[linux-audio-dev] Re: [Jackit-devel] Re: POSIX caps/realtime/root processes

New Message Reply About this list Date view Thread view Subject view Author view Other groups

Subject: [linux-audio-dev] Re: [Jackit-devel] Re: POSIX caps/realtime/root processes
From: Fernando Pablo Lopez-Lezcano (nando_AT_ccrma.stanford.edu)
Date: Mon Nov 17 2003 - 06:43:26 EET


> Paul Davis:
> > >Since mainstream capabilities support seems always to be somewhere
> > >over the horizon, I am interested in the patch Paul and Steve
> > >mentioned. IIUC, it defines a control file in /proc which, if
> > >enabled, allows any process access to scheduling and memory locking
> > >privileges. No other capabilities are provided. I would love to see
> > >a copy of this patch to study exactly what it does.
> >
> > its a very simple patch, IIRC. it just short-circuits the checks on
> > uid==0 and/or capabilities when assigning SCHED_FIFO and/or locking
> > memory.
> >
> > i'm looking for it in my archives. i'm a bit worried i may have
>
> I couldn't wait til you found it, so I wrote one from scratch instead. :)
> The url below point to a hackish patch againt 2.4.23-rc1, and yes, it is
> very simple. Works by setting /proc/sys/kernel/setschedandmlock to 1.
> http://www.notam02.no/arkiv/src/schedmlockpatch-2.4.23-rc1

Hey! Good! I'm very tempted to add it to the Planet CCRMA kernels right
away :-)

Has it seen much testing? Not that something so simple would require a
lot of testing, of course. I'm trying to think of potential problems
(over the use of capabilities) and can't think of anything. The only
that would occur to me is that access to SCHED_FIFO would be more
universal whereas with capabilities, programs like givertcap or
jackstart are required.

-- Fernando


New Message Reply About this list Date view Thread view Subject view Author view Other groups

This archive was generated by hypermail 2b28 : Mon Nov 17 2003 - 06:44:21 EET