From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tejun Heo Subject: Re: [Phishing Risk] [External] Re: [PATCH] cgroup/cpuset: Add a new isolated mems.policy type. Date: Tue, 6 Sep 2022 07:19:21 -1000 Message-ID: References: <20220902063303.1057-1-hezhongkun.hzk@bytedance.com> Mime-Version: 1.0 Return-path: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:sender:from:to:cc:subject:date; bh=DLlnc6RmTg0BKq5WkTFW6Fs5pUb+s+A4h9B4fzKjhrI=; b=csTIT6mI2KzzjqaY8cqY1Odnetkmo9YoZgm1ta/V1CfQXFGHrNl5ID11UWr9EwdqWT ybdIbatthK94dyrnSRNDRzDCley5Yk5BpAeFv0jlVOckHWFPIroZTDp8BT8QYEWrvkct BA4eS1H6rJQxAfoCXt7ExiwOLg+VBwXu131zL1best+97Y5E8nYjpo+rR0a96WS+Wzv7 MjQLtS57kFrjmK6AclQeajykuyehhqAxxl6b2xCpvmumWgksYXgKSp//v3sHRcowshtU cRIDx7lZIZpbAiQjffFScK2mWcqYWBLsFSVHgLV9dxsr6wqBZCCZBcPK/KMRw6ofIq1L 5hEw== Sender: Tejun Heo Content-Disposition: inline In-Reply-To: List-ID: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Zhongkun He Cc: lizefan.x-EC8Uxl6Npydl57MIdRCFDg@public.gmane.org, hannes-druUgvl0LCNAfugRpC6u6w@public.gmane.org, cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org Hello, On Mon, Sep 05, 2022 at 06:30:38PM +0800, Zhongkun He wrote: > We usually use numactl to set the memory policy, but it cannot be changed > dynamically. In addition, the mempolicy of cpuset can provide a more > convenient interface for management and control panel. But you can write a better tool easily in userspace to do whatever you wanna do, right? If you're worried about racing against forks, you can freeze the cgroup, iterate all pids applying whatever new policy and then unfreeze. We can probably improve the freezer interface so that multiple users don't conflict with each other but that shouldn't be too difficult to do and is gonna be useful generically. I don't see much point in adding something which can be almost trivially implemented in userspace as a built-in kernel feature. > Sorry,I don't quite understand the meaning of "don't enforce anything > resource related". Does it mean mempolicy, such as "prefer:2" must specify > node? Or "cpuset.mems.policy" need to specify a default value? > (cpuset.mems.policy does not require a default value.) In that there's no real resource being distributed hierarchically like cpu cycles or memory capacities. All it's doing is changing attributes for a group of processes, which can be done from userspace all the same. Thanks. -- tejun From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FBA8C6FA86 for ; Tue, 6 Sep 2022 17:28:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234331AbiIFR2R (ORCPT ); Tue, 6 Sep 2022 13:28:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36584 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238408AbiIFR14 (ORCPT ); Tue, 6 Sep 2022 13:27:56 -0400 Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D791EE2A; Tue, 6 Sep 2022 10:19:23 -0700 (PDT) Received: by mail-pf1-x42d.google.com with SMTP id q15so12023000pfn.11; Tue, 06 Sep 2022 10:19:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:sender:from:to:cc:subject:date; bh=DLlnc6RmTg0BKq5WkTFW6Fs5pUb+s+A4h9B4fzKjhrI=; b=csTIT6mI2KzzjqaY8cqY1Odnetkmo9YoZgm1ta/V1CfQXFGHrNl5ID11UWr9EwdqWT