lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 9 Apr 2024 11:03:22 +0200
From: Michal Koutný <mkoutny@...e.com>
To: Haitao Huang <haitao.huang@...ux.intel.com>
Cc: "hpa@...or.com" <hpa@...or.com>, 
	"tim.c.chen@...ux.intel.com" <tim.c.chen@...ux.intel.com>, "linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>, 
	"x86@...nel.org" <x86@...nel.org>, "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, 
	"jarkko@...nel.org" <jarkko@...nel.org>, "cgroups@...r.kernel.org" <cgroups@...r.kernel.org>, 
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "tglx@...utronix.de" <tglx@...utronix.de>, 
	"Mehta, Sohil" <sohil.mehta@...el.com>, "tj@...nel.org" <tj@...nel.org>, 
	"mingo@...hat.com" <mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>, 
	"Huang, Kai" <kai.huang@...el.com>, "mikko.ylinen@...ux.intel.com" <mikko.ylinen@...ux.intel.com>, 
	"seanjc@...gle.com" <seanjc@...gle.com>, "anakrish@...rosoft.com" <anakrish@...rosoft.com>, 
	"Zhang, Bo" <zhanb@...rosoft.com>, "kristen@...ux.intel.com" <kristen@...ux.intel.com>, 
	"yangjie@...rosoft.com" <yangjie@...rosoft.com>, "Li, Zhiquan1" <zhiquan1.li@...el.com>, 
	"chrisyan@...rosoft.com" <chrisyan@...rosoft.com>
Subject: Re: Re: [PATCH v10 12/14] x86/sgx: Turn on per-cgroup EPC reclamation

On Mon, Apr 08, 2024 at 11:23:21PM -0500, Haitao Huang <haitao.huang@...ux.intel.com> wrote:
> It's always non-NULL based on testing.
> 
> It's hard for me to say definitely by reading the code. But IIUC
> cgroup_disable command-line only blocks operations in /sys/fs/cgroup so user
> space can't set up controllers and config limits, etc., for the diasabled
> ones. Each task->cgroups would still have a non-NULL pointer to the static
> root object for each cgroup that is enabled by KConfig, so
> get_current_misc_cg() thus  sgx_get_current_cg() should not return NULL
> regardless 'cgroup_disable=misc'.
> 
> Maybe @Michal or @tj can confirm?

The current implementation creates root css object (see cgroup_init(),
cgroup_ssid_enabled() check is after cgroup_init_subsys()).
I.e. it will look like all tasks are members of root cgroup wrt given
controller permanently and controller attribute files won't exist.

(It is up to the controller implementation to do further optimization
based on the boot-time disablement (e.g. see uses of
mem_cgroup_disabled()). Not sure if this is useful for misc controller.)

As for the WARN_ON(1), taking example from memcg -- NULL is best
synonymous with root. It's a judgement call which of the values to store
and when to intepret it.

HTH,
Michal

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