diff options
| author | Serge E. Hallyn <serue@us.ibm.com> | 2008-12-08 16:52:21 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-12-08 17:25:53 -0500 |
| commit | 94d6a5f7341ebaff53d4e41cc81fab37f0d9fbed (patch) | |
| tree | 07b4a016a50f1cc42c6295ec387a26d1a4481381 | |
| parent | 7657d90497f98426af17f0ac633a9b335bb7a8fb (diff) | |
user namespaces: document CFS behavior
Documented the currently bogus state of support for CFS user groups with
user namespaces. In particular, all users in a user namespace should be
children of the user which created the user namespace. This is yet to
be implemented.
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: Dhaval Giani <dhaval@linux.vnet.ibm.com>
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
| -rw-r--r-- | Documentation/scheduler/sched-design-CFS.txt | 21 | ||||
| -rw-r--r-- | kernel/user.c | 8 |
2 files changed, 28 insertions, 1 deletions
diff --git a/Documentation/scheduler/sched-design-CFS.txt b/Documentation/scheduler/sched-design-CFS.txt index eb471c7a905e..8398ca4ff4ed 100644 --- a/Documentation/scheduler/sched-design-CFS.txt +++ b/Documentation/scheduler/sched-design-CFS.txt | |||
| @@ -273,3 +273,24 @@ task groups and modify their CPU share using the "cgroups" pseudo filesystem. | |||
| 273 | 273 | ||
| 274 | # #Launch gmplayer (or your favourite movie player) | 274 | # #Launch gmplayer (or your favourite movie player) |
| 275 | # echo <movie_player_pid> > multimedia/tasks | 275 | # echo <movie_player_pid> > multimedia/tasks |
| 276 | |||
| 277 | 8. Implementation note: user namespaces | ||
| 278 | |||
| 279 | User namespaces are intended to be hierarchical. But they are currently | ||
| 280 | only partially implemented. Each of those has ramifications for CFS. | ||
| 281 | |||
| 282 | First, since user namespaces are hierarchical, the /sys/kernel/uids | ||
| 283 | presentation is inadequate. Eventually we will likely want to use sysfs | ||
| 284 | tagging to provide private views of /sys/kernel/uids within each user | ||
| 285 | namespace. | ||
| 286 | |||
| 287 | Second, the hierarchical nature is intended to support completely | ||
| 288 | unprivileged use of user namespaces. So if using user groups, then | ||
| 289 | we want the users in a user namespace to be children of the user | ||
| 290 | who created it. | ||
| 291 | |||
| 292 | That is currently unimplemented. So instead, every user in a new | ||
| 293 | user namespace will receive 1024 shares just like any user in the | ||
| 294 | initial user namespace. Note that at the moment creation of a new | ||
| 295 | user namespace requires each of CAP_SYS_ADMIN, CAP_SETUID, and | ||
| 296 | CAP_SETGID. | ||
diff --git a/kernel/user.c b/kernel/user.c index 6c924bc48c08..6608a3d8ca61 100644 --- a/kernel/user.c +++ b/kernel/user.c | |||
| @@ -239,7 +239,13 @@ static struct kobj_type uids_ktype = { | |||
| 239 | .release = uids_release, | 239 | .release = uids_release, |
| 240 | }; | 240 | }; |
| 241 | 241 | ||
| 242 | /* create /sys/kernel/uids/<uid>/cpu_share file for this user */ | 242 | /* |
| 243 | * Create /sys/kernel/uids/<uid>/cpu_share file for this user | ||
| 244 | * We do not create this file for users in a user namespace (until | ||
| 245 | * sysfs tagging is implemented). | ||
| 246 | * | ||
| 247 | * See Documentation/scheduler/sched-design-CFS.txt for ramifications. | ||
| 248 | */ | ||
| 243 | static int uids_user_create(struct user_struct *up) | 249 | static int uids_user_create(struct user_struct *up) |
| 244 | { | 250 | { |
| 245 | struct kobject *kobj = &up->kobj; | 251 | struct kobject *kobj = &up->kobj; |