| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAADnVQJGiH_yF=AoFSRy4zh20uneJgBfqGshubLM6aVq069Fhg@mail.gmail.com> Date: Thu, 30 Oct 2025 15:19:11 -0700 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Roman Gushchin <roman.gushchin@...ux.dev> Cc: Amery Hung <ameryhung@...il.com>, Song Liu <song@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>, Suren Baghdasaryan <surenb@...gle.com>, Michal Hocko <mhocko@...nel.org>, Shakeel Butt <shakeel.butt@...ux.dev>, Johannes Weiner <hannes@...xchg.org>, Andrii Nakryiko <andrii@...nel.org>, JP Kobryn <inwardvessel@...il.com>, linux-mm <linux-mm@...ck.org>, "open list:CONTROL GROUP (CGROUP)" <cgroups@...r.kernel.org>, bpf <bpf@...r.kernel.org>, Martin KaFai Lau <martin.lau@...nel.org>, Kumar Kartikeya Dwivedi <memxor@...il.com>, Tejun Heo <tj@...nel.org> Subject: bpf_st_ops and cgroups. Was: [PATCH v2 02/23] bpf: initial support for attaching struct ops to cgroups On Thu, Oct 30, 2025 at 12:06 PM Roman Gushchin <roman.gushchin@...ux.dev> wrote: > > Ok, let me summarize the options we discussed here: > > 1) Make the attachment details (e.g. cgroup_id) the part of struct ops > itself. The attachment is happening at the reg() time. > > +: It's convenient for complex stateful struct ops'es, because a > single entity represents a combination of code and data. > -: No way to attach a single struct ops to multiple entities. > > This approach is used by Tejun for per-cgroup sched_ext prototype. It's wrong. It should adopt bpf_struct_ops_link_create() approach and use attr->link_create.cgroup.relative_fd to attach. At that point scx can enforce that it attaches to one cgroup only if it simplifies things for sched-ext. That's fine. But api must be link based. Otherwise cgroup_id inside st_ops all the way from bpf prog will not be backward compatible if/when people would want to attach the same sched-ext to multiple cgroups. > 2) Make the attachment details a part of bpf_link creation. The > attachment is still happening at the reg() time. > > +: A single struct ops can be attached to multiple entities. > -: Implementing stateful struct ops'es is harder and requires passing > an additional argument (some sort of "self") to all callbacks. sched-ext is already suffering from lack of 'this'. The current workarounds with prog_assoc and aux__prog are not great. We should learn from that mistake instead of repeating it with bpf-oom. As far as 'this' I think we should pass 'struct bpf_struct_ops_link *' to all callbacks. This patch is proposing to have cougrp_id in there. It can be a pointer to cgroup too. This detail we can change later. We can brainstorm a way to pass 'link *' in run_ctx, and have an easy way to access it from ops and from kfuncs that ops will call. The existing tracing style bpf_set_run_ctx() should work for bpf-oom, and 'link *'->cgroup_id->cgrp->memcg will be there for ops and for kfuncs, but it doesn't quite work for sched-ext as-is that wants run_ctx to be different for sched-ext-s attached at different levels of hierarchy. Maybe additional bpf_set_run_ctx() while traversing hierarchy will do the trick? Then we might not even need aux_prog and kf_implicit_args that much. Though they may be useful on their own though. > I'm using this approach in the bpf oom proposal. > > 3) Move the attachment out of .reg() scope entirely. reg() will register > the implementation system-wide and then some 3rd-party interface > (e.g. cgroupfs) should be used to select the implementation. We went that road with ioctl-s and subsystem specific ways to attach. All of them sucked. link_create is the only acceptable approach because it returns FD.
Powered by blists - more mailing lists