From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0278CC678D4 for ; Wed, 1 Mar 2023 20:48:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 516C26B0072; Wed, 1 Mar 2023 15:48:52 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4C6A26B0073; Wed, 1 Mar 2023 15:48:52 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3B7586B0074; Wed, 1 Mar 2023 15:48:52 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2DEFE6B0072 for ; Wed, 1 Mar 2023 15:48:52 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 014B1140123 for ; Wed, 1 Mar 2023 20:48:51 +0000 (UTC) X-FDA: 80521518504.15.F9CBB79 Received: from mail-yw1-f176.google.com (mail-yw1-f176.google.com [209.85.128.176]) by imf05.hostedemail.com (Postfix) with ESMTP id 3EAF3100002 for ; Wed, 1 Mar 2023 20:48:50 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=ZxKqVSfG; spf=pass (imf05.hostedemail.com: domain of surenb@google.com designates 209.85.128.176 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1677703730; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pJ2NmEPepPcvJe3Ak3yvSzcJWQBbkK4dHDuYNukFsA4=; b=vpS9Ki2lD7YeeGni5PjefRIGdJwMJp+UDGeO7YVQQS8nYe7H4fCwWHaWO45HWWDw2hkVpM UToCe20tL0sLbXMC/kemcPJK3ZvUjxxUy6nEhQjLxQaBDzUtUjYaW2yCSqlkqz7aDZUzmx HTh0lnOll6/hathwM138csi44JEHTMM= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=ZxKqVSfG; spf=pass (imf05.hostedemail.com: domain of surenb@google.com designates 209.85.128.176 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1677703730; a=rsa-sha256; cv=none; b=re7iL5AAX/lJdoNFrs/94t1GR00XkujGu3NfPi1pJPNsYBf2r7jQF2y4B5eahl3S9cNS1q 4vZEfOexRXPM6RpU0eNnIQnPBThNGnkbLWrLwr+ipXm9S65P2OUmU09/q8Nbj37aGnW8fK a81RtuAA//o4LEv07LmwRbmXfbzV/JQ= Received: by mail-yw1-f176.google.com with SMTP id 00721157ae682-536cb25982eso386803967b3.13 for ; Wed, 01 Mar 2023 12:48:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1677703729; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=pJ2NmEPepPcvJe3Ak3yvSzcJWQBbkK4dHDuYNukFsA4=; b=ZxKqVSfGUt6z5p9e4Sh1vteLyfGnKL+sAJJBJkTnttLJNPVFFrb6Q8lkW4nTVy/X2l N5/JO3+zD3LYuIc2tT3uQ9kIHFoLQRkCFwDLNeck6pX6qG69jf8xc79xIfmdgBxeS2ae gPO0iZxFqzN5e0MFXgXFukI6ZT1Qrza33kJHQMolayOC/Za+3ACrukE+LUqaukvDjFBr OCIs7/uvb4O8rRAJLPZcEaseFUhGWxhoiyvpdWyK/dTN0FhnoLz0yXoGm3A/ONfizmTE f5SPURgiWH8B09lMfmeWhs9AhcPquBUDJmmxlJq+e+o8001eO34zMlf4yk7u8TJKsluk F2zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677703729; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pJ2NmEPepPcvJe3Ak3yvSzcJWQBbkK4dHDuYNukFsA4=; b=KYJTfFMg0BF3ckiuhlY/q3mKWBodiX4vc2P5DGFXrwAcaKmtW4PCGGK4YVx8ybSxmR RJ+WXz2humiltVwqr3rCX/HGloN1fEf8m4LeBiDqTQG8v3y2YmO3UpQklog2iEz9ETXo