From: Lennart Poettering <mzxreary@0pointer.de>
To: Alexander Graf <graf@amazon.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
Dominik Brodowski <linux@dominikbrodowski.net>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Theodore Ts'o <tytso@mit.edu>,
Colm MacCarthaigh <colmmacc@amazon.com>,
Torben Hansen <htorben@amazon.co.uk>,
Jann Horn <jannh@google.com>
Subject: Re: [PATCH 2/2] random: add fork_event sysctl for polling VM forks
Date: Tue, 3 May 2022 10:29:49 +0200 [thread overview]
Message-ID: <YnDn/d6iB0aUZkWJ@gardel-login> (raw)
In-Reply-To: <7a1cfd1c-9f0e-f134-e544-83ee6d3cd9c9@amazon.com>
On Mo, 02.05.22 19:59, Alexander Graf (graf@amazon.com) wrote:
> Lennart, looking at the current sysctl proposal, systemd could poll() on the
> fork file. It would then be able to generate a /run/fork-id file which it
> can use for the flow above, right?
I am not to keen on making sytemd such a proxy. Sounds like something
the kernel could do on its own, better and resulting in an ultimately
simpler system...
If systemd its the proxy this adds in extra raciness. i.e. in a ideal
world, if we have some form of notification fd, then it would be great
if that fd is guaranteed to have POLLIN set and its contents updated
the instant the clone happened. But if we proxy this through
userspace, there's necessarily a latency involved that it it takes
userspace to catch up and effect the POLLIN and updated contents
towards its client apps.
I understand the underlying VM hypervisor APIs currently are designed
to always imply some notification latency. Which sucks, but I think we
should be very careful with replicating this design mistake with any
userspace APIs we add.
i.e. I am pretty sure that even if the underlying VM hypervisor
primitive isn't as good as we wanted, the Linux kernel→userspace API
should be built so that if one day a better VM hypervisor interface
exists it can be plugged behind it without such limitations.
> Overall, it sounds to me like the sysctl poll based kernel interface in this
> patch in combination with systemd inhibitors gives us an answer to most of
> the flows above.
As mentioned earlier, I am not convinced sysctl is the right place for
this. sysctls are understood by most people as being the place for
tweaking kernel settings. This is not a kernel setting, but a
notification concept, and the way Jason defined it there's nothing to
read nor write, which strongly suggests to move it elsewhere, but not
/proc/sys/.
Use /sys/kernel/ or so. Or maybe O_NOTIFICATION_PIPE or whatever, but
/proc/sys/ looks really wrong.
> I can see attractiveness in providing the /run/fork-id directly from the
> kernel though, to remove the dependency on systemd for poll-less
> notification of libraries.
I agree.
Lennart
--
Lennart Poettering, Berlin
next prev parent reply other threads:[~2022-05-03 8:30 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-02 14:06 [PATCH 1/2] sysctl: read() must consume poll events, not poll() Jason A. Donenfeld
2022-05-02 14:06 ` [PATCH 2/2] random: add fork_event sysctl for polling VM forks Jason A. Donenfeld
2022-05-02 15:40 ` Lennart Poettering
2022-05-02 16:12 ` Jason A. Donenfeld
2022-05-02 16:51 ` Lennart Poettering
2022-05-02 17:59 ` Alexander Graf
2022-05-02 18:29 ` Jason A. Donenfeld
2022-05-02 18:57 ` Alexander Graf
2022-05-02 20:03 ` Jason A. Donenfeld
2022-05-03 8:29 ` Lennart Poettering [this message]
2022-05-03 11:55 ` Jason A. Donenfeld
2022-05-03 12:33 ` Lennart Poettering
2022-05-02 18:04 ` Jason A. Donenfeld
2022-05-02 18:34 ` Alexander Graf
2022-05-02 18:46 ` Jason A. Donenfeld
2022-05-02 18:56 ` Alexander Graf
2022-05-02 19:27 ` Jason A. Donenfeld
2022-05-02 19:41 ` Alexander Graf
2022-05-04 15:45 ` Michael Kelley (LINUX)
2022-05-02 18:44 ` Jason A. Donenfeld
2022-05-03 7:42 ` Lennart Poettering
2022-05-03 9:08 ` Jason A. Donenfeld
2022-05-03 9:32 ` Lennart Poettering
2022-05-03 10:07 ` Jason A. Donenfeld
2022-05-03 12:42 ` Lennart Poettering
2022-05-11 0:40 ` Simo Sorce
2022-05-11 1:18 ` Jason A. Donenfeld
2022-05-11 12:59 ` Simo Sorce
2022-05-11 13:19 ` Alexander Graf
2022-05-11 13:19 ` Jason A. Donenfeld
2022-05-11 14:32 ` Simo Sorce
2022-05-11 13:20 ` Alexander Graf
2022-05-02 15:30 ` [PATCH 1/2] sysctl: read() must consume poll events, not poll() Jason A. Donenfeld
2022-05-02 15:43 ` Lennart Poettering
2022-05-03 11:27 ` Jason A. Donenfeld
2022-05-12 17:40 ` Luis Chamberlain
2022-05-12 18:29 ` Eric W. Biederman
2022-05-12 18:32 ` Jason A. Donenfeld
2022-05-12 18:22 ` Lucas De Marchi
2022-05-12 18:27 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YnDn/d6iB0aUZkWJ@gardel-login \
--to=mzxreary@0pointer.de \
--cc=Jason@zx2c4.com \
--cc=colmmacc@amazon.com \
--cc=graf@amazon.com \
--cc=gregkh@linuxfoundation.org \
--cc=htorben@amazon.co.uk \
--cc=jannh@google.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).