| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <57a7d8c3-a911-4729-bc39-ba3a1d810990@huaweicloud.com> Date: Fri, 5 Dec 2025 10:52:28 +0800 From: Chen Ridong <chenridong@...weicloud.com> To: Andrei Vagin <avagin@...gle.com>, Kees Cook <kees@...nel.org> Cc: linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-mm@...ck.org, cgroups@...r.kernel.org, criu@...ts.linux.dev, Tejun Heo <tj@...nel.org>, Johannes Weiner <hannes@...xchg.org>, Michal Koutný <mkoutny@...e.com>, Vipin Sharma <vipinsh@...gle.com>, Jonathan Corbet <corbet@....net> Subject: Re: [PATCH 0/3] cgroup/misc: Add hwcap masks to the misc controller On 2025/12/5 8:58, Andrei Vagin wrote: > This patch series introduces a mechanism to mask hardware capabilities > (AT_HWCAP) reported to user-space processes via the misc cgroup > controller. > > To support C/R operations (snapshots, live migration) in heterogeneous > clusters, we must ensure that processes utilize CPU features available > on all potential target nodes. To solve this, we need to advertise a > common feature set across the cluster. This patchset allows users to > configure a mask for AT_HWCAP, AT_HWCAP2. This ensures that applications > within a container only detect and use features guaranteed to be > available on all potential target hosts. > Could you elaborate on how this mask mechanism would be used in practice? Based on my understanding of the implementation, the parent’s mask is effectively a subset of the child’s mask, meaning the parent does not impose any additional restrictions on its children. This behavior appears to differ from typical cgroup controllers, where children are further constrained by their parent’s settings. This raises the question: is the cgroup model an appropriate fit for this functionality? > The first patch adds the mask interface to the misc cgroup controller, > allowing users to set masks for AT_HWCAP, AT_HWCAP2... > > The second patch adds a selftest to verify the functionality of the new > interface, ensuring masks are applied and inherited correctly. > > The third patch updates the documentation. > > Cc: Kees Cook <kees@...nel.org> > Cc: Tejun Heo <tj@...nel.org> > Cc: Johannes Weiner <hannes@...xchg.org> > Cc: "Michal Koutný" <mkoutny@...e.com> > Cc: Vipin Sharma <vipinsh@...gle.com> > Cc: Jonathan Corbet <corbet@....net> > > Andrei Vagin (3): > cgroup, binfmt_elf: Add hwcap masks to the misc controller > selftests/cgroup: Add a test for the misc.mask cgroup interface > Documentation: cgroup-v2: Document misc.mask interface > > Documentation/admin-guide/cgroup-v2.rst | 25 ++++ > Documentation/arch/arm64/elf_hwcaps.rst | 21 ++++ > fs/binfmt_elf.c | 24 +++- > include/linux/misc_cgroup.h | 25 ++++ > kernel/cgroup/misc.c | 126 +++++++++++++++++++++ > tools/testing/selftests/cgroup/.gitignore | 1 + > tools/testing/selftests/cgroup/Makefile | 2 + > tools/testing/selftests/cgroup/config | 1 + > tools/testing/selftests/cgroup/test_misc.c | 114 +++++++++++++++++++ > 9 files changed, 335 insertions(+), 4 deletions(-) > create mode 100644 tools/testing/selftests/cgroup/test_misc.c -- Best regards, Ridong
Powered by blists - more mailing lists