Linux-audio-dev November 2003

linux-audio-dev@lists.linuxaudio.org

84 participants
92 discussions

[linux-audio-dev] Linux Security Module for realtime audio

by Jack O'Quin

I am cross-posting this to LAD, hoping to get some useful feedback. Paul Davis <paul(a)linuxaudiosystems.com> writes: > about that patch ... torben hohn wrote, some time ago on LAD (see his > comment at the end). does anyone have time to check on this? > > Have a look at linux security modules. In the 2.5 kernel the > > patch you propose is not a patch, it is a kernel module. I spent some time last night looking at... (*) linux-2.6.0-test9 kernel sources (from Debian) (*) SELinux 2.60-test6 sources from NSA, http://www.nsa.gov/selinux (*) the Linux Security Modules web site http://lsm.immunix.org As always with the web it's hard to tell the real stuff from the vaporware. But, this stuff looks real to me. :-) SELinux (Security-Enhanced Linux) is NSA's research project for implementing DoD Orange-book security features as a pluggable kernel module. Almost all of the SELinux modularization changes are present in linux-2.6.0-test9. Their entire compressed patch for the 2.6.0-test6 kernel was only 1889 bytes containing 189 lines of context diffs. By comparison, they also distribute an SELinux patch for 2.4.21, which is 209KB (compressed) containing almost 36,000 lines of context diffs. Internally, the 2.6 kernel exclusively uses `if(capable(CAP_foo))' tests, AFAICT. That was already (mostly) true of 2.4. In 2.6, there are pluggable security modules to control the semantics of these tests. The vanilla test9 kernel includes a small example security module, `security/root_plug.c', which tests for the presence of a specific USB device at exec time, only allowing setuid if it is present. It is only 143 lines long. Domain and Type Enforcement (DTE) is another project using a loadable security module. It seems to be aimed at Mandatory Access Controls for partitioning the file access capabilities of root processes. The idea is to run root daemons in a "Domain" that lacks the ability to modify important system files like /bin/login and /etc/passwd, frequent targets for evil crackers exploiting buffer overflows in their victim daemons. ;-) This leads me to believe that 2.6 *does* permit one to write a kernel security module for selectively granting realtime permissions to certain processes. The mechanisms provided are far more powerful than necessary for that simple application. I don't know exactly what realtime security policy should be implemented and how the underlying mechanisms ought to be used, though I have some ideas. But, the first step is to figure out if someone is already working on this. My late-night googling didn't discover any existing project, but surely someone is doing it by now. If not, I think we should consider building and distributing one as part of JACK. Comments? -- joq

21 years

[linux-audio-dev] new linux audio hardware company

by Patrick Shirkey

> http://www.museresearch.com >check the "technology->architecture" page (Flash). they are running >linux. they also run VST plugins. how? what's going on ... Just wondering if anyone asked them why they claim to be "license free"? -- Patrick Shirkey - Boost Hardware Ltd. Http://www.boosthardware.com Http://www.djcj.org - The Linux Audio Users guide ======================================== Apparently upon the beginning of the barrage, the donkey broke discipline and panicked, toppling the cart. At that point, the rockets disconnected from the timer, leaving them strewn around the street. Tethered to the now toppled cart, the donkey was unable to escape before the arrival of U.S. troops. United Press International Rockets on donkeys hit major Baghdad sites By P. MITCHELL PROTHERO Published 11/21/2003 11:13 AM

21 years

[linux-audio-dev] another kernel patch?

by Paul Davis

while we're discussing various kernel security patches to facilitate easier access to SCHED_FIFO/mlockall, i have another idea for a patch that some people *might* like. a new system call. call it "switch_to()". takes a PID (actually, it needs some kind of TID), and does something very similar to sched_yield() except instead of giving up the processor to whatever the scheduler thinks is right, it yields to the specific process/thread. security: the target thread has to be using the same RT scheduling policy (FIFO or RR) as the initiating thread. this means that it can only be used to cause denial-of-service attacks that were already trivial (because SCHED_FIFO was already available to the initiating thread). this could be used to completely short-circuit the FIFO mechanism used by JACK in favor of completely deterministic, FS-lock-free system. when you add in stuff like this (from ingo, discussing NPTL): our kernel thread context switch latency is below 1 usec on a typical P4 box, so our NPT library should compare pretty favorably even in such benchmarks. We get from the pthread_create() call to the first user instruction of the specified thread-function code in less than 2 usecs, and we get from pthread_exit() to the thread that does the pthread_join() in less than 2 usecs as well - all of these operations are done via a single system-call and a single context switch. you end up with a truly superb architecture for the kind of thing we're doing with JACK already. however, note this comment from ingo as well, which i consider short-sighted, and is part of the reason for my thinking about switch_to(): M:N's big mistake is that it concentrates on what matters the least: useruser context switches. Nothing really wants to do that. And if it does, it's contended on some userspace locking object, at which point it doesnt really matter whether the cost of switching is 1 usec or 0.5 usecs, the main application cost is the lost paralellism and increased cache trashing due to the serialization - independently of what kind of threading abstraction is used. any thoughts? adding a syscall is a pretty trivial patch to create. --p

