On Thu, Dec 19, 2019 at 03:07:18PM -0500, Johannes Weiner <hannes@xxxxxxxxxxx> wrote: > Unfortunately, this limitation makes it impossible to protect an > entire subtree from another without forcing the user to make explicit > protection allocations all the way to the leaf cgroups - something > that is highly undesirable in real life scenarios. I see that the jobs in descedant cgroups don't know (or care) what protection is above them and hence the implicit distribution is sensible here. However, the protection your case requires can already be reached thanks to the the hierachical capping and overcommit normalization -- you can set memory.low to "max" at all the non-caring descendants. IIUC, that is the same as setting zeroes (after your patch) and relying on the recursive distribution of unused protection -- or is there a mistake in my reasoning? So in my view, the recursive distribution doesn't bring anything new, however, its new semantics of memory.low doesn't allow turning the protection off in a protected subtree (delegating the decision to distribute protection within parent bounds is IMO a valid use case). Regards, Michal
