Received: by 2002:ab2:b82:0:b0:1f3:401:3cfb with SMTP id 2csp722993lqh; Thu, 28 Mar 2024 14:29:20 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWIkzV189TYMNvjioIjxLzg8G6ovy61f20P+cgrTiv9f+ANNywMmWvSq6+//16h5PgUACgMBPTU8FSF3/2bsn8ekCHE5Rza4ymoLG5gcQ== X-Google-Smtp-Source: AGHT+IFWjo6aBkCB3SuUcfTnf6lMzdlw+AyIxVS8aX7a+3Z6f5HdEpXP8qmHnS27BQcvfGtWNpOG X-Received: by 2002:a17:902:7848:b0:1e2:a70:247e with SMTP id e8-20020a170902784800b001e20a70247emr687678pln.18.1711661359762; Thu, 28 Mar 2024 14:29:19 -0700 (PDT) Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id n17-20020a170902d2d100b001e0e67a8445si2203514plc.227.2024.03.28.14.29.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Mar 2024 14:29:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-123676-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b="Q815/UKF"; arc=fail (body hash mismatch); spf=pass (google.com: domain of linux-kernel+bounces-123676-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-123676-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id CEA84293116 for ; Thu, 28 Mar 2024 21:29:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3B7C013B2A2; Thu, 28 Mar 2024 21:29:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Q815/UKF" Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BBA0813A244; Thu, 28 Mar 2024 21:29:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.45 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711661346; cv=none; b=tTxZ8tHF/8tkQ2vw9raAeofoSaQbT0c2gM9zSyryf3eIVQu5EdfBaIIlMRmBfp0tlRJ20tLfJuiMvlw9AgfNEK6fNV6sgezv4W6qU0cOGJBCYW/YwGJi7IeqQlbhgQJksaaNJ4OLwjKAka8l3MdwuU9YyKmuwcNxHpVHLVHUqic= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711661346; c=relaxed/simple; bh=fu9vUyiydStv12IrbMDN19YasY8MTA7HLFJT94T3dNY=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=KC4mmtA4yD2P/l6oXss3CISRulBgFlo6JIIA9Mlg1UOuJUTUcm4par3dxGqCmSbk6VwG/7KQQaP7PMq7nV4YQQVtWNGb+876R3GbjUnzSxPYCeUQ8bHsFDMXg6WLLZzSG0KMSNP+htmdtOeAIEmWc+Cpfm5H436AaG1KxYE99WY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Q815/UKF; arc=none smtp.client-ip=209.85.221.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-33ed6078884so1365193f8f.1; Thu, 28 Mar 2024 14:29:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711661343; x=1712266143; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7rZ5v4VYB7xFxkylJdxU/zw8gdhhfD99ak8fXt5M6cs=; b=Q815/UKFhLZgHH2DPzS7HNK8+2Kw8u7gnSGggT3Yc2LTSITyeD8UrF0SCh9A0NwGyw Bakn/NtkGmXfHWiFvyKaY0S/27xmG6lsRMspt+GNkL4XHej0mgwHTgP8t2O7ww5K6SHl u/g4luUdSl7hXuS/uQd1Qotq20z9mb4Alp5bz9DoEO0wtEw5rV/qtM3WoDCtM+N40D4G y4uVUSbPOoQPY1WxF5SObSZp20AuD4ERNaXVQtZIo+C1KO3cPLruDc6zEd0O1AeT8e+l 3nInnEWmxYLFdfWRLPNdTr4zgtruOmY0InsOu0ueJBhjJL8XB4w1cnSRLcuCdZHSbctc sASQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711661343; x=1712266143; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7rZ5v4VYB7xFxkylJdxU/zw8gdhhfD99ak8fXt5M6cs=; b=r+C+EfMrsHpBQORYSxqRWSiAlSniXsZEA/hdv2lG0p8xW8gRzkbh07335OF/dLV3tW 67d0pQRX0mlH1/j9rBetNRGb0b1oT1b4FJFLWtUY8A0g1DLt5ktxXzEiaKAvybvcpGDD 6oks55LorDf3V3uO4RWDq8QaDvUcO4N0eEJENb/hHYX3woHwQg6dDATh2CJD8bdy92iF