lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20211202174434.GB648659@lothringen>
Date:   Thu, 2 Dec 2021 18:44:34 +0100
From:   Frederic Weisbecker <frederic@...nel.org>
To:     Marcelo Tosatti <mtosatti@...hat.com>
Cc:     linux-kernel@...r.kernel.org, Nitesh Lal <nilal@...hat.com>,
        Nicolas Saenz Julienne <nsaenzju@...hat.com>,
        Christoph Lameter <cl@...ux.com>,
        Juri Lelli <juri.lelli@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Alex Belits <abelits@...its.com>, Peter Xu <peterx@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Daniel Bristot de Oliveira <bristot@...hat.com>
Subject: Re: [patch v7 02/10] add prctl task isolation prctl docs and samples

On Mon, Nov 29, 2021 at 12:19:24PM -0300, Marcelo Tosatti wrote:
> On Tue, Nov 23, 2021 at 03:37:26PM +0100, Frederic Weisbecker wrote:
> > On Fri, Nov 12, 2021 at 09:35:33AM -0300, Marcelo Tosatti wrote:
> > > +        - ``I_CFG_INHERIT``:
> > > +                Set inheritance configuration when a new task
> > > +                is created via fork and clone.
> > > +
> > > +                The ``(int *)arg4`` argument is a pointer to::
> > > +
> > > +                        struct task_isol_inherit_control {
> > > +                                __u8    inherit_mask;
> > > +                                __u8    pad[7];
> > > +                        };
> > > +
> > > +                inherit_mask is a bitmask that specifies which part
> > > +                of task isolation should be inherited:
> > > +
> > > +                - Bit ISOL_INHERIT_CONF: Inherit task isolation configuration.
> > > +                  This is the state written via prctl(PR_ISOL_CFG_SET, ...).
> > > +
> > > +                - Bit ISOL_INHERIT_ACTIVE: Inherit task isolation activation
> > > +                  (requires ISOL_INHERIT_CONF to be set). The new task
> > > +                  should behave, after fork/clone, in the same manner
> > > +                  as the parent task after it executed:
> > > +
> > > +                        prctl(PR_ISOL_ACTIVATE_SET, &mask, ...);
> > 
> > I'm confused, what is the purpose of ISOL_INHERIT_CONF?
> 
> When ISOL_INHERIT_CONF is set, task isolation configuration (everything
> configured through PR_ISOL_CFG_SET) is copied across fork/clone
> (but not activation) so one can:
> 
> 	1) configure task isolation (with chisol, for example).
> 	2) activate task isolation from the latency sensitive app:
> 
> +This is a snippet of code to activate task isolation if
> +it has been previously configured (by chisol for example)::
> +
> +        #include <sys/prctl.h>
> +        #include <linux/types.h>
> +
> +        #ifdef PR_ISOL_CFG_GET
> +        unsigned long long fmask;
> +
> +        ret = prctl(PR_ISOL_CFG_GET, I_CFG_FEAT, 0, &fmask, 0);
> +        if (ret != -1 && fmask != 0) {
> +                ret = prctl(PR_ISOL_ACTIVATE_SET, &fmask, 0, 0, 0);
> +                if (ret == -1) {
> +                        perror("prctl PR_ISOL_ACTIVATE_SET");
> +                        return ret;
> +                }
> +        }
> +        #endif
> 
> Regarding the 3 possible modes of operation and their relation 
> to ISOL_INHERIT_CONF / ISOL_INHERIT_ACTIVE:
> 
> +This results in three combinations:
> +
> +1. Both configuration and activation performed by the
> +latency sensitive application.
> +Allows fine grained control of what task isolation
> +features are enabled and when (see samples section below).
> 
> 	inherit_mask = 0
> 
> +2. Only activation can be performed by the latency sensitive app
> +(and configuration performed by chisol).
> +This allows the admin/user to control task isolation parameters,
> +and applications have to be modified only once.
> 
> 	inherit_mask = ISOL_INHERIT_CONF
> 
> +3. Configuration and activation performed by an external tool.
> +This allows unmodified applications to take advantage of
> +task isolation. Activation is performed by the "-a" option
> +of chisol.
> 
> 	inherit_mask = ISOL_INHERIT_ACTIVE
> 

Doh yes of course, I read it too fast but it was actually clear.

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