Re: cgroup: status-quo and userland efforts

From: David Lang
Date: Wed Mar 04 2015 - 15:08:34 EST


On Wed, 4 Mar 2015, Luke Kenneth Casson Leighton wrote:


and why he concludes that having a single hierarchy for all resource types.

correcting to add "is not always a good idea"


i think.... having a single hierarchy is fine *if* and only if it is
possible to overlay something similar to SE/Linux policy files -
enforced by the kernel *not* by userspace (sorry serge!) - such that
through those policy files any type of hierarchy be it single or multi
layer, recursive or in fact absolutely anything, may be emulated and
properly enforced.

The fundamental problem is that sometimes you have types of controls that are orthoginal to each other, and you either manage the two types of things in separate hierarchies, or you end up with one hierarchy that is a permutation of all the combinations of what would have been separate hierarchies.

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/