Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp1022603ybf; Thu, 27 Feb 2020 03:44:29 -0800 (PST) X-Google-Smtp-Source: APXvYqyy+fIrGjJsfIQnDnNSce66F3FseQkt+TrAts63PPZm1tumtU8DAoJuTErniAhWftvdXts0 X-Received: by 2002:a05:6830:1657:: with SMTP id h23mr2803926otr.299.1582803869313; Thu, 27 Feb 2020 03:44:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582803869; cv=none; d=google.com; s=arc-20160816; b=mA5UboLnE9l4EV97m/reLM3VeN/+b0l9O64y/xHBiKpXK9KQjASCJO7DFjgZJrecO0 tV3QfvwtMqdzG8qDkk3UaagL2z6mAJydkU1Eg5loh2BD+IqRuAT3jeoJIJ9aBYKcJnIJ 0xH6ehBd+WUvrayz6AHL8wph356vPUYLaFyJF3f3iE+CndbahA835xKzW8nDdYMua5mc qUsLFrrUdsSEEq3fPVaVCGvU2xC4n3/PQjQCsDXKKd8j9nkBr3bPkIElPSqJfygGoETO 9kaI6qvF6XKEbOyWo4iqC8sSG1pS3wrhYJl/VCoLIpGc6Sn/n4g7lNj0KUdwfMPKkeci VapQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=FFuG8suGcLshkVOTREreOKxYfNOQy2Z42CvJrNFYO08=; b=Fx2NUG/ypCLO9KA57Y3ijVVumclbUwbLtl8ypwU1xCkFnloNVgzrlTR3GpSPP4IaU/ q/hxI2xpzYMzRDGibbXpre+mkXyz8jbQWvNmN49ClyJcvcRtlcaG1StmQlxu60k1sfBV /rdcUAQELXkzXEVtoTB8Cb24ei3mKnFzdNJbXd/IihFRGtpOJOkV6IH4DXhCPNHR0Cpl P5+AoVi9Sk9TDsp04wQlyNko2gC2J+61A11OIvrThFn1pVryb95Brsk/VzdPn5IcKNyJ PEyMb1GcB8R4/CjLnx8OZlQDhAxTe45Fp2p0CKC3XoEAJtU8/HkePJJH3CoVf9sWDpLr /idA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w1si1016923oih.173.2020.02.27.03.44.16; Thu, 27 Feb 2020 03:44:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728904AbgB0LoH (ORCPT + 99 others); Thu, 27 Feb 2020 06:44:07 -0500 Received: from foss.arm.com ([217.140.110.172]:49044 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728865AbgB0LoH (ORCPT ); Thu, 27 Feb 2020 06:44:07 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7C7E61FB; Thu, 27 Feb 2020 03:44:06 -0800 (PST) Received: from e107158-lin.cambridge.arm.com (e107158-lin.cambridge.arm.com [10.1.195.21]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7D8323F73B; Thu, 27 Feb 2020 03:44:04 -0800 (PST) Date: Thu, 27 Feb 2020 11:44:02 +0000 From: Qais Yousef To: Parth Shah Cc: vincent.guittot@linaro.org, dietmar.eggemann@arm.com, chris.hyser@oracle.com, patrick.bellasi@matbug.net, valentin.schneider@arm.com, tim.c.chen@linux.intel.com, linux-kernel@vger.kernel.org, peterz@infradead.org, mingo@redhat.com, David.Laight@ACULAB.COM, pjt@google.com, pavel@ucw.cz, tj@kernel.org, dhaval.giani@oracle.com, qperret@google.com Subject: Re: [PATCH v4 4/4] sched/core: Add permission checks for setting the latency_nice value Message-ID: <20200227114401.uz5p2e7mcomzoo5k@e107158-lin.cambridge.arm.com> References: <20200224085918.16955-1-parth@linux.ibm.com> <20200224085918.16955-5-parth@linux.ibm.com> <20200224132905.32sdpbydnzypib47@e107158-lin.cambridge.arm.com> <9a4132f2-62cc-4132-1c6d-964ed679afc7@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <9a4132f2-62cc-4132-1c6d-964ed679afc7@linux.ibm.com> User-Agent: NeoMutt/20171215 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 02/25/20 12:17, Parth Shah wrote: > > > On 2/24/20 6:59 PM, Qais Yousef wrote: > > On 02/24/20 14:29, Parth Shah wrote: > >> Since the latency_nice uses the similar infrastructure as NICE, use the > >> already existing CAP_SYS_NICE security checks for the latency_nice. This > >> should return -EPERM for the non-root user when trying to set the task > >> latency_nice value to any lower than the current value. > >> > >> Signed-off-by: Parth Shah > > > > I'm not against this, so I'm okay if it goes in as is. > > > > But IMO the definition of this flag is system dependent and I think it's > > prudent to keep it an admin only configuration. > > > > It'd be hard to predict how normal application could use and depend on this > > feature in the future, which could tie our hand in terms of extending it. > > > > I am fine with this going in too. But just to lie down the fact on single > page and starting the discussion, here are the pros and cons for including > this permission checks: > > Pros: > ===== > - Having this permission checks will allow only root users to promote the > task, meaning lowering the latency_nice of the task. This is required in > case when the admin has increased the latency_nice value of a task and > non-root user can not lower it. > - In absence of this check, the non-root user can decrease the latency_nice > value against the admin configured value. > > Cons: > ===== > - This permission check prevents the non-root user to lower the value. This > is a problem when the user itself has increased the latency_nice value in > the past but fails to lower it again. > - After task fork, non-root user cannot lower the inherited child task's > latency_nice value, which might be a problem in the future for extending > this latency_nice ideas for different optimizations. Worth adding that if we start strict with root (or capable user) only, relaxing this to allow lowering the nice would still be possible in the future. But the opposite is not true, we can't reverse the users ability to lower its latency_nice value once we give it away. Beside thinking a bit more about it now. If high latency_nice value means cutting short the idle search for instance, does this prevent someone using a lower latency nice to be aggressive in some code path to get higher throughput? I think this lack of clarity is what makes me think it's better to start conservative and expand when needed. My 2p :) Cheers -- Qais Yousef