lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240117163511.88173-6-longman@redhat.com>
Date: Wed, 17 Jan 2024 11:35:08 -0500
From: Waiman Long <longman@...hat.com>
To: Tejun Heo <tj@...nel.org>,
	Zefan Li <lizefan.x@...edance.com>,
	Johannes Weiner <hannes@...xchg.org>,
	Frederic Weisbecker <frederic@...nel.org>,
	Jonathan Corbet <corbet@....net>,
	"Paul E. McKenney" <paulmck@...nel.org>,
	Neeraj Upadhyay <quic_neeraju@...cinc.com>,
	Joel Fernandes <joel@...lfernandes.org>,
	Josh Triplett <josh@...htriplett.org>,
	Boqun Feng <boqun.feng@...il.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	Lai Jiangshan <jiangshanlai@...il.com>,
	Zqiang <qiang.zhang1211@...il.com>,
	Davidlohr Bueso <dave@...olabs.net>,
	Shuah Khan <shuah@...nel.org>
Cc: cgroups@...r.kernel.org,
	linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	rcu@...r.kernel.org,
	linux-kselftest@...r.kernel.org,
	Mrunal Patel <mpatel@...hat.com>,
	Ryan Phillips <rphillips@...hat.com>,
	Brent Rowsell <browsell@...hat.com>,
	Peter Hunt <pehunt@...hat.com>,
	Cestmir Kalina <ckalina@...hat.com>,
	Nicolas Saenz Julienne <nsaenz@...nel.org>,
	Alex Gladkov <agladkov@...hat.com>,
	Marcelo Tosatti <mtosatti@...hat.com>,
	Phil Auld <pauld@...hat.com>,
	Paul Gortmaker <paul.gortmaker@...driver.com>,
	Daniel Bristot de Oliveira <bristot@...nel.org>,
	Juri Lelli <juri.lelli@...hat.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Costa Shulyupin <cshulyup@...hat.com>,
	Waiman Long <longman@...hat.com>
Subject: [RFC PATCH 5/8] cgroup/cpuset: Add cpuset.cpus.isolation_full

This patch adds a new root only cpuset.cpus.isolation_full control file
for enabling or disabling full CPU isolation mode where additional CPU
isolation methods available to be used by cpuset will be turned on or
off for all the isolated CPUs within isolated partitions.

On write, cpuset.cpus.isolation_full accepts any integer. A zero value
will disable full CPU isolation while a non-zero value will enable it.
On read, cpuset.cpus.isolation_full will return either "0" (disabled)
or "1" (enabled) followed by a comma separated list of additional
CPU isolation methods that are enabled. The list of these available
isolation methods will depend on kernel configuration options used as
well as the presence of some pre-conditions for some of them.

This patch only provides the infrastructure code. The various isolation
methods will be added later on.

Signed-off-by: Waiman Long <longman@...hat.com>
---
 kernel/cgroup/cpuset.c | 88 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 88 insertions(+)

diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
index 0479af76a5dc..d1d4ce213979 100644
--- a/kernel/cgroup/cpuset.c
+++ b/kernel/cgroup/cpuset.c
@@ -218,6 +218,30 @@ enum isolated_cpus_modifiers {
  */
 static cpumask_var_t	isolated_cpus;
 
+/*
+ * Enable full CPU isolation in isolated partitions, if set.
+ */
+static bool isolation_full;
+
+/*
+ * A flag indicating what cpuset full isolation modes can be enabled.
+ */
+static int isolation_flags;
+
+enum cpuset_isolation_types {
+	ISOL_TYPE_MAX,
+};
+
+static const char * const isolation_type_names[ISOL_TYPE_MAX] = {
+};
+
+/* Detect the cpuset isolation modes that can be enabled */
+static __init int set_isolation_flags(void)
+{
+	return 0;
+}
+late_initcall(set_isolation_flags);
+
 /* List of remote partition root children */
 static struct list_head remote_children;
 
