Re: [PATCH 1/1] psi: remove 500ms min window size limitation for triggers

From: Michal Hocko
Date: Thu Mar 02 2023 - 12:39:54 EST


On Thu 02-03-23 08:08:38, Suren Baghdasaryan wrote:
> On Thu, Mar 2, 2023 at 5:58 AM Michal Hocko <mhocko@xxxxxxxx> wrote:
> >
> > On Wed 01-03-23 11:34:03, Suren Baghdasaryan wrote:
> > > Current 500ms min window size for psi triggers limits polling interval
> > > to 50ms to prevent polling threads from using too much cpu bandwidth by
> > > polling too frequently. However the number of cgroups with triggers is
> > > unlimited, so this protection can be defeated by creating multiple
> > > cgroups with psi triggers (triggers in each cgroup are served by a single
> > > "psimon" kernel thread).
> > > Instead of limiting min polling period, which also limits the latency of
> > > psi events, it's better to limit psi trigger creation to authorized users
> > > only, like we do for system-wide psi triggers (/proc/pressure/* files can
> > > be written only by processes with CAP_SYS_RESOURCE capability). This also
> > > makes access rules for cgroup psi files consistent with system-wide ones.
> > > Add a CAP_SYS_RESOURCE capability check for cgroup psi file writers and
> > > remove the psi window min size limitation.
> > >
> > > Suggested-by: Sudarshan Rajagopalan <quic_sudaraja@xxxxxxxxxxx>
> > > Link: https://lore.kernel.org/all/cover.1676067791.git.quic_sudaraja@xxxxxxxxxxx/
> > > Signed-off-by: Suren Baghdasaryan <surenb@xxxxxxxxxx>
> >
> > Acked-by: Michal Hocko <mhocko@xxxxxxxx>
> >
> > with this to fix
> > [...]
> > > @@ -1278,8 +1277,7 @@ struct psi_trigger *psi_trigger_create(struct psi_group *group,
> > > if (state >= PSI_NONIDLE)
> > > return ERR_PTR(-EINVAL);
> > >
> > > - if (window_us < WINDOW_MIN_US ||
> > > - window_us > WINDOW_MAX_US)
> > > + if (window_us <= 0 || window_us > WINDOW_MAX_US)
> > > return ERR_PTR(-EINVAL);
> >
> > window_us is u32 sp the check for <= 0 doesn't make any sense.
>
> Completely missed that. Will change to == 0 and post the new version.

I was about to asky check for 0 actually matters but maybe a future
extension might give it a special meaning so it is likely a good idea to
EINVAL on 0 now.

You can keep my ack on that change
--
Michal Hocko
SUSE Labs