[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <YraNDoxU9IZaP3RV@mtj.duckdns.org>
Date: Sat, 25 Jun 2022 13:20:30 +0900
From: Tejun Heo <tj@...nel.org>
To: Michal Koutný <mkoutny@...e.com>
Cc: cgroups@...r.kernel.org, linux-kernel@...r.kernel.org,
Zefan Li <lizefan.x@...edance.com>,
Johannes Weiner <hannes@...xchg.org>,
Waiman Long <longman@...hat.com>
Subject: Re: [RFC PATCH] cpuset: Allow setscheduler regardless of manipulated
task
Hello,
On Thu, Jun 23, 2022 at 02:49:44PM +0200, Michal Koutný wrote:
> 1) The unified hierarchy attachment behavior -- is that the
> right/consented model that migrated objects don't matter?
Yes.
> 2) If 1) is true, have I missed any danger in allowing cpuset'ing a
> possibly privileged processes?
Given that the someone who has write perm on the cgroup or its
ancestors are allowed to change cpuset config itself, I have a hard
time imagining that check being all that useful as a security
mechanism.
> 2.2) cpuset may be in v2 mode even on v1 hierarchy with different
> migration control rules (but checking migratee's creds in v1
> eliminates effect of this patch).
Yeah, it should be fine to apply the change only to v2.
> 3) Alternative approach would be to allow cpuset migrations only when
> nothing effectively changes (which is the case for parent->child
> migration upon controller enablement).
>
> 4) This is just idea draft, not tested in the real case.
Unless I'm missing something obvious, I don't see a reason to keep the
check, so please feel free to test and send a SOB'd patch.
Thanks.
--
tejun
Powered by blists - more mailing lists