lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZGvHUjOCjwat91Gq@slm.duckdns.org>
Date:   Mon, 22 May 2023 09:49:38 -1000
From:   Tejun Heo <tj@...nel.org>
To:     Waiman Long <longman@...hat.com>
Cc:     Michal Koutný <mkoutny@...e.com>,
        Zefan Li <lizefan.x@...edance.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Jonathan Corbet <corbet@....net>,
        Shuah Khan <shuah@...nel.org>, linux-kernel@...r.kernel.org,
        cgroups@...r.kernel.org, linux-doc@...r.kernel.org,
        linux-kselftest@...r.kernel.org,
        Juri Lelli <juri.lelli@...hat.com>,
        Valentin Schneider <vschneid@...hat.com>,
        Frederic Weisbecker <frederic@...nel.org>,
        Mrunal Patel <mpatel@...hat.com>,
        Ryan Phillips <rphillips@...hat.com>,
        Brent Rowsell <browsell@...hat.com>,
        Peter Hunt <pehunt@...hat.com>, Phil Auld <pauld@...hat.com>
Subject: Re: [RFC PATCH 0/5] cgroup/cpuset: A new "isolcpus" paritition

Hello, Waiman.

On Sun, May 07, 2023 at 09:03:44PM -0400, Waiman Long wrote:
...
>   cpuset.cpus.reserve
>     A read-write multiple values file which exists only on root
>     cgroup.
> 
>     It lists all the CPUs that are reserved for adjacent and remote
>     partitions created in the system.  See the next section for
>     more information on what an adjacent or remote partitions is.
> 
>     Creation of adjacent partition does not require touching this
>     control file as CPU reservation will be done automatically.
>     In order to create a remote partition, the CPUs needed by the
>     remote partition has to be written to this file first.
> 
>     A "+" prefix can be used to indicate a list of additional
>     CPUs that are to be added without disturbing the CPUs that are
>     originally there.  For example, if its current value is "3-4",
>     echoing ""+5" to it will change it to "3-5".
>
>     Once a remote partition is destroyed, its CPUs have to be
>     removed from this file or no other process can use them.  A "-"
>     prefix can be used to remove a list of CPUs from it.  However,
>     removing CPUs that are currently used in existing partitions
>     may cause those partitions to become invalid.  A single "-"
>     character without any number can be used to indicate removal
>     of all the free CPUs not allocated to any partitions to avoid
>     accidental partition invalidation.

Why is the syntax different from .cpus? Wouldn't it be better to keep them
the same?

>   cpuset.cpus.partition
>     A read-write single value file which exists on non-root
>     cpuset-enabled cgroups.  This flag is owned by the parent cgroup
>     and is not delegatable.
> 
>     It accepts only the following input values when written to.
> 
>       ==========    =====================================
>       "member"    Non-root member of a partition
>       "root"    Partition root
>       "isolated"    Partition root without load balancing
>       ==========    =====================================
> 
>     A cpuset partition is a collection of cgroups with a partition
>     root at the top of the hierarchy and its descendants except
>     those that are separate partition roots themselves and their
>     descendants.  A partition has exclusive access to the set of
>     CPUs allocated to it.  Other cgroups outside of that partition
>     cannot use any CPUs in that set.
> 
>     There are two types of partitions - adjacent and remote.  The
>     parent of an adjacent partition must be a valid partition root.
>     Partition roots of adjacent partitions are all clustered around
>     the root cgroup.  Creation of adjacent partition is done by
>     writing the desired partition type into "cpuset.cpus.partition".
> 
>     A remote partition does not require a partition root parent.
>     So a remote partition can be formed far from the root cgroup.
>     However, its creation is a 2-step process.  The CPUs needed
>     by a remote partition ("cpuset.cpus" of the partition root)
>     has to be written into "cpuset.cpus.reserve" of the root
>     cgroup first.  After that, "isolated" can be written into
>     "cpuset.cpus.partition" of the partition root to form a remote
>     isolated partition which is the only supported remote partition
>     type for now.
> 
>     All remote partitions are terminal as adjacent partition cannot
>     be created underneath it.

Can you elaborate this extra restriction a bit further?

In general, I think it'd be really helpful if the document explains the
reasoning behind the design decisions. ie. Why is reserving for? What
purpose does it serve that the regular isolated ones cannot? That'd help
clarifying the design decisions.

Thanks.

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