DhoqxxxfHaFKgeeesOZQ/G7RKpF53mDbxrHltu9y0B0odk4jHnMbAYB3pFH0tAAMt0Xr IEkX0FnfdS6oltUpxybmeaZB/Km16awfDkN1PZHGE2tu+JI9dKD4oB57cAJfGLaYzHAD mPLg== X-Forwarded-Encrypted: i=1; AJvYcCUJBBt3duXQK07lAchJ1gmKVEe20UjjCSl2WgiDM7lHwjh5qb9K6WaDxSN8ZnhYBkfNcdX7+ffaQQS8esT0BqGSdSCQAMZ+Lx+5Hcg95o7MW+oZVMrCjn3Bgnl0OMmWaddPWE/KJt4xySjvz1oQkfgYlIG5X0PQXNUPGcR4coE7D3bM5OaYv0NJ/IdMZr3Ub9J+n9iYclUag9iT4g== X-Gm-Message-State: AOJu0YxgEzRCct6JP53fDhO/N/Ra5Mca5MXytm2ALRkW1Gr7ppq0LDV+ wObdDVLV4YEvh/8Bd4TjdtiBz+j3eVbq08ys/twrOG6MM3uV8OLCR36w6kY21n+/CTyMN2hdLLH Xu4KwHrbfz7B8Ewr7uAj14oM0hQs= X-Received: by 2002:adf:e606:0:b0:342:d5ac:c712 with SMTP id p6-20020adfe606000000b00342d5acc712mr609862wrm.7.1711661342976; Thu, 28 Mar 2024 14:29:02 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240327-ccb56fc7a6e80136db80876c@djalal> <20240327225334.58474-1-tixxdz@gmail.com> In-Reply-To: From: Alexei Starovoitov Date: Thu, 28 Mar 2024 14:28:51 -0700 Message-ID: Subject: Re: [RFC PATCH bpf-next 0/3] bpf: freeze a task cgroup from bpf To: Tejun Heo Cc: Djalal Harouni , Zefan Li , Johannes Weiner , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , LKML , "open list:CONTROL GROUP (CGROUP)" , bpf , "open list:KERNEL SELFTEST FRAMEWORK" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Mar 28, 2024 at 2:01=E2=80=AFPM Tejun Heo wrote: > > Hello, > > On Thu, Mar 28, 2024 at 01:45:56PM -0700, Alexei Starovoitov wrote: > > On Thu, Mar 28, 2024 at 1:02=E2=80=AFPM Tejun Heo wrote= : > > > > > > There's also cgroup.kill which would be useful for similar use cases.= We can > > > add interface for both but idk. Let's say we have something like the > > > following (pardon the bad naming): > > > > > > bpf_cgroup_knob_write(struct cgroup *cgrp, char *filename, char *bu= f) > > > > > > Would that work? I'm not necessarily in love with the idea or against= adding > > > separate helpers but the duplication still bothers me a bit. > > > > I liked it. > > So filename will be one of cgroup_base_files[].name ? > > We probably don't want psi or cgroup1_base_files in there. > > Would it matter? Few weak reasons: cgroup_psi_files have show/write/poll/release which doesn't map to this bpf_cgroup_knob_write/read ? cgroup1_base_files probably needs to a separate kfunc bpf_cgroup1_... > If the user has root perm, they can do whatever with the > files anyway, so I'm not sure why we'd restrict any specific knob. Maybe = we > wanna make sure @filename doesn't include '/'? Or is it that you don't wa= nt > to go through the usual file name look up? yeah. why do a file lookup? The names are there in the array. cgroup pointer gives that "relative path" and knob name is the last part of such "path". Easy to search in that array(s). > > From the verifier pov 2nd arg can be "char *knob__str" and > > the verifier will make sure it's a constant NULL terminated string, > > so at runtime it will be easier to search cgroup_base_files array. > > And 'buf' can be: void *mem, int mem__sz with kfunc doing > > run-time validation that there a null there. > > That all sound good. > > Thanks. > > -- > tejun