[linux-audio-dev] Re: [PATCH] [request for inclusion] Realtime LSM

From: Chris Wright <chrisw@email-addr-hidden>
Date: Fri Jan 07 2005 - 22:21:17 EET

* Matt Mackall (mpm@email-addr-hidden) wrote:
> On Thu, Jan 06, 2005 at 11:54:05PM -0600, Jack O'Quin wrote:
> > Note that sched_setschedule() provides no way to handle the mlock()
> > requirement, which cannot be done from another process.
>
> I'm pretty sure that part can be done by a privileged server handing
> out mlocked shared memory segments.

It can actually be done with plain ol' rlimits (RLIMIT_MEMLOCK).

> The trouble with introducing something into the kernel is that once
> done, it can't be undone. So you're absolutely going to meet
> resistance to anything that can be a) done sufficiently in userspace
> or b) can reasonably be done in a more generic manner so as to meet
> the needs of a wider future audience. The onus is on the submitter to
> meet these requirements because we can't easily kick out a broken API
> after we accept it.

Indeed (although in this case it's not adding an API as much as using an
existing one).

thanks,
-chris

-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
Received on Sat Jan 22 20:15:32 2005

This archive was generated by hypermail 2.1.8 : Sat Jan 22 2005 - 20:15:32 EET