Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp620223imm; Fri, 17 Aug 2018 03:59:15 -0700 (PDT) X-Google-Smtp-Source: AA+uWPww1LmFt9ZB0D6UnfUEE42C/u909OKkNmIFm2/3Y+9pfnVB55WDK9kQq2yg7Qi4gbKhqtjs X-Received: by 2002:a17:902:b08d:: with SMTP id p13-v6mr33855228plr.0.1534503555790; Fri, 17 Aug 2018 03:59:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534503555; cv=none; d=google.com; s=arc-20160816; b=FgMLrh2BlsLG7rsfoJPOCYVKhy5YQ8wvMAVyyIuH+YJ44mNdrjBGQytX/gTiCk39hw mjORbrEyPJCga7gEhOZEaVKrK2SWtW695K02/YN6UD6Iw8ewV/7bHU73S3re2V2YNaB2 wnIrpoAP07q71aCtt8g9+HRZr2xv51d4wlP6MKKFzNg5KA9dmpnBAgjHxwL/sjgkXzVT T1tJDefd9Y/z2fQcCCUnar4UP5EcgDgJsJfhYwD3RflODsP7RG6zIUcsoUnscvzdRF5Q s2mOj8h+zK4qutVv5pG8uHUejiYDeF96nqMIAzjONP1rEAQSpt5gMeQfTYmgWOBNL1CA kjJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=kcICV8jJ5OxKxYqHbL8aG0THreBaWDGFW4RX94+FfLU=; b=CWY7ePf1w8cCKmVUGwZ0stQYHyOW/LhLArf6O62rA6qXHp9OxVW1jBWjZrVneBiPRu K89Lz0PnIrpz84XptHVrLoPDdEel7Cpw2JH5vngKmrcanuKJ2C/sFoOvbALqg60JU8tK d6ILN377r2hbvkqk/zRyzgljfjC/c43sAtnTUIapf0oeDNCncsjqONY+kKcRL8cs9cHc SAhR6xiDEp5d3E8zQqHMOlzXGlpofuC9CQWLgJVtDijiYXdLqBOUNaygztGwWOHvYMai FABEWvc0jHcaeN7EX3qovsbgSJ7L7QfGXFhPX59C1THoDWTzEpSUDfSg2OqWIFh2sVd6 f1og== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p15-v6si2259567pll.42.2018.08.17.03.59.00; Fri, 17 Aug 2018 03:59:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726710AbeHQOAh (ORCPT + 99 others); Fri, 17 Aug 2018 10:00:37 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:45972 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725992AbeHQOAh (ORCPT ); Fri, 17 Aug 2018 10:00:37 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3C6877A9; Fri, 17 Aug 2018 03:57:37 -0700 (PDT) Received: from e110439-lin (e110439-lin.Emea.Arm.com [10.4.12.126]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6DFA93F5BD; Fri, 17 Aug 2018 03:57:34 -0700 (PDT) Date: Fri, 17 Aug 2018 11:57:31 +0100 From: Patrick Bellasi To: Quentin Perret Cc: Juri Lelli , linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, Ingo Molnar , Peter Zijlstra , Tejun Heo , "Rafael J . Wysocki" , Viresh Kumar , Vincent Guittot , Paul Turner , Dietmar Eggemann , Morten Rasmussen , Todd Kjos , Joel Fernandes , Steve Muckle , Suren Baghdasaryan Subject: Re: [PATCH v3 01/14] sched/core: uclamp: extend sched_setattr to support utilization clamping Message-ID: <20180817105731.GI2960@e110439-lin> References: <20180806163946.28380-1-patrick.bellasi@arm.com> <20180806163946.28380-2-patrick.bellasi@arm.com> <20180807123550.GA3062@localhost.localdomain> <20180809091427.4p2c4fbxocpkjaby@darkstar> <20180809095043.GC22465@localhost.localdomain> <20180809152313.lewfhufidhxb2qrk@darkstar> <20180817103406.gmve4clcxmhwlmtc@queper01-lin> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180817103406.gmve4clcxmhwlmtc@queper01-lin> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 17-Aug 11:34, Quentin Perret wrote: > Hi Patrick, > > On Thursday 09 Aug 2018 at 16:23:13 (+0100), Patrick Bellasi wrote: > > On 09-Aug 11:50, Juri Lelli wrote: > > > On 09/08/18 10:14, Patrick Bellasi wrote: > > > > On 07-Aug 14:35, Juri Lelli wrote: > > > > > On 06/08/18 17:39, Patrick Bellasi wrote: > > > > [...] > > > > > > 1) make CAP_SYS_NICE protected the clamp groups, with an optional boot > > > > time parameter to relax this check > > > > > > It seems to me that this might work well with that the intended usage of > > > the interface that you depict above. SMS only (or any privileged user) > > > will be in control of how groups are configured, so no problem for > > > normal users. > > > > Yes, well... apart normal users still getting a -ENOSPC is they are > > requesting one of the not pre-configured clamp values. Which is why > > the following bits can be helpful. > > So IIUC, normal users would still be free of choosing their clamp values > as long as they choose one in the list of pre-allocated ones ? Is that > correct ? No, with the CAP_SYS_NICE/ADMIN guard in place, as discussed above in point 1, the syscall will just fail for normal users. Only privileged tasks (i.e. SMS control threads) can change clamp values. > If yes, that would still let normal users make they tasks look bigger no ? > They could just choose the clamp group with the highest min_clamp or > something. Isn't this a problem too ? I mean, if that can be abused easily, > I'm pretty sure people _will_ abuse it ... It should not be possible with 1) in place. However, if the system is booted with that check disabled (e.g. via kernel boot parameter) that probably means you trust/control your userspace and don't want to impose restrictions on non privileged tasks. In this case "abuses" are just "acceptable usages"... -- #include Patrick Bellasi