From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9BE90C7EE30 for ; Wed, 1 Mar 2023 21:01:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 228D36B0072; Wed, 1 Mar 2023 16:01:00 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1D89D6B0073; Wed, 1 Mar 2023 16:01:00 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0A0D56B0074; Wed, 1 Mar 2023 16:01:00 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id ECB546B0072 for ; Wed, 1 Mar 2023 16:00:59 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id A0C2BA0DC9 for ; Wed, 1 Mar 2023 21:00:59 +0000 (UTC) X-FDA: 80521549038.08.F31FAC3 Received: from mail-ed1-f42.google.com (mail-ed1-f42.google.com [209.85.208.42]) by imf28.hostedemail.com (Postfix) with ESMTP id 2DF3CC0025 for ; Wed, 1 Mar 2023 21:00:55 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=W7barMoQ; spf=pass (imf28.hostedemail.com: domain of kaleshsingh@google.com designates 209.85.208.42 as permitted sender) smtp.mailfrom=kaleshsingh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1677704456; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=P2kasoRjb1+wciE4LnUC2thgmhUmXODjqV4vRSm0GrQ=; b=2eCQCyCJ3K+8FBM/PjANfp/Kxy6+GH0UqudDngGJQDApkhAOTFxmdFrl9EMTxBwEbm104Z b1kX0W08A56WL1ruUmCB0K73uDBFd3pr3Bi+yuzww74ofPtvPcfYvvRvAc794mvvjJSesn UhaAoLY1OJivxbGqtREibR/GdfxZsik= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=W7barMoQ; spf=pass (imf28.hostedemail.com: domain of kaleshsingh@google.com designates 209.85.208.42 as permitted sender) smtp.mailfrom=kaleshsingh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1677704456; a=rsa-sha256; cv=none; b=xPoqhQxlYkrWsjc1Y9aKOBESqzEnW4rs4DxQnHZSH27JECRdKSIApFnqSUVdKnc4e4CmsN bpeJNkcAc7+1hgZ7k6TXEzsTLNfG4aq7JzU5kKUuCL9ZKloqd6o39l+vB2OOAlJzqGutVc 7PVjFIitaXbh7UOj2mGQf96CbibCoV0= Received: by mail-ed1-f42.google.com with SMTP id u9so9845583edd.2 for ; Wed, 01 Mar 2023 13:00:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1677704454; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=P2kasoRjb1+wciE4LnUC2thgmhUmXODjqV4vRSm0GrQ=; b=W7barMoQHh4OpBpyETO0/gkI5dClRC/69osO6LGoB7PZbyXAonsXRwPJeNy0OBf5UL LXrKyhtV5pnGDcCIi4Piv/DxPPYhzjcQY6T6uNuSed9veKu1yjBJL4X+FkKb5bJYV9Yt sE10hdpblg9K3wuqUwCurVvteg0oZ2CQ2bR4f73Gnt83eCIkCgy9LyANkDgWVMDqEBeJ YZBj7K+xVkhICy6nS06wRn/bS8ni9axi1Ee9BCCArZ2aJbtEc/4KOm7qBrwJnCf7/X1M WUrCsMG7Zvo1Tp+cjmRkFYImZEqA3rnUxBKoAy8NQeC6T/HaG9u5iIbM+jKerspIbLfZ 3YFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677704454; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=P2kasoRjb1+wciE4LnUC2thgmhUmXODjqV4vRSm0GrQ=; b=7CABTNht84tILwKMguZilvjYRpWzU30fFw1yUhD4n/yTNivLnvinZwsWm4ouWueXu/ PjF3293jSZ66LdbHcXfT9NsiixW90nUBqrn16/PcC8S/Adxc9kTBLJrrWToMO6LSUHY7 PlUvCVl/gGPVRhcogggDnbCI/RSG/eCk6CrxCNpykW0ofrYeva2C8wFZ/9OZlTwKdl+8 BkDkhsKNnZtKRGAPcoILP6D8IdWHnlJ9AowM8VVXXQNg5dSSEdHjuYc2GrNg8VO3fjcc