From: "Michal Koutný" <mkoutny@suse.com>
To: linux-kernel@vger.kernel.org, cgroups@vger.kernel.org,
bpf@vger.kernel.org
Cc: Tejun Heo <tj@kernel.org>, Aditya Kali <adityakali@google.com>,
Serge Hallyn <serge.hallyn@canonical.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Yonghong Song <yhs@fb.com>,
Muneendra Kumar <muneendra.kumar@broadcom.com>,
Yosry Ahmed <yosryahmed@google.com>, Hao Luo <haoluo@google.com>
Subject: [PATCH 0/4] Honor cgroup namespace when resolving cgroup id
Date: Fri, 26 Aug 2022 18:52:34 +0200 [thread overview]
Message-ID: <20220826165238.30915-1-mkoutny@suse.com> (raw)
Cgroup id is becoming a new way for userspace how to refer to cgroups it
wants to act upon. As opposed to cgroupfs (paths, opened FDs), the
current approach does not reflect limited view by (non-init) cgroup
namespaces.
This patches don't aim to limit what a user can do (consider an uid=0 in
mere cgroup namespace) but to provide consistent view within a
namespace.
The series is based on bpf-next with the new cgroup_iter. I've only
boot-tested it (especially I didn't run the BPF selftest).
Michal Koutný (4):
cgroup: Honor caller's cgroup NS when resolving path
cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
cgroup: Homogenize cgroup_get_from_id() return value
cgroup/bpf: Honor cgroup NS in cgroup_iter for ancestors
block/blk-cgroup-fc-appid.c | 4 +--
include/linux/cgroup.h | 8 +++---
kernel/bpf/cgroup_iter.c | 9 ++++---
kernel/cgroup/cgroup.c | 53 ++++++++++++++++++++++++++++---------
mm/memcontrol.c | 4 +--
5 files changed, 54 insertions(+), 24 deletions(-)
base-commit: 343949e10798a52c6d6a14effc962e010ed471ae
--
2.37.0
WARNING: multiple messages have this Message-ID (diff)
From: "Michal Koutný" <mkoutny@suse.com>
To: linux-kernel@vger.kernel.org, cgroups@vger.kernel.org,
bpf@vger.kernel.org
Cc: Tejun Heo <tj@kernel.org>, Aditya Kali <adityakali@google.com>,
Serge Hallyn <serge.hallyn@canonical.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Yonghong Song <yhs@fb.com>,
Muneendra Kumar <muneendra.kumar@broadcom.com>,
Yosry Ahmed <yosryahmed@google.com>, Hao Luo <haoluo@google.com>
Subject: [PATCH 0/4] Honor cgroup namespace when resolving cgroup id
Date: Fri, 26 Aug 2022 18:52:34 +0200 [thread overview]
Message-ID: <20220826165238.30915-1-mkoutny@suse.com> (raw)
Cgroup id is becoming a new way for userspace how to refer to cgroups it
wants to act upon. As opposed to cgroupfs (paths, opened FDs), the
current approach does not reflect limited view by (non-init) cgroup
namespaces.
This patches don't aim to limit what a user can do (consider an uid=0 in
mere cgroup namespace) but to provide consistent view within a
namespace.
The series is based on bpf-next with the new cgroup_iter. I've only
boot-tested it (especially I didn't run the BPF selftest).
Michal Koutn√Ω (4):
cgroup: Honor caller's cgroup NS when resolving path
cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
cgroup: Homogenize cgroup_get_from_id() return value
cgroup/bpf: Honor cgroup NS in cgroup_iter for ancestors
block/blk-cgroup-fc-appid.c | 4 +--
include/linux/cgroup.h | 8 +++---
kernel/bpf/cgroup_iter.c | 9 ++++---
kernel/cgroup/cgroup.c | 53 ++++++++++++++++++++++++++++---------
mm/memcontrol.c | 4 +--
5 files changed, 54 insertions(+), 24 deletions(-)
base-commit: 343949e10798a52c6d6a14effc962e010ed471ae
--
2.37.0
next reply other threads:[~2022-08-26 16:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-26 16:52 Michal Koutný [this message]
2022-08-26 16:52 ` [PATCH 0/4] Honor cgroup namespace when resolving cgroup id Michal Koutný
2022-08-26 16:52 ` [PATCH 1/4] cgroup: Honor caller's cgroup NS when resolving path Michal Koutný
2022-08-26 16:52 ` Michal Koutný
2022-08-26 16:52 ` [PATCH 2/4] cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id Michal Koutný
2022-08-26 16:52 ` Michal Koutný
2022-08-26 16:52 ` [PATCH 3/4] cgroup: Homogenize cgroup_get_from_id() return value Michal Koutný
2022-08-26 16:52 ` Michal Koutný
2022-08-26 16:52 ` [PATCH 4/4] cgroup/bpf: Honor cgroup NS in cgroup_iter for ancestors Michal Koutný
2022-08-26 16:52 ` Michal Koutný
2022-08-26 17:41 ` Yosry Ahmed
2022-08-29 12:59 ` Michal Koutný
2022-08-29 12:59 ` Michal Koutný
2022-08-29 17:30 ` Yosry Ahmed
2022-08-29 17:30 ` Yosry Ahmed
2022-08-29 17:49 ` Tejun Heo
2022-08-29 18:02 ` Hao Luo
2022-08-26 20:59 ` [PATCH 0/4] Honor cgroup namespace when resolving cgroup id Tejun Heo
2022-08-26 21:08 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220826165238.30915-1-mkoutny@suse.com \
--to=mkoutny@suse.com \
--cc=adityakali@google.com \
--cc=bpf@vger.kernel.org \
--cc=cgroups@vger.kernel.org \
--cc=haoluo@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=muneendra.kumar@broadcom.com \
--cc=roman.gushchin@linux.dev \
--cc=serge.hallyn@canonical.com \
--cc=tj@kernel.org \
--cc=yhs@fb.com \
--cc=yosryahmed@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.