On Tue, Dec 1, 2020 at 11:55 PM Peter Zijlstra <[email protected]> wrote: > > Then disallow sharing a task cookie when the tasks are in different > cgroups or disallow cgroup movement when they share a cookie.
Yes, we could restrict task cookie sharing to tasks that are in the same cgroup. Then the cookie easily just becomes a single value; either the task cookie or group cookie. The advantage of the approach with the cookie struct is that it is easily extensible, and allows for trust models that don't conform exactly to the cgroup hierarchy (ie. our discussion on cookie color). The overhead of the approach seems tolerable, given that updates to a task's cookie are not in fast paths (ie. prctl, setting cgroup cookie, sched_move_task). Are you more concerned with the added complexity of maintaining the RB tree, refcounts, etc?
