Hello, Waiman.
On Tue, Nov 30, 2021 at 10:35:19AM -0500, Waiman Long wrote:
On read, the "cpuset.cpus.partition" file can show the following values.
====================== ============================== "member" Non-root member of a partition "root" Partition root "isolated" Partition root without load balancing "root invalid (<reason>)" Invalid partition root ====================== ==============================
What happens if an isolated domain becomes invalid and then valid again due to cpu hotplug? Does it go "root invalid" and then back to "isolated"?
...
Before the "member" to partition root transition can happen, the following conditions must be met or the transition will not be allowed.
1) The "cpuset.cpus" is non-empty and exclusive, i.e. they are not shared by any of its siblings. 2) The parent cgroup is a valid partition root. 3) The "cpuset.cpus" is a subset of parent's "cpuset.cpus". 4) There is no child cgroups with cpuset enabled. This avoids cpu migrations of multiple cgroups simultaneously which can be problematic.
So, I still have a hard time justifying the above restrictions. 1) can be broken through hotplug anyway. 2) can be broken by the parent switching to member. 3) would mean that we'd need to restrict parent's config changes depending on what children are doing. 4) is more understandable but it's an implementation detail that we can address in the future.
Once becoming a partition root, the following two rules restrict what changes can be made to "cpuset.cpus".
1) The value must be exclusive. 2) If child cpusets exist, the value must be a superset of what are defined in the child cpusets.
The second rule applies even for "member". Other changes to "cpuset.cpus" that do not violate the above rules are always allowed.
While it isn't necessarily tied to this series, it's a big no-no to restrict what a parent can do depending on what its descendants are doing. A cgroup higher up in the hierarchy should be able to change configuration however it sees fit as deligation breaks down otherwise.
Maybe you can argue that cpuset is special and shouldn't be subject to such convention but I can't see strong enough justifications especially given that most of these restrictions can be broken by hotplug operations anyway and thus need code to handle those situations.
Changing a partition root (valid or invalid) to "member" is always allowed. If there are child partition roots underneath it, however, they will be forced to be switched back to "member" too and lose their partitions. So care must be taken to double check for this condition before disabling a partition root.
Wouldn't it make more sense for them to retain their configuration and turn invalid? Why is this special?
A valid parent partition may distribute out all its CPUs to its child partitions as long as it is not the root cgroup and there is no task associated with it.
A valid parent partition which isn't root never has tasks in them to begin with.
An invalid partition root can be reverted back to a valid one if none of the validity constraints of a valid partition root are violated.
Poll and inotify events are triggered whenever the state of "cpuset.cpus.partition" changes. That includes changes caused by write to "cpuset.cpus.partition", cpu hotplug and other changes that make the partition invalid. This will allow user space agents to monitor unexpected changes to "cpuset.cpus.partition" without the need to do continuous polling.
Unfortunately, my sense is still that both the restrictions and behaviors are pretty arbitrary. I can somewhat see how the restrictions may make sense in a specific frame of mind but am having a hard time finding strong enough justifications for them. There are many really specific rules and it isn't clear why they are the way they are.
Thanks.