From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1177A45348E for ; Tue, 28 Apr 2026 18:10:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777399810; cv=none; b=siLG9DhlYEnERs06qbaHvl2mhQPAtrqx2h0MiEAkszIFVr/hPxgrePZ1r+k81Zq7xlX6ap1Vg6GKQHndTXap0ZO0D2Luo7R0PfLc3mnkxpg71hUvzjgwV8jApXU+/xSg+1tLM3yqtuJfdGg1tLxj3FSdR29FuHE4gva6VUYO0C0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777399810; c=relaxed/simple; bh=uLbktZmtWPtLrfOgiMLpDLglBi5LnXEobVjQPTqKXYE=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=m1eAJvBeOVTS66nuhG1kFRkd7cn8zMapkqzPHT6VQAQlGyWrkAO1o6rF33OFbj2S3doTlpMO+230GWmsC7iOzNUGx1UXEApNG1Ho2T5l0eTXtJAvmdXv92c5cD61Zp0s5MqlGIbJr2OMm7rw+b+3wMVQeEP60ivK0iSnTXUkkso= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=I849QHV0; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="I849QHV0" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1777399808; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=kne1iSJh3DS53BgsW2y42djGYIvb/HsZgOjbew6dk9o=; b=I849QHV0pljNHRYyfU+B6N/xL64SjXlXqjDQNCyCzOi4kQdsJTmNLuZkV5dUgJsaywceXj vtADMvm2EHrILxYiB0ZpDGwR7lqtPJ3p+/61cS6ToyHAtF0oH1h1Ni2Nnu4CADCRM0HblF o14BXkYeIhX10Kxu+yGkqwvk8+y3BfI= Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-688-TzbV_nYdPAyl--NY-Pd9Jg-1; Tue, 28 Apr 2026 14:10:04 -0400 X-MC-Unique: TzbV_nYdPAyl--NY-Pd9Jg-1 X-Mimecast-MFC-AGG-ID: TzbV_nYdPAyl--NY-Pd9Jg_1777399803 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 8E79619560B4; Tue, 28 Apr 2026 18:10:02 +0000 (UTC) Received: from llong-thinkpadp16vgen1.westford.csb (unknown [10.22.65.177]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 13FE1196B8FB; Tue, 28 Apr 2026 18:09:59 +0000 (UTC) From: Waiman Long To: Chen Ridong , Tejun Heo , Johannes Weiner , =?UTF-8?q?Michal=20Koutn=C3=BD?= , Jonathan Corbet , Shuah Khan Cc: cgroups@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, Xie Maoyi , Waiman Long Subject: [PATCH v2] cgroup/cpuset: Clarify the delegation rules of partition Date: Tue, 28 Apr 2026 14:09:35 -0400 Message-ID: <20260428180935.806284-1-longman@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 Creation of remote partition is currently not allowed without privilege. On the other hand, creation of local partition is allowed without privilege as long as its parent is also a partition root. The current setup allows a delegator to delegate an exclusive set of CPUs to the delegatee by making the root of a delegated sub-hierarchy a partition root. The delegatee is then allowed to create a local sub-partition underneath it if necessary. Creation of a remote partition is not currently allowed across delegation boundary without privilege. Clarify the partition delegation rules by stating the current behavior in cgroup-v2.rst file. Signed-off-by: Waiman Long --- Documentation/admin-guide/cgroup-v2.rst | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst index 6efd0095ed99..5b4ebde6fffe 100644 --- a/Documentation/admin-guide/cgroup-v2.rst +++ b/Documentation/admin-guide/cgroup-v2.rst @@ -2599,8 +2599,7 @@ Cpuset Interface Files cpuset.cpus.partition A read-write single value file which exists on non-root - cpuset-enabled cgroups. This flag is owned by the parent cgroup - and is not delegatable. + cpuset-enabled cgroups. It accepts only the following input values when written to. @@ -2708,6 +2707,15 @@ Cpuset Interface Files their parent is switched back to a partition root with a proper value in "cpuset.cpus" or "cpuset.cpus.exclusive". + This file is owned by the parent cgroup and is not delegatable. + The delegator can delegate an exclusive set of CPUs to the + delegatee by making the root of a delegated sub-hierarchy a + partition root. The delegatee is then allowed to create a local + sub-partition underneath it if needed. The delegator should + not set "cpuset.cpus.exclusive" at the root without making it + a partition root as the creation of remote partition is not + allowed without privilege. + Poll and inotify events are triggered whenever the state of "cpuset.cpus.partition" changes. That includes changes caused by write to "cpuset.cpus.partition", cpu hotplug or other -- 2.53.0