KVzorWcAWlROa0nI7UD5KVFt0mIwWnvyydvYVSIR1mVWrjB9YRRF1GsDR0N0v7PSADPG sH9w== X-Gm-Message-State: AO0yUKUYu3RNE8S0+113ICKCrjgir/5J9TDy/XRZ+DZwrNPsRqDcvSva b2FcZ152OtpzIRtMNgKXtsmMFrcY8CnVVDcsQMjg9A== X-Google-Smtp-Source: AK7set8WhjZ+EUql0MKvPVALpu2QC0TPEikxqjdTRnnfGvepLuO+0VCK9ZPNqpgNDaswQPHgcICbMTezMh2iivOUnu0= X-Received: by 2002:a17:906:2308:b0:903:967b:42d8 with SMTP id l8-20020a170906230800b00903967b42d8mr3815668eja.4.1677704454274; Wed, 01 Mar 2023 13:00:54 -0800 (PST) MIME-Version: 1.0 References: <20230301193403.1507484-1-surenb@google.com> In-Reply-To: From: Kalesh Singh Date: Wed, 1 Mar 2023 13:00:43 -0800 Message-ID: Subject: Re: [PATCH 1/1] psi: remove 500ms min window size limitation for triggers To: Suren Baghdasaryan Cc: Johannes Weiner , tj@kernel.org, lizefan.x@bytedance.com, peterz@infradead.org, johunt@akamai.com, mhocko@suse.com, keescook@chromium.org, quic_sudaraja@quicinc.com, cgroups@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 2DF3CC0025 X-Stat-Signature: 9hf7ap4a9mpht8r68bduee4fr4ysy47e X-Rspam-User: X-HE-Tag: 1677704455-948107 X-HE-Meta: U2FsdGVkX1/Cz8Tuq0yUIODT6avNGzuzeOm9V1JyD+W10YP1knHPLD9rWcG9I3+odyEVLb/uL6fiSG6kw/dfzB/+ycvt2r8cCimCFMvtk8AGmav2CifAaKDXfiSrNHN6YdDnWfRlfGuGfXCvZiBh2n/FkL40jJjfLkEO27AZCILZhe1U+caOPDqSEgCZvZaqEHp6GETMe4guz1coZchW+QDRSkkDM6+qQ+sd6H0GzDDbWJlL0lW6QM2ejHOWrQWNfKB/M+DqZ36dI0lO3ZMFhcmCFUNeaveLjTWfO+y3eHpXLdX4Qlk5h+ic3SgpF0j043HVh8Ksds5NFE8T2hWuiICSbodQ2IEw8ZeM5wmJaw5mH/X5gCscMk83roF791dL8gVHdzHIlU/WMkiVLRwaEac6Wgibbye0oEZyqEe5QrX8Dw7z0hRc6JZ8kXRK6e5FLRwrRpyP1XYz67DYG/QipZ6sG8pXQZrJUOU1biF+0D99nmoE9NSirL8JSJ9b77O7aBB5vnMaZC+kOHEiEEFKw5ibHgw2i1RmH0+iZSzuHbR1BRe9p64McgMvrsokfxotkX8gxazz3PS6DaY5oqPydSvBC2sg6Wsic9m4sDj6dhmqJM1qrc/MDVzxc28NoI+p7HGMHWYVJwpZuf92qHlfPxomAvg9r3U8LuzCcann+7rVHHrOU0IURokzXHLVvyLgkXqyh46MHWmmqdR9O+IvL8EAZG3qVvEiCw4nzdL3fOZEcYUBjJU/eiMkzJZL5xujeEfMXQkL3fQWJCBNZbaT9sAorz9C19J9cj0SeDNf+PglP4CXuKjx1fWagmPm4k/Fniz1GnrLIwSlFSKeJ9TdbY2NEQteNz5Z0tQWd2lMVaoj50l697tww/7jMjPCuw3FGPuMoftKPVZa4oQxrjawByMckKeHO/zygWBB7vBnfOL6foxPMQfYc/hF9yrF1xwMpksEoM41SYLG3KCOzOw gViO3LFY G4eEmZY1fHy2/BMH9/RDunG8aqqq8NIOzMlODEq7vhS1B2zTppiUGHwhPXmwZFBNdB0b7PFbdkjDjNJklboe3GnNYbuLYvgwYlUVwgDf/gEm0r45WjwLLHYagoTb9gQ12lAGapwjS9B3k7gwk6lwKJvqY5xAKeaE9RdoN+cwf71I/8eNhK56BbpY60KPgVKe2bz3rUvu0FQMz2ZRnKnDT+w8Xp4fInnsu7ui8X2OMoLUq/TrmwhF9kulfXOIFnue9qnILYr8KlYktY6uBjyX+d1sHM3kIBLBBj1VOJi7R0iSOwHCggALHU/Jx9YgEm03/bU/TBQtULIGWlhkF6sDRHqiiiLrF+w35jg/M00UIpMcNSeiTgJ8rMMg8kxvGs8zBEPGc6uXhpFwsFg5A3/DH/a0WBEi2dwYiJvuZZ5ARIoEupYWwfrfGaRQy7+6hC4mIwiTWYphPX0aswQzpaCkYlYY+gw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Mar 1, 2023 at 12:48=E2=80=AFPM Suren Baghdasaryan wrote: > > On Wed, Mar 1, 2023 at 12:07=E2=80=AFPM Johannes Weiner wrote: > > > > On Wed, Mar 01, 2023 at 11:34:03AM -0800, Suren Baghdasaryan wrote: > > > Current 500ms min window size for psi triggers limits polling interva= l > > > to 50ms to prevent polling threads from using too much cpu bandwidth = by > > > polling too frequently. However the number of cgroups with triggers i= s > > > unlimited, so this protection can be defeated by creating multiple > > > cgroups with psi triggers (triggers in each cgroup are served by a si= ngle > > > "psimon" kernel thread). > > > Instead of limiting min polling period, which also limits the latency= of > > > psi events, it's better to limit psi trigger creation to authorized u= sers > > > only, like we do for system-wide psi triggers (/proc/pressure/* files= can > > > be written only by processes with CAP_SYS_RESOURCE capability). This = also > > > makes access rules for cgroup psi files consistent with system-wide o= nes. > > > Add a CAP_SYS_RESOURCE capability check for cgroup psi file writers a= nd > > > remove the psi window min size limitation. > > > > > > Suggested-by: Sudarshan Rajagopalan > > > Link: https://lore.kernel.org/all/cover.1676067791.git.quic_sudaraja@= quicinc.com/ > > > Signed-off-by: Suren Baghdasaryan > > > --- > > > kernel/cgroup/cgroup.c | 10 ++++++++++ > > > kernel/sched/psi.c | 4 +--- > > > 2 files changed, 11 insertions(+), 3 deletions(-) > > > > > > diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c > > > index 935e8121b21e..b600a6baaeca 100644 > > > --- a/kernel/cgroup/cgroup.c > > > +++ b/kernel/cgroup/cgroup.c > > > @@ -3867,6 +3867,12 @@ static __poll_t cgroup_pressure_poll(struct ke= rnfs_open_file *of, > > > return psi_trigger_poll(&ctx->psi.trigger, of->file, pt); > > > } > > > > > > +static int cgroup_pressure_open(struct kernfs_open_file *of) > > > +{ > > > + return (of->file->f_mode & FMODE_WRITE && !capable(CAP_SYS_RESO= URCE)) ? > > > + -EPERM : 0; > > > +} > > > > I agree with the change, but it's a bit unfortunate that this check is > > duplicated between system and cgroup. > > > > What do you think about psi_trigger_create() taking the file and > > checking FMODE_WRITE and CAP_SYS_RESOURCE against file->f_cred? > > That's definitely doable and we don't even need to pass file to > psi_trigger_create() since it's called only when we write to the file. > However by moving the capability check into psi_trigger_create() we > also postpone the check until write() instead of failing early in > open(). I always assumed failing early is preferable but if > consolidating the code here makes more sense then I can make the > switch. Please let me know if you still prefer to move the check. > I always assumed the convention is to check the credentials on open() per Linus comment here: https://lore.kernel.org/r/CAHk-=3DwhDkekE8n2LdPiKHeTdRnV--ys0V0nPZ76oPaE0fn= -d+g@mail.gmail.com/#t --Kalesh