Re: [PATCH -tip 23/32] sched: Add a per-thread core scheduling interface

From: Joel Fernandes
Date: Tue Dec 01 2020 - 14:37:51 EST


On Wed, Nov 25, 2020 at 02:08:08PM +0100, Peter Zijlstra wrote:
> On Tue, Nov 17, 2020 at 06:19:53PM -0500, Joel Fernandes (Google) wrote:
> > +/* Called from prctl interface: PR_SCHED_CORE_SHARE */
> > +int sched_core_share_pid(pid_t pid)
> > +{
> > + struct task_struct *task;
> > + int err;
> > +
> > + if (pid == 0) { /* Recent current task's cookie. */
> > + /* Resetting a cookie requires privileges. */
> > + if (current->core_task_cookie)
> > + if (!capable(CAP_SYS_ADMIN))
> > + return -EPERM;
>
> Coding-Style fail.
>
> Also, why?!? I realize it is true for your case, because hardware fail.
> But in general this just isn't true. This wants to be some configurable
> policy.

True. I think me and you discussed eons ago though that it needs to
privileged. For our case, actually we use seccomp so we don't let
untrusted task set a cookie anyway, let alone reset it. We do it before we
enter the seccomp sandbox. So we don't really need this security check here.

Since you dislike this part of the patch, I am Ok with just dropping it as
below:

---8<-----------------------

diff --git a/kernel/sched/coretag.c b/kernel/sched/coretag.c
index 8fce3f4b7cae..9b587a1245f5 100644
--- a/kernel/sched/coretag.c
+++ b/kernel/sched/coretag.c
@@ -443,11 +443,7 @@ int sched_core_share_pid(pid_t pid)
struct task_struct *task;
int err;

- if (pid == 0) { /* Recent current task's cookie. */
- /* Resetting a cookie requires privileges. */
- if (current->core_task_cookie)
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
+ if (!pid) { /* Reset current task's cookie. */
task = NULL;
} else {
rcu_read_lock();