| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 Nov 2015 17:46:57 +0100 From: Michal Hocko <mhocko@...nel.org> To: Johannes Weiner <hannes@...xchg.org> Cc: David Miller <davem@...emloft.net>, akpm@...ux-foundation.org, vdavydov@...tuozzo.com, tj@...nel.org, netdev@...r.kernel.org, linux-mm@...ck.org, cgroups@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 5/8] mm: memcontrol: account socket memory on unified hierarchy On Fri 06-11-15 11:19:53, Johannes Weiner wrote: > On Fri, Nov 06, 2015 at 11:57:24AM +0100, Michal Hocko wrote: > > On Thu 05-11-15 17:52:00, Johannes Weiner wrote: > > > On Thu, Nov 05, 2015 at 03:55:22PM -0500, Johannes Weiner wrote: > > > > On Thu, Nov 05, 2015 at 03:40:02PM +0100, Michal Hocko wrote: > > > > > This would be true if they moved on to the new cgroup API intentionally. > > > > > The reality is more complicated though. AFAIK sysmted is waiting for > > > > > cgroup2 already and privileged services enable all available resource > > > > > controllers by default as I've learned just recently. > > > > > > > > Have you filed a report with them? I don't think they should turn them > > > > on unless users explicitely configure resource control for the unit. > > > > > > Okay, verified with systemd people that they're not planning on > > > enabling resource control per default. > > > > > > Inflammatory half-truths, man. This is not constructive. > > > > What about Delegate=yes feature then? We have just been burnt by this > > quite heavily. AFAIU nspawn@...rvice and nspawn@...rvice have this > > enabled by default > > http://lists.freedesktop.org/archives/systemd-commits/2014-November/007400.html > > That's when you launch a *container* and want it to be able to use > nested resource control. Ups. copy&paste error here. The second one was user@...rvice. So it is not only about containers AFAIU but all user defined sessions. > We're talking about actual container users here. It's not turning on > resource control for all "privileged services", which is what we were > worried about here. Can you at least admit that when you yourself link > to the refuting evidence? My bad, that was misundestanding of the changelog. > And if you've been "burnt quite heavily" by this, where is your bug > report to stop other users from getting "burnt quite heavily" as well? The bug report is still internal because it is tracking an unrelased product. We have ended up reverting Delegate feature. Our systemd developers are supposed to bring this up with the upstream. The basic problem was that the Delegate feature has been backported to our systemd package without further consideration and that has invalidated a lot of performance testing because some resource controllers have measurable effects on those benchmarks. > All I read here is vague inflammatory language to spread FUD. I was merely pointing out that memory controller might be enabled without _user_ actually even noticing because the controller wasn't enabled explicitly. I haven't blamed anybody for that. > You might think sending these emails is helpful, but it really > isn't. Not only is it not contributing code, insights, or solutions, > you're now actively sabotaging someone else's effort to build something. Come on! Are you even serious? -- Michal Hocko SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists