Re: [PATCH v6 3/4] cgroup: add xattr support

From: Tejun Heo
Date: Thu Aug 16 2012 - 16:00:11 EST

Next message: Theodore Ts'o: "Re: ext4fs error "ext4_mb_generate_buddy:741:group 16, 8160 clustersin bitmap, 4064 in gd" (with repro)"
Previous message: Mimi Zohar: "Re: [RFC v2 6/7] modsig: initialize the _module public key keyring"
In reply to: aris: "[PATCH v6 3/4] cgroup: add xattr support"
Next in thread: Lennart Poettering: "Re: [PATCH v6 3/4] cgroup: add xattr support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 16, 2012 at 01:44:56PM -0400, aris@xxxxxxxxxx wrote:
> From: Li Zefan <lizefan@xxxxxxxxxx>
>
> This is one of the items in the plumber's wish list.
>
> For use cases:
>
> >> What would the use case be for this?
> >
> > Attaching meta information to services, in an easily discoverable
> > way. For example, in systemd we create one cgroup for each service, and
> > could then store data like the main pid of the specific service as an
> > xattr on the cgroup itself. That way we'd have almost all service state
> > in the cgroupfs, which would make it possible to terminate systemd and
> > later restart it without losing any state information. But there's more:
> > for example, some very peculiar services cannot be terminated on
> > shutdown (i.e. fakeraid DM stuff) and it would be really nice if the
> > services in question could just mark that on their cgroup, by setting an
> > xattr. On the more desktopy side of things there are other
> > possibilities: for example there are plans defining what an application
> > is along the lines of a cgroup (i.e. an app being a collection of
> > processes). With xattrs one could then attach an icon or human readable
> > program name on the cgroup.
> >
> > The key idea is that this would allow attaching runtime meta information
> > to cgroups and everything they model (services, apps, vms), that doesn't
> > need any complex userspace infrastructure, has good access control
> > (i.e. because the file system enforces that anyway, and there's the
> > "trusted." xattr namespace), notifications (inotify), and can easily be
> > shared among applications.
> >
> > Lennart
>
> v6:
> - remove user xattr namespace, only allow trusted and security
> v5:
> - check for capabilities before setting/removing xattrs
> v4:
> - no changes
> v3:
> - instead of config option, use mount option to enable xattr support
>
> Cc: Li Zefan <lizefan@xxxxxxxxxx>
> Cc: Tejun Heo <tj@xxxxxxxxxx>
> Cc: Hugh Dickins <hughd@xxxxxxxxxx>
> Cc: Hillf Danton <dhillf@xxxxxxxxx>
> Cc: Lennart Poettering <lpoetter@xxxxxxxxxx>
> Signed-off-by: Li Zefan <lizefan@xxxxxxxxxx>
> Signed-off-by: Aristeu Rozanski <aris@xxxxxxxxxx>

I'm not against this but unsure whether using kmem is enough for the
suggested use case. Lennart, would this suit systemd? How much
metadata are we talking about?

Thanks.

--
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Theodore Ts'o: "Re: ext4fs error "ext4_mb_generate_buddy:741:group 16, 8160 clustersin bitmap, 4064 in gd" (with repro)"
Previous message: Mimi Zohar: "Re: [RFC v2 6/7] modsig: initialize the _module public key keyring"
In reply to: aris: "[PATCH v6 3/4] cgroup: add xattr support"
Next in thread: Lennart Poettering: "Re: [PATCH v6 3/4] cgroup: add xattr support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]