Modified device cgroup documentation to reflect its dual purpose without creating new cgroup subsystem for rdma. Added documentation to describe functionality and usage of device cgroup extension for RDMA. Signed-off-by: Parav Pandit <pandit.parav@xxxxxxxxx> --- Documentation/cgroups/devices.txt | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/Documentation/cgroups/devices.txt b/Documentation/cgroups/devices.txt index 3c1095c..eca5b70 100644 --- a/Documentation/cgroups/devices.txt +++ b/Documentation/cgroups/devices.txt @@ -1,9 +1,12 @@ -Device Whitelist Controller +Device Controller 1. Description: -Implement a cgroup to track and enforce open and mknod restrictions -on device files. A device cgroup associates a device access +Device controller implements a cgroup for two purposes. + +1.1 Device white list controller +It implement a cgroup to track and enforce open and mknod +restrictions on device files. A device cgroup associates a device access whitelist with each cgroup. A whitelist entry has 4 fields. 'type' is a (all), c (char), or b (block). 'all' means it applies to all types and all major and minor numbers. Major and minor are @@ -15,8 +18,15 @@ cgroup gets a copy of the parent. Administrators can then remove devices from the whitelist or add new entries. A child cgroup can never receive a device access which is denied by its parent. +1.2 RDMA device resource controller +It implements a cgroup to limit various RDMA device resources for +a controller. Such resource includes RDMA PD, CQ, AH, MR, SRQ, QP, FLOW. +It limits RDMA resources access to tasks of the cgroup across multiple +RDMA devices. + 2. User Interface +2.1 Device white list controller An entry is added using devices.allow, and removed using devices.deny. For instance @@ -33,6 +43,22 @@ will remove the default 'a *:* rwm' entry. Doing will add the 'a *:* rwm' entry to the whitelist. +2.2 RDMA device controller + +RDMA resources are limited using devices.rdma.resource.max.<resource_name>. +Doing + echo 200 > /sys/fs/cgroup/1/rdma.resource.max_qp +will limit maximum number of QP across all the process of cgroup to 200. + +More examples: + echo 200 > /sys/fs/cgroup/1/rdma.resource.max_flow + echo 10 > /sys/fs/cgroup/1/rdma.resource.max_pd + echo 15 > /sys/fs/cgroup/1/rdma.resource.max_srq + echo 1 > /sys/fs/cgroup/1/rdma.resource.max_uctx + +RDMA resource current usage can be tracked using devices.rdma.resource.usage + cat /sys/fs/cgroup/1/devices.rdma.resource.usage + 3. Security Any task can move itself between cgroups. This clearly won't -- 1.8.3.1 -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