ybdIbatthK94dyrnSRNDRzDCley5Yk5BpAeFv0jlVOckHWFPIroZTDp8BT8QYEWrvkct BA4eS1H6rJQxAfoCXt7ExiwOLg+VBwXu131zL1best+97Y5E8nYjpo+rR0a96WS+Wzv7 MjQLtS57kFrjmK6AclQeajykuyehhqAxxl6b2xCpvmumWgksYXgKSp//v3sHRcowshtU cRIDx7lZIZpbAiQjffFScK2mWcqYWBLsFSVHgLV9dxsr6wqBZCCZBcPK/KMRw6ofIq1L 5hEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:sender:x-gm-message-state:from:to:cc :subject:date; bh=DLlnc6RmTg0BKq5WkTFW6Fs5pUb+s+A4h9B4fzKjhrI=; b=K+qVBmSeBKdclKp7xCaE7r7J8Qa1BCNLmu2b3VS+lAZoC+83N475YPiL5YrJBqvcSk 9jMP5cbXgf8FGHKrhNMJO/uZzagJRDxI9/M+z6VHlxZD+VcS10rQwFIgoPz4N9EJ2ukZ drR8PyYZqmZMNaSbtpLZizK9YhIUAoXzU87FELe2aQpQ1jU5VJ5ak5MXIcXjaqf580y0 eRL37oses8f9Ysoi3mXpgs+6surs4RVc8wi5CpRJg1Z7+kIh/HHgwlMfleVxW4nV/0jj k0Lt2ItpbkqrltDplh+6ZHbT3WK7alxgho65/5XEOAK/MsrhM6Aj/Wjt765XJ317y25B u6mg== X-Gm-Message-State: ACgBeo2zk29F/NlPSrUXp10P/HMzR6CJqKGlhyMijsL1z9tPWAcknDkW EfJoJsQLLuB76/WhHkH7VpsCJsha8h8= X-Google-Smtp-Source: AA6agR6DUk0XnuOm5ZGEH42iJ8VfksclmIYyolcIWWwZnbBPExrojB63b3kDCN+23GnniT1+npooqA== X-Received: by 2002:aa7:8b52:0:b0:537:c6c7:3ef4 with SMTP id i18-20020aa78b52000000b00537c6c73ef4mr54402894pfd.48.1662484763130; Tue, 06 Sep 2022 10:19:23 -0700 (PDT) Received: from localhost (2603-800c-1a02-1bae-a7fa-157f-969a-4cde.res6.spectrum.com. [2603:800c:1a02:1bae:a7fa:157f:969a:4cde]) by smtp.gmail.com with ESMTPSA id v28-20020aa799dc000000b0053651308a1csm10539462pfi.195.2022.09.06.10.19.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Sep 2022 10:19:22 -0700 (PDT) Sender: Tejun Heo Date: Tue, 6 Sep 2022 07:19:21 -1000 From: Tejun Heo To: Zhongkun He Cc: lizefan.x@bytedance.com, hannes@cmpxchg.org, cgroups@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [Phishing Risk] [External] Re: [PATCH] cgroup/cpuset: Add a new isolated mems.policy type. Message-ID: References: <20220902063303.1057-1-hezhongkun.hzk@bytedance.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, On Mon, Sep 05, 2022 at 06:30:38PM +0800, Zhongkun He wrote: > We usually use numactl to set the memory policy, but it cannot be changed > dynamically. In addition, the mempolicy of cpuset can provide a more > convenient interface for management and control panel. But you can write a better tool easily in userspace to do whatever you wanna do, right? If you're worried about racing against forks, you can freeze the cgroup, iterate all pids applying whatever new policy and then unfreeze. We can probably improve the freezer interface so that multiple users don't conflict with each other but that shouldn't be too difficult to do and is gonna be useful generically. I don't see much point in adding something which can be almost trivially implemented in userspace as a built-in kernel feature. > Sorry,I don't quite understand the meaning of "don't enforce anything > resource related". Does it mean mempolicy, such as "prefer:2" must specify > node? Or "cpuset.mems.policy" need to specify a default value? > (cpuset.mems.policy does not require a default value.) In that there's no real resource being distributed hierarchically like cpu cycles or memory capacities. All it's doing is changing attributes for a group of processes, which can be done from userspace all the same. Thanks. -- tejun