Re: [PATCH] cgroup/cpuset: Creating or adding CPUs to partition not allowed without privilege

Next message: Arnd Bergmann: "[PATCH] gpiolib: move legacy interface into linux/gpio/legacy.h"
Previous message: Alexandre Belloni: "Re: [PATCH v2 8/9] rtc: rv3032: switch to using FIELD_GET_SIGNED()"
In reply to: Waiman Long: "Re: [PATCH] cgroup/cpuset: Creating or adding CPUs to partition not allowed without privilege"
Next in thread: Waiman Long: "Re: [PATCH] cgroup/cpuset: Creating or adding CPUs to partition not allowed without privilege"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tejun Heo

Date: Tue Apr 28 2026 - 11:45:52 EST

Hello,

On Tue, Apr 28, 2026 at 11:19:16AM -0400, Waiman Long wrote:
...
> Thank for the comment. Yes, that can be a valid configuration.
>
> One possible workaround may be to see if the current user has write access
> to its parent partition root. If so, we can allow it to create a
> sub-partition, if not, we will forbid it.

I think this whole thing is a confusion. First of all, resource knobs in any
given cgroup is owned by the parent. Delegations where the perm to a
resource knob is given to delegatee is not supported and expected to affect
resource distribution w.r.t. its siblings. Partition isn't special in this
regard. memory.low or min can create similar effects. Maybe I'm missing
something but I don't see anything happening that's not supposed to happen.

Thanks.

--
tejun