Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2447219ybv;
        Mon, 24 Feb 2020 05:29:43 -0800 (PST)
X-Google-Smtp-Source: APXvYqyx6n7rI2H6HSTxyd5vUdrtWofNm+1Cx5inNSgDdQNFVua0HhNQIWYpY/pafzh89EzovDCn
X-Received: by 2002:aca:220c:: with SMTP id b12mr12032098oic.55.1582550983248;
        Mon, 24 Feb 2020 05:29:43 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1582550983; cv=none;
        d=google.com; s=arc-20160816;
        b=W0v6+X3eRoSvC301g4RPJe1oH+MsweyjrxvIrPSOkoM1pqCNHi5fcZPHsZ1zpBmxeH
         boQdnYN2LpLo09LtTjD6GjwBghdiXwvLXbCw6EaMIkfMbkCwb4qvuJfaLCgCLKtBvfJQ
         ZnGsPZxE3gLpRQ7SyTFLgBItbGDm2STO6RceyFoRZq5FjaD5K0h1JuLJOcDH/com+yvF
         BROQNOv/AhfQsrSvu2hN0Cay11YxPxN2G9PlmwaMDg/mkFKSGmfu7gnr5R6Jfw1c9jsh
         aWhY6ojno4MjR0eAOboxSmt5U6eJgeqLQxQWfPs92Vs0+nWD5JwJapD2Q0HCtoBhmeQY
         ghvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=Bj2BDdAq0te1AWE14DfDL5Wuf2F1E8F9nG59Noqxlbc=;
        b=aRtS2T+zZvyYMHOWppMMZIjkr3HF6nWurAklpbfxYamdVB6b7D0MhJJbumZxhxp+XT
         NBys27GbEgKna5kVEq8WOYqJRQmBSkhjSHooUPPOXIFjS9MqCifUnquAr585wwKkiGaH
         TevWoMRevD5LcEndkIeTBTtgF5GLPXwtla1xvZT33dS6m2whZc7Q3wzgTOwgSdsdDDFU
         JvemuRpzWFF0GWCy5v8gNh+De98yydMa8ZWK4L9/m9qKItSVlUoueJA+BsMulZkM248E
         1P3w81+fMVZj3MySKZafPJ0I4VIjwN/DSNEmtnV1DVgHqoMpCgLWNhlKeFdvcy1rSa1e
         UVjg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k202si4645100oih.244.2020.02.24.05.29.31;
        Mon, 24 Feb 2020 05:29:43 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727501AbgBXN3L (ORCPT <rfc822;zhangckid@gmail.com> + 99 others);
        Mon, 24 Feb 2020 08:29:11 -0500
Received: from foss.arm.com ([217.140.110.172]:37080 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726308AbgBXN3L (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 24 Feb 2020 08:29:11 -0500
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 91D0130E;
        Mon, 24 Feb 2020 05:29:10 -0800 (PST)
Received: from e107158-lin.cambridge.arm.com (e107158-lin.cambridge.arm.com [10.1.195.21])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 96B973F534;
        Mon, 24 Feb 2020 05:29:08 -0800 (PST)
Date:   Mon, 24 Feb 2020 13:29:06 +0000
From:   Qais Yousef <qais.yousef@arm.com>
To:     Parth Shah <parth@linux.ibm.com>
Cc:     linux-kernel@vger.kernel.org, peterz@infradead.org,
        mingo@redhat.com, vincent.guittot@linaro.org,
        dietmar.eggemann@arm.com, chris.hyser@oracle.com,
        patrick.bellasi@matbug.net, valentin.schneider@arm.com,
        David.Laight@ACULAB.COM, pjt@google.com, pavel@ucw.cz,
        tj@kernel.org, dhaval.giani@oracle.com, qperret@google.com,
        tim.c.chen@linux.intel.com
Subject: Re: [PATCH v4 4/4] sched/core: Add permission checks for setting the
 latency_nice value
Message-ID: <20200224132905.32sdpbydnzypib47@e107158-lin.cambridge.arm.com>
References: <20200224085918.16955-1-parth@linux.ibm.com>
 <20200224085918.16955-5-parth@linux.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20200224085918.16955-5-parth@linux.ibm.com>
User-Agent: NeoMutt/20171215
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 02/24/20 14:29, Parth Shah wrote:
> Since the latency_nice uses the similar infrastructure as NICE, use the
> already existing CAP_SYS_NICE security checks for the latency_nice. This
> should return -EPERM for the non-root user when trying to set the task
> latency_nice value to any lower than the current value.
> 
> Signed-off-by: Parth Shah <parth@linux.ibm.com>

I'm not against this, so I'm okay if it goes in as is.

But IMO the definition of this flag is system dependent and I think it's
prudent to keep it an admin only configuration.

It'd be hard to predict how normal application could use and depend on this
feature in the future, which could tie our hand in terms of extending it.

I can't argue hard about this though. But I do feel going further and have
a sched_feature() for each optimization that uses this flag could be necessary
too.

Thanks

--
Qais Yousef

> ---
>  kernel/sched/core.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index e1dc536d4ca3..f883e1d3cd10 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -4887,6 +4887,10 @@ static int __sched_setscheduler(struct task_struct *p,
>  			return -EINVAL;
>  		if (attr->sched_latency_nice < MIN_LATENCY_NICE)
>  			return -EINVAL;
> +		/* Use the same security checks as NICE */
> +		if (attr->sched_latency_nice < p->latency_nice &&
> +		    !can_nice(p, attr->sched_latency_nice))
> +			return -EPERM;
>  	}
>  
>  	if (pi)
> -- 
> 2.17.2
>