* Alan Cox <[email protected]> wrote:
> > The simplest model is indeed child inheritance tree propagation - plus
> > perhaps the
> > ability for a thread to change its *own* PTI status, which obviously
> > doesn't
> > create any deep "process lookup" or cross-CPU complications.
> >
> > ( Note that here I only mean "simple to implement" - we might decide to not
> > offer
> > the ABI. )
>
> I still think cgroups are the best model for this. In particular it
> naturally fits things like containers, or network facing apps that fork
> helpers.
I think the suggested exec() time inheritance model would naturally also cover
cgroups (without tying the ABI to cgroups) - as containers typically get
inherited
from a single binary. A bit like how various personality bits get propagated.
Thanks,
Ingo