@@ -1524,6 +1548,8 @@ static int partition_xcpus_del(int old_prs, struct cpuset *parent,
  * state and the whole isolated_cpus is passed. Repeated calls with the same
  * isolated_cpus will not cause further action other than a wasted mutex
  * lock/unlock.
+ *
+ * The other isolation modes will only be activated when isolation_full is set.
  */
 static int update_isolation_cpumasks(struct cpumask *mask, int modifier)
 {
@@ -1536,6 +1562,13 @@ static int update_isolation_cpumasks(struct cpumask *mask, int modifier)
 
 	err = workqueue_unbound_exclude_cpumask(isolated_cpus);
 	WARN_ON_ONCE(err);
+
+	if (!isolation_flags || !isolation_full)
+		return err;
+
+	if (WARN_ON_ONCE(cpumask_empty(mask)))
+		return -EINVAL;
+
 	return err;
 }
 
@@ -3514,6 +3547,7 @@ typedef enum {
 	FILE_EXCLUSIVE_CPULIST,
 	FILE_EFFECTIVE_XCPULIST,
 	FILE_ISOLATED_CPULIST,
+	FILE_ISOLATION_FULL,
 	FILE_CPU_EXCLUSIVE,
 	FILE_MEM_EXCLUSIVE,
 	FILE_MEM_HARDWALL,
@@ -3713,6 +3747,25 @@ static int cpuset_common_seq_show(struct seq_file *sf, void *v)
 	case FILE_ISOLATED_CPULIST:
 		seq_printf(sf, "%*pbl\n", cpumask_pr_args(isolated_cpus));
 		break;
+	case FILE_ISOLATION_FULL:
+		if (isolation_full) {
+			int i, cnt;
+
+			/* Also print the isolation modes that are enabled */
+			seq_puts(sf, "1");
+			for (i = cnt = 0; i < ISOL_TYPE_MAX; i++) {
+				if (!(isolation_flags & BIT(i)))
+					continue;
+
+				seq_printf(sf, "%c%s", cnt ? ',' : ' ',
+					   isolation_type_names[i]);
+				cnt++;
+			}
+			seq_puts(sf, "\n");
+		} else {
+			seq_puts(sf, "0\n");
+		}
+		break;
 	default:
 		ret = -EINVAL;
 	}
@@ -3833,6 +3886,33 @@ static ssize_t sched_partition_write(struct kernfs_open_file *of, char *buf,
 	return retval ?: nbytes;
 }
 
+/*
+ * cpuset_write_isolfull - enable/disable cpuset isolation full mode
+ */
+static int cpuset_write_isolfull(struct cgroup_subsys_state *css,
+				 struct cftype *cft, u64 val)
+{
+	struct cpuset *cs = css_cs(css);
+	int retval = 0;
+
+	cpus_read_lock();
+	mutex_lock(&cpuset_mutex);
+	if (!is_cpuset_online(cs)) {
+		retval = -ENODEV;
+	} else if (isolation_full != !!val) {
+		isolation_full = !!val;
+		if (!cpumask_empty(isolated_cpus)) {
+			int mod = isolation_full
+				  ? ISOL_CPUS_ADD : ISOL_CPUS_DELETE;
+
+			retval = update_isolation_cpumasks(isolated_cpus, mod);
+		}
+	}
+	mutex_unlock(&cpuset_mutex);
+	cpus_read_unlock();
+	return retval;
+}
+
 /*
  * for the common functions, 'private' gives the type of file
  */
@@ -4013,6 +4093,14 @@ static struct cftype dfl_files[] = {
 		.flags = CFTYPE_ONLY_ON_ROOT,
 	},
 
+	{
+		.name = "cpus.isolation_full",
+		.seq_show = cpuset_common_seq_show,
+		.write_u64 = cpuset_write_isolfull,
+		.private = FILE_ISOLATION_FULL,
+		.flags = CFTYPE_ONLY_ON_ROOT,
+	},
+
 	{ }	/* terminate */
 };
 
-- 
2.39.3


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