g5+vmy1RgDrwyjWWeqLw0T4HuhbUvo2tQg/GRmI1VA9U4QIKsCGBnCIUVnWgGcA4Yt11 dgUyKciC896ifXlcjnUglBEHD859dimPBG3I1t1Q5X0nL2LpmmXPNsKomGzKGE6ZdrSb 7ZsDR7plkGU9EIj6Udk2SkpPhbrw9peAO991yoNRy49PaHQr7XDnyKWH/EVMrwWFXBlH 9jfg== X-Gm-Message-State: AO0yUKVsBO2NDxrlVz+bTq+rMZK8A+jjlM9FddE4FXuTvuFkTKF0takK yDEbQvhYeQ5oGVyfXUk+wVAyd8IDAItz7aHvBCJtKg== X-Google-Smtp-Source: AK7set8e8aN8lhe1v2IkmF76VC5t9F6FyKK9q3rCkR0EKsJvTiU9L2roDVQILALGedIxz/crcfjfzcHKNZduJg/PH8w= X-Received: by 2002:a81:ad03:0:b0:530:bbd3:798b with SMTP id l3-20020a81ad03000000b00530bbd3798bmr4793692ywh.0.1677703729203; Wed, 01 Mar 2023 12:48:49 -0800 (PST) MIME-Version: 1.0 References: <20230301193403.1507484-1-surenb@google.com> In-Reply-To: From: Suren Baghdasaryan Date: Wed, 1 Mar 2023 12:48:38 -0800 Message-ID: Subject: Re: [PATCH 1/1] psi: remove 500ms min window size limitation for triggers To: Johannes Weiner Cc: tj@kernel.org, lizefan.x@bytedance.com, peterz@infradead.org, johunt@akamai.com, mhocko@suse.com, keescook@chromium.org, quic_sudaraja@quicinc.com, cgroups@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 3EAF3100002 X-Stat-Signature: tqiezepb8z6gnatyhd83gxsc7996p89z X-Rspam-User: X-HE-Tag: 1677703730-487287 X-HE-Meta: U2FsdGVkX18yY+m23mStCi7h2Ud+ydyTrYMgWXrsje5GUKonZZrV2eDorvRcR3BFr7IMLkBM9Llcq1We9ViLw74+c0YOBmX8Hn0oIC9k6LvIuVSQvVuiEBujGHD4Rj4rSzH/jqYztF/1SWaK6Q6ImvnwiUMyOTQQe2bgp2Qte5Jm0T8vgQEBXxFhqDUa7IWk98+pH19jojgYGRxiOCGIxcBDn4vLES71mjLzxixqJ/bZPA1gEsnrsyP9QxeqC6GdnRTk5MkyJHjQ93ldS9It4fCjP6cA3h4GF/4E7HFa7l5/lbpsDMjDx5ZC6jzYXQ0dnDw48OxxBe2NiAw86te49IaQ429Yjx8Zxd29Ai/wW3WYNa8Vsq2asOzx0HFrrFtmMX/qwNluCVvHdzd2+1K0FsqXAQZDzFJDsPYviaCZDdL6stUng2qSBSfVrroNbc5N9H0IRbdUqYkMXxvPSrpv6iyW5FzQGKGDQ29mTdwdvp8B0+n2OOcUPy+ivk7/rLdq0xR2m8CaACuRLn0/KkfoOADRNAVoBPnTj62ctwqFARooEufl0FOTGF9Ii0IVOw2WeC3cE5Bnt+tNjewXPrY2o33blTUWjMU2Q6xCiCqMZy2oV8zhmBZViD8fl0is69shBBDXbDlqQfj459VFVecuLzJFsdhYP9gAF99q5KZx4wKxlN1IqCWUe1QvuBn1ij0JXVXtaV5TbbRy0H+nIA7GUUmgr84/FeidP0Tlw1hZYuuR6H/dBtJcHhGcC8DNHF0NE1DavgF6Ie7gKsjg5bLMURL/vq8qe6i8icW4vqztyCJWqMzUryDVGIVHt9fcpO8orx0jSU60AhXTO/dymvZ21T0VHS0cRcu6m7RWnRIvMGZ4ZDNJ/IpvbLWV8OitUapHE0KJsi+fMblkfTEWEpxNfstb8OIFWWnXvYtn0f4eq0RfGbd8JmEKM9KFU+yWbDvq3UKfWGhC6HzHn4IQcGo OglsR++N 0zB+4E8xkI/h2al0qeDA3VqJNU9DbnopnsNOBND1zL1NSyt97HFJSSuS1erJRNdOy8QWPQtFSpkD8x+qva6xzdPnQJoYv0NYXrJq5BxQGXd9o7E9UYGpwz7URbUfIh2kzQVbPb/AQdps1SX3qG2vcOB+jJz4ebYTYE/5zzwQDaWTJq2wPy2gPW6doW59WXyX9YffJCaCvxHr6+cOZw4I4XKCJTGyfj+bkHmVjWVUuGpWYNwNcyPT9Rxz6DAF3eJHg9Ty+OsNYGyuazxAXfHagjpQpsl1U1WnUISR9kDS00fuFLcKLAUb6HxsRCHjwq8de35niRCNTiUGJdeTPcYb4XrGbeKXIpawsRpicPyeDJzXGVi/oWfnmuwq5ByCLK31Neb6XVpsleRWXKapEYvcI3MRcdeioAtFjNuK7TCiTtDkzy2o0Dw5xdxqXNP6RrtATRfWU