Re: 2.6.11-rc3-mm2

From: Matt Mackall
Date: Fri Feb 11 2005 - 12:55:29 EST

Next message: Paul Davis: "Re: 2.6.11-rc3-mm2"
Previous message: Paul Davis: "Re: 2.6.11-rc3-mm2"
In reply to: Ingo Molnar: "Re: 2.6.11-rc3-mm2"
Next in thread: Ingo Molnar: "Re: 2.6.11-rc3-mm2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 11, 2005 at 10:53:27AM +0100, Ingo Molnar wrote:
>
> * Matt Mackall <mpm@xxxxxxxxxxx> wrote:
>
> > On Fri, Feb 11, 2005 at 09:59:42AM +0100, Ingo Molnar wrote:
> > >
> > > think of SCHED_FIFO on the desktop as an ugly wart, a hammer, that
> > > destroys the careful balance of priorities of SCHED_OTHER tasks. Yes, it
> > > can be useful if you _need_ a scheduling guarantee due to physical
> > > constraints, and it can be useful if the hardware (or the kernel) cannot
> > > buffer enough, but otherwise, it only causes problems.
> >
> > Agreed. I think something short of full SCHED_FIFO will make most
> > desktop folks happy. [...]
>
> ah, but it's not the desktop folks who have to be happy but users :-)
> Really, if you ask any app designer then obviously 'the more CPU time we
> get for sure, the better our app behaves'. So in that sense SCHED_OTHER
> is a fair playground: if you behave nicely you'll have higher priority
> and shorter latencies.
>
> (there are things like SCHED_ISO but how good of a solution they are is
> not yet clear.)
>
> > [...] But a) we still have to figure out exactly how to do that and b)
> > we still have to make everyone else happy. The embedded folks (me
> > included) would prefer to not run our realtime bits as root too..
>
> you dont have to - you can drop root after startup.
>
> > > but i'm not sure how rlimits will contain the whole problem - can
> > > rlimits be restricted to a single app (jackd)?
> >
> > Yes. There's also the whole soft limit thing.
>
> i'm curious, how does this 'per-app' rlimit thing work? If a user has
> jackd installed and runs it from X unprivileged, how does it get the
> elevated rlimit?

It needs a setuid launcher. It would be nice to be able to elevate the
rlimits of running processes but the API doesn't exist yet.

>From the POV of accidental elevation to RT, soft limits are
sufficient. But we can't stop a user from exploiting an app they own
with RT privileges from elevating other apps via ptrace+exec or
whatever. Nor with RT-LSM.

> (while the rest of his desktop still runs with a safe
> rlimit.) SELinux/RT-LSM could do this, but i'm not sure about how
> rlimits give this to you.

How does it get done with RT-LSM? Setgid binaries? It only
discriminates on a group granularity. Or are you saying "and SELinux"
rather than "or SELinux"?

--
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paul Davis: "Re: 2.6.11-rc3-mm2"
Previous message: Paul Davis: "Re: 2.6.11-rc3-mm2"
In reply to: Ingo Molnar: "Re: 2.6.11-rc3-mm2"
Next in thread: Ingo Molnar: "Re: 2.6.11-rc3-mm2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]