Received: by 2002:ab2:1347:0:b0:1f4:ac9d:b246 with SMTP id g7csp256858lqg; Thu, 11 Apr 2024 01:37:31 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUhngX+LqGb0J9TfvGiHobcVAlGUeL+LVRyXkRSBRe31eb9aANynkbp1ydKatvb9sU8d7Y1Yf9aAwmes37/i9rN9eA64Bwb9+peEeSS9A== X-Google-Smtp-Source: AGHT+IHXoxCE3jHGIuMaUSzSIRAjVyLtPdt1UzboHtRxnIEkAZiVIcpULKzxfLCOJcXtUANuycX2 X-Received: by 2002:a17:906:55c5:b0:a51:da29:288c with SMTP id z5-20020a17090655c500b00a51da29288cmr2734898ejp.28.1712824651350; Thu, 11 Apr 2024 01:37:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712824651; cv=pass; d=google.com; s=arc-20160816; b=Udb486FiwOXzafpTmGGml053H3Edbf4sG8V9njaL0oF2ZxAPemrWmZNQrRlsQ4uPN6 VRKcW5AWkc16RoM2f2QH4EfbCADwqlV67elRWoHGenkgAKcbqDpenPPNE2MKUR6fPI+n AdWjGnxTVrHrwQOp104IfXckiKGbAScfr1dDUkDVxV/GsmSef/uKdzOfvDCZsbisi7o9 l3MQ/r6F/4AMVfmmJ2RP86Z9LSkDgC302eThKAJK4f5oC/MjNkePfxw+6hgUTYTiLTr9 try7onTzlTXSKAIR4t8Z4i0gocN+m4W3Lo6m4CQdEUi3MaT2WFAcs2VfODADY3oTDH2d 9N3Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=1u+KIu05ihNMsOZBDu+U/wU/eh0uP4ZgU6yLRCPBFzw=; fh=e9chIeBYl044L6qmKRfRfSUhgwVP2OUrQ7GuaxQK4sU=; b=OrmBysGlX0313LYs83P8Waa2JQtknrbKst1Zmx+5XasF69ysRLap20qHtuhXZqtHpi pSCNbA7TisR4bCW2OKP3cDtOAMykP/f6/ee/3uQ8hIMHbtt1iBOsilu3y+uvFHmK6hpA wiQlWugKfuj2ttEJ/X42gs1J2ZmCDjNssQGyLf3ER6Q+CPFfDXWIl0X5D6tjSP2v2iDT h3+9ej2MCBLrUbF9y1vLTGIFjNMr/B9Uv6FD4+0DAICFjD1kaZiAD4Ne9n/T4NQz6tmY BWn3dtcjfkRPSPqjFeegSzwIF3s1BLTr7UeBh5/pSEoVH+LypJj5f7NK8lE2BbxDUESL dlIw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Qhh7A5m3; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-140099-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-140099-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id he14-20020a1709073d8e00b00a52232248b9si403089ejc.23.2024.04.11.01.37.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Apr 2024 01:37:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-140099-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Qhh7A5m3; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-140099-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-140099-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id E17C81F23E41 for ; Thu, 11 Apr 2024 08:37:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1F3DF846B; Thu, 11 Apr 2024 08:36:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Qhh7A5m3" Received: from mail-lj1-f174.google.com (mail-lj1-f174.google.com [209.85.208.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 94BCF1E50B; Thu, 11 Apr 2024 08:36:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.174 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712824618; cv=none; b=sh9SL1SwdceOZwPWAJzvXReLKtM0m2JrTePOfVBmdlY5b0557LTSj1X67lph1VL0dPwpYG3gcGpeX2ZbdbxtjdXaCetWSIOiXFfmLiuFSW4LcV+DRcXMNDENtx9DwzAZCescbrNfDZS/omPa/nRKFLzE2ZmkXBH5257zBp3WSwg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712824618; c=relaxed/simple; bh=unC3x+nKSIK9u/ndQdxIJyL6zS/jbDXkiDpSXnhD5yQ=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=lVkmx9DZ1X4Kg+kDSpTyFVG7Me+wj6h5q0diHBKLdQQOgU03D7rGbL9bgQK066Vo/lgzhqomt6JLYo3+OxYfOkMD30R7SuoaAs4PDc3f7DZCChMc/IfYv7QVKEZgzRsZSAk20blrKj62Vd4jq1kprzEaaxkb4ueQP4tM0/pplDQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Qhh7A5m3; arc=none smtp.client-ip=209.85.208.