1. Patchew
  2. linux
  3. View series

[PATCH v2] cgroup/cpuset: Clarify the delegation rules of partition

Waiman Long posted 1 patch 1 month, 2 weeks ago 
Documentation/admin-guide/cgroup-v2.rst | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
[PATCH v2] cgroup/cpuset: Clarify the delegation rules of partition
Posted by Waiman Long 1 month, 2 weeks ago 
Creation of remote partition is currently not allowed without privilege.
On the other hand, creation of local partition is allowed without
privilege as long as its parent is also a partition root.

The current setup allows a delegator to delegate an exclusive set of
CPUs to the delegatee by making the root of a delegated sub-hierarchy
a partition root. The delegatee is then allowed to create a local
sub-partition underneath it if necessary. Creation of a remote
partition is not currently allowed across delegation boundary without
privilege. Clarify the partition delegation rules by stating the current
behavior in cgroup-v2.rst file.

Signed-off-by: Waiman Long <longman@redhat.com>
---
 Documentation/admin-guide/cgroup-v2.rst | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst
index 6efd0095ed99..5b4ebde6fffe 100644
--- a/Documentation/admin-guide/cgroup-v2.rst
+++ b/Documentation/admin-guide/cgroup-v2.rst
@@ -2599,8 +2599,7 @@ Cpuset Interface Files
 
   cpuset.cpus.partition
 	A read-write single value file which exists on non-root
-	cpuset-enabled cgroups.  This flag is owned by the parent cgroup
-	and is not delegatable.
+	cpuset-enabled cgroups.
 
 	It accepts only the following input values when written to.
 
@@ -2708,6 +2707,15 @@ Cpuset Interface Files
 	their parent is switched back to a partition root with a proper
 	value in "cpuset.cpus" or "cpuset.cpus.exclusive".
 
+	This file is owned by the parent cgroup and is not delegatable.
+	The delegator can delegate an exclusive set of CPUs to the
+	delegatee by making the root of a delegated sub-hierarchy a
+	partition root. The delegatee is then allowed to create a local
+	sub-partition underneath it if needed. The delegator should
+	not set "cpuset.cpus.exclusive" at the root without making it
+	a partition root as the creation of remote partition is not
+	allowed without privilege.
+
 	Poll and inotify events are triggered whenever the state of
 	"cpuset.cpus.partition" changes.  That includes changes caused
 	by write to "cpuset.cpus.partition", cpu hotplug or other
-- 
2.53.0
Re: [PATCH v2] cgroup/cpuset: Clarify the delegation rules of partition
Posted by Michal Koutný 1 month, 2 weeks ago 
On Tue, Apr 28, 2026 at 02:09:35PM -0400, Waiman Long <longman@redhat.com> wrote:
> Creation of remote partition is currently not allowed without privilege.
> On the other hand, creation of local partition is allowed without
> privilege as long as its parent is also a partition root.
> 
> The current setup allows a delegator to delegate an exclusive set of
> CPUs to the delegatee by making the root of a delegated sub-hierarchy
> a partition root. The delegatee is then allowed to create a local
> sub-partition underneath it if necessary. Creation of a remote
> partition is not currently allowed across delegation boundary without
> privilege. Clarify the partition delegation rules by stating the current
> behavior in cgroup-v2.rst file.
> 
> Signed-off-by: Waiman Long <longman@redhat.com>
> ---
>  Documentation/admin-guide/cgroup-v2.rst | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)

After Tejun pointed out that other generic paragraph:
| This means that the controller interface files - anything which
| doesn't start with "cgroup." are owned by the parent rather than the
| cgroup itself.

I think the extra words may only increase confusion (and constrain
generic changes). So it was a good exercise but nothing needs to be
necessarily changed regarding this behaivor or its docs.

Michal
Re: [PATCH v2] cgroup/cpuset: Clarify the delegation rules of partition
Posted by Waiman Long 1 month, 2 weeks ago 
On 4/30/26 3:46 PM, Michal Koutný wrote:
> On Tue, Apr 28, 2026 at 02:09:35PM -0400, Waiman Long <longman@redhat.com> wrote:
>> Creation of remote partition is currently not allowed without privilege.
>> On the other hand, creation of local partition is allowed without
>> privilege as long as its parent is also a partition root.
>>
>> The current setup allows a delegator to delegate an exclusive set of
>> CPUs to the delegatee by making the root of a delegated sub-hierarchy
>> a partition root. The delegatee is then allowed to create a local
>> sub-partition underneath it if necessary. Creation of a remote
>> partition is not currently allowed across delegation boundary without
>> privilege. Clarify the partition delegation rules by stating the current
>> behavior in cgroup-v2.rst file.
>>
>> Signed-off-by: Waiman Long <longman@redhat.com>
>> ---
>>   Documentation/admin-guide/cgroup-v2.rst | 12 ++++++++++--
>>   1 file changed, 10 insertions(+), 2 deletions(-)
> After Tejun pointed out that other generic paragraph:
> | This means that the controller interface files - anything which
> | doesn't start with "cgroup." are owned by the parent rather than the
> | cgroup itself.
>
> I think the extra words may only increase confusion (and constrain
> generic changes). So it was a good exercise but nothing needs to be
> necessarily changed regarding this behaivor or its docs.

That is fine. This doc change is optional and I agree that we may want 
more flexibility in case we change the behavior in the future.

Cheers,
Longman

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.