards,
Michal
[1] This follows the general model where ancestors can "preempt"
resources from their subtree.
Powered by blists - more mailing lists