X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Mar 1, 2023 at 12:07=E2=80=AFPM Johannes Weiner wrote: > > On Wed, Mar 01, 2023 at 11:34:03AM -0800, Suren Baghdasaryan wrote: > > Current 500ms min window size for psi triggers limits polling interval > > to 50ms to prevent polling threads from using too much cpu bandwidth by > > polling too frequently. However the number of cgroups with triggers is > > unlimited, so this protection can be defeated by creating multiple > > cgroups with psi triggers (triggers in each cgroup are served by a sing= le > > "psimon" kernel thread). > > Instead of limiting min polling period, which also limits the latency o= f > > psi events, it's better to limit psi trigger creation to authorized use= rs > > only, like we do for system-wide psi triggers (/proc/pressure/* files c= an > > be written only by processes with CAP_SYS_RESOURCE capability). This al= so > > makes access rules for cgroup psi files consistent with system-wide one= s. > > Add a CAP_SYS_RESOURCE capability check for cgroup psi file writers and > > remove the psi window min size limitation. > > > > Suggested-by: Sudarshan Rajagopalan > > Link: https://lore.kernel.org/all/cover.1676067791.git.quic_sudaraja@qu= icinc.com/ > > Signed-off-by: Suren Baghdasaryan > > --- > > kernel/cgroup/cgroup.c | 10 ++++++++++ > > kernel/sched/psi.c | 4 +--- > > 2 files changed, 11 insertions(+), 3 deletions(-) > > > > diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c > > index 935e8121b21e..b600a6baaeca 100644 > > --- a/kernel/cgroup/cgroup.c > > +++ b/kernel/cgroup/cgroup.c > > @@ -3867,6 +3867,12 @@ static __poll_t cgroup_pressure_poll(struct kern= fs_open_file *of, > > return psi_trigger_poll(&ctx->psi.trigger, of->file, pt); > > } > > > > +static int cgroup_pressure_open(struct kernfs_open_file *of) > > +{ > > + return (of->file->f_mode & FMODE_WRITE && !capable(CAP_SYS_RESOUR= CE)) ? > > + -EPERM : 0; > > +} > > I agree with the change, but it's a bit unfortunate that this check is > duplicated between system and cgroup. > > What do you think about psi_trigger_create() taking the file and > checking FMODE_WRITE and CAP_SYS_RESOURCE against file->f_cred? That's definitely doable and we don't even need to pass file to psi_trigger_create() since it's called only when we write to the file. However by moving the capability check into psi_trigger_create() we also postpone the check until write() instead of failing early in open(). I always assumed failing early is preferable but if consolidating the code here makes more sense then I can make the switch. Please let me know if you still prefer to move the check.