Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp6328759rwl; Tue, 4 Apr 2023 10:54:15 -0700 (PDT) X-Google-Smtp-Source: AKy350Yg8mAX4ILI3DbJ6e3g5G2TMKiPwYVXQKxOkuCgX07C9WgHGW5dtS7092xk+a5QvtmSpHsF X-Received: by 2002:a05:6a20:3b02:b0:da:501:55e with SMTP id c2-20020a056a203b0200b000da0501055emr2993424pzh.40.1680630855711; Tue, 04 Apr 2023 10:54:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680630855; cv=none; d=google.com; s=arc-20160816; b=rW50QyNTzWaRZ17J8E5FOBhWz8efQyn+z4WXiIlHq4IjEdCLbrCfShWsLcUWyxiqKO yK0kwbhau0XyCyrIH4goQkaehCXl3X1li9MN89ebVhlIdT3sGR/2GEWxVHWNDFxgkaJm MLwi1cgSwycOfjFZDHz3CKVKi9P6dk+1WlVnGX2WKZ8Vuw33PutdyXpk7cCXxw4SPkxF dRD6nFt2WLJDP9AyTqXwMyn8hUQBV3j/OTvUujdwaAIGZ+GXC9BLZHxaf0uZE85DvvRv zMocRNIFrWefCdbzLPVtxIjE5JeXzEUKM3380cO4ytS/hN1eXh/kvuJeR273akCgf3BU M7hQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:references :cc:to:from:content-language:subject:user-agent:mime-version:date :message-id:dkim-signature; bh=+zbXb6Euw4EpIZ9qJHPVIzO46HN/te+bwrGro+cOrx4=; b=ugXJwuN2tEfiXdTtPOY0PXhCixYIpxnV/uFtLfpRWroGUXZI95NfGDJcT6t8yTRxh6 gjzQcV1AyP06p/sI3bzpF1mS3VRWSGUsWmi7xoQe1rWyeD4MqX1GsbdF6/xPTtODnINs QWsASY8Ow4A/TbHEevdROYQcn01TjUt8k4b88X7KBGrDp6Nc6A3ua+n5DHoKNWNPczo9 Pt8rtUSqDyuNCbK3WJiq42yN8cuLtFgzMlgJsAJGyPIl6WjfoOEYV1sJKmyXptSI7hKV 7azAYVYsTinwEGpJlHDBJNv5M1r7fwqojTFbtUEefla0ShO8p4x7L3ca72YfxLzOVWlp cOSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ni0ImnvZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g185-20020a636bc2000000b005138ea6bf60si1932967pgc.422.2023.04.04.10.54.03; Tue, 04 Apr 2023 10:54:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ni0ImnvZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232492AbjDDRag (ORCPT + 99 others); Tue, 4 Apr 2023 13:30:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235975AbjDDR3i (ORCPT ); Tue, 4 Apr 2023 13:29:38 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 584107682 for ; Tue, 4 Apr 2023 10:27:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680629188; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+zbXb6Euw4EpIZ9qJHPVIzO46HN/te+bwrGro+cOrx4=; b=Ni0ImnvZKr9fY4auCi41mqPoOWU9ZwpZ3AmJvLnRLXEe9WNjUKHhUxsEjnvPykj5GeMHwR XlmH5BXnhtbhGkMWZh5vXYHMdxtMgpFf91VX3WxXWARvG5KNH0bl7zddlMiwG7oAWCSEcM quvHE132Llz8lWg8wjv2gGU3p7hkD7E= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-498-K0iMKucdO3-tSyah-zg1QA-1; Tue, 04 Apr 2023 13:26:18 -0400 X-MC-Unique: K0iMKucdO3-tSyah-zg1QA-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1CD421C0754D; Tue, 4 Apr 2023 17:26:11 +0000 (UTC) Received: from [10.22.32.153] (unknown [10.22.32.153]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8962AFD6E; Tue, 4 Apr 2023 17:26:10 +0000 (UTC) Message-ID: <1100a740-3da4-a5bd-6a98-49b49c97b11b@redhat.com> Date: Tue, 4 Apr 2023 13:26:10 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1 Subject: Re: [PATCH 1/3] cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly Content-Language: en-US From: Waiman Long To: =?UTF-8?Q?Michal_Koutn=c3=bd?= Cc: Tejun Heo , Zefan Li , Johannes Weiner , Christian Brauner , cgroups@vger.kernel.org, linux-kernel@vger.kernel.org, Juri Lelli , Dietmar Eggemann , gscrivan@redhat.com References: <20230331145045.2251683-1-longman@redhat.com> <20230331145045.2251683-2-longman@redhat.com> <20230403165523.aphsec2epqi72k27@blackpad> <20230404091953.tcu3zg7npstk3ztc@blackpad> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Spam-Status: No, score=-2.1 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 4/4/23 09:52, Waiman Long wrote: > > On 4/4/23 05:19, Michal Koutný wrote: >> On Mon, Apr 03, 2023 at 01:18:42PM -0400, Waiman Long >> wrote: >>> 1) PF_NO_SETAFFINITY flag - which won't be set in the case of fork() >>> as it >>> is for kthread only. >>> 2) DL bandwidth - Juri has a cpuset outstanding to modify the way >>> this check >>> is being done. I want to wait until it is settled before tackling >>> this, if >>> necessary. >> BTW what about CLONE_INTO_CGROUP where the target cpuset has empty >> effective cpuset? > Good point. That will require a can_fork() method then. I will look > into that. >> >>> 3) security_task_setscheduler() - the CLONE_INTO_CGROUP code has >>> already >>> checked that, we don't need to duplicate the check. >> Not sure what this refers to. > It is just checking of the task the has privilege of running into that > cgroup. >> >>> So we don't need a can_fork() check for now. >> Anyway, good breakdown. Could you please add it to the commit message >> too? > > Yes, I can put that into the commit log. I decide to add the can_fork method to do a pre-check. So I don't think I need to update the commit log of this patch. Cheers, Longman