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f174.google.com with SMTP id 38308e7fff4ca-2d858501412so96282021fa.0; Thu, 11 Apr 2024 01:36:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712824615; x=1713429415; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=1u+KIu05ihNMsOZBDu+U/wU/eh0uP4ZgU6yLRCPBFzw=; b=Qhh7A5m3QaviOs4Q519VzWvhnC85Px3d2g45XBjZOwbAFINvyYOwdPP+Mpim2zH0kN UkLzkOVUsuLFRd0JuloScIFe2stPs8/BC6NZLdgBUgDJLoeofO25EV2jcf2Du0XRwFQb 6/rh+upmd9ATBNJnTu82X7lDn/lEkKA8F69VTJK3woNtqjR04cy4nc7a4m5cLHfUZH++ VhX9kZXA72mDD2pdhoTqXb9HdyM8i8ZiMajwSMLEwvbElWQaV8/TrPBbEFk7DCDMwijP cyECFeVr2hsJHsQszOauiLW6EaNJnUAmpQSZzOY5zw0KMJgRUWodg2CWbIGUVMIYoCZU YPcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712824615; x=1713429415; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1u+KIu05ihNMsOZBDu+U/wU/eh0uP4ZgU6yLRCPBFzw=; b=TLUl6WHMvhtT7/Np7+53WinkO/4i9AlFXibo7BN/8tBhC0VAq0Or16S/lNmRAp7A7F ZrtsRpcQO+Uxw+ThVzE+d+No9f+1FLLp7OI7lWj1Mf7Xv3Tqv9GeBRjRALto5N4uI/vF /75lRNau7SYJXivrUMI0v8Vko2rb6uFUXWHQ+fnaE/fw8jaM5g6XhHc4BCwpDd9Z7rAv wH6F7VsZHHi9V4stF9bSUvY8WCRhSJm3zkX9Re3qY0FPoGBJ+cFPYuVtyVAZn9W3rSlF ZJsJ5m77SL8wcUoAFhFJyEhXly/f6kQS5PDoc8o4lOLCK9USbgBKdBeihpFX4LjIJxMT sRYA== X-Forwarded-Encrypted: i=1; AJvYcCU2avCOhcQ+QS6Wap+gdVvXl8q7VbYuIjHFLnmaPIN5oKufonIYlgenYwONURlTnas7wi0XhDYpYA74swozLyvNedeGLHxTNrw0626YkBQqQ+ogvrg2m3cO/MHjduiEAx/eQEgloPJPscT+67m5Zn1t0McF8ShOaFnKWF9lAqof0SeLPsIXd9vgbZOUkXEIXB6ynAP8inCNJOTsKA== X-Gm-Message-State: AOJu0Yz6JDHJSimfUa3urdhFse5VlAGG81chkwDQvik5EaBpRzaYxDmo WHRapblPd1JuULdY/PBsSPwk1g2P09akr2CkKwibjD0PpTg9s+HOGtHuwGHYHnRZa4qbohFLQBQ lRiFCHaImdbw5f+UKh/ptrXdncjs= X-Received: by 2002:a05:651c:10a4:b0:2d8:1267:320e with SMTP id k4-20020a05651c10a400b002d81267320emr3245491ljn.5.1712824614314; Thu, 11 Apr 2024 01:36:54 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240327-ccb56fc7a6e80136db80876c@djalal> <20240327225334.58474-1-tixxdz@gmail.com> <705d7180-aced-46ba-80a6-84ac4e2b96b9@gmail.com> In-Reply-To: From: Djalal Harouni Date: Thu, 11 Apr 2024 10:36:27 +0200 Message-ID: Subject: Re: Re: [RFC PATCH bpf-next 0/3] bpf: freeze a task cgroup from bpf To: =?UTF-8?Q?Michal_Koutn=C3=BD?= Cc: Tejun Heo , Zefan Li , Johannes Weiner , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , linux-kernel@vger.kernel.org, cgroups@vger.kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Apr 9, 2024 at 5:32=E2=80=AFPM Michal Koutn=C3=BD wrote: > > Hi. > > On Tue, Apr 02, 2024 at 07:20:45PM +0100, Djalal Harouni wrote: > > Thanks yes, I would expect freeze to behave like signal, and if one > > wants to block immediately there is the LSM override return. The > > selftest attached tries to do exactly that. > > Are you refering to this part: > > int BPF_PROG(lsm_freeze_cgroup, int cmd, union bpf_attr *attr, un= signed int size) > ... > ret =3D bpf_task_freeze_cgroup(task, 1); > if (!ret) { > ret =3D -EPERM; > /* reset for next call */ > ? Yes. > > > Could be security signals, reading sensitive files or related to any > > operation management, for X reasons this user session should be freezed > > or killed. > > What can be done with a frozen cgroup after anything of that happens? > Anything besides killing anyway? Some users would like to inspect. > Killing of an offending process could be caught by its supervisor (like > container runtime or systemd) and propagated accordingly to the whole > cgroup. Most bpf technologies do not run as a supervisor. > > The kill is an effective defense against fork-bombs as an example. > > There are several ways how to prevent fork-bombs in kernel already, it > looks like a contrived example. I doubt if they are as effective, flexible and reflect today's workflow as the cgroup way. Thanks