21 years

[linux-audio-dev] [OT] linux audio on PPCi

by vincent.touquet＠pandora.be

I am contemplating buying a laptop of some sort, to develop on. I was wondering how many of you are using an x86 laptop and how many are using a ppc laptop :) It looks to me as if Apples laptops are rock solid and don't suffer from buggy ACPI to start with. Or is this extra quality just a myth ? I know some applications are not ported yet to ppc and suffer from x86-isms, but that should be fixable I guess :) anyway, thanks for your input, v

21 years

[linux-audio-dev] ANN: Jack+gtk2 connections menu

by Patrick Shirkey

Greetings, Last week Jack O'Quin and I finished off the first version of a handy addition to the JAMin gui. It is a gtk2 menu for connecting JACK i/o ports. Similar to what we have seen in audio programs on other platforms. You can find it in the cvs now. It is called io-menu.c io-menu.h There are instructions for how to integrate it at the top of the .c file. I already added it to jackEQ and it was a painless process. We have tried to make it as self contained as possible to make it easy for gtk2 developers to use. It should also be a handy reference for developers using other gui toolkits. Rgds. -- Patrick Shirkey - Boost Hardware Ltd. Http://www.boosthardware.com Http://www.djcj.org - The Linux Audio Users guide ======================================== Apparently upon the beginning of the barrage, the donkey broke discipline and panicked, toppling the cart. At that point, the rockets disconnected from the timer, leaving them strewn around the street. Tethered to the now toppled cart, the donkey was unable to escape before the arrival of U.S. troops. United Press International Rockets on donkeys hit major Baghdad sites By P. MITCHELL PROTHERO Published 11/21/2003 11:13 AM

21 years, 1 month

Re: [linux-audio-dev] Tracker

by Juan Linietsky

On Friday 28 November 2003 17:27, Paul Davis wrote: > >as paul says, opt/ is a fine solution for this, as everything just > > symlinks, but it's sad that it never took off. > > i don't think its a fine solution. i never saw anything useful about > /opt at all. it just created a *third* possible install location. Oh, my apologies for misreading. I think the only sane thing about it is that -lets you keep track of what's in your system and where did it came from without an extra database of the package management system -lets you easily install/switch between software versions Juan Linietsky (btw my apologies also for sending the message direct, this new kmail is quite confusing)

21 years, 1 month

[linux-audio-dev] Singing speech synthesis test with festival

by Juan Linietsky

Well, I really wondered after that thread on speech synthesis on how something done with festival would actually sound mixed up. I this experiment in nearly half an hour, so dont think it's something hard. I just wrote the voices in that xml-like syntax festival uses for singing songs. Then I wrote a very basic arrangement in cheesetracker, plus added some effects and a bit of compressor to the voice. The result is actually better than what I was expecting, though it's hard to keep festival in tempo. Here's the little thing I did: http://reduz.com.ar/songs/evilrobot.ogg Have fun! Juan Linietsky

21 years, 1 month

[linux-audio-dev] ANNOUNCE: Rosegarden-4-0.9.5 released

by Chris Cannam

The Rosegarden team are pleased to announce the release of Rosegarden-4 0.9.5, an audio and MIDI sequencer and score editor for Linux. To download the source package, go to the homepage at http://www.all-day-breakfast.com/rosegarden/ This release contains a host of new features and improvements over the previous release, and is nearly feature complete for 1.0. Features include: o Score, piano-roll, event list and track overview editors o MIDI and audio playback and recording using JACK o Audio plugin support using LADSPA o Score interpretation of performance MIDI data o MIDI file I/O, Csound and Lilypond export o Shareable device (.rgd) files to ease MIDI portability o Translations into Russian, Spanish, German, French and Welsh New features since 0.9.1 include: o Better sequencer comms layer for much more robust MIDI sequencing o Control rulers for editing velocity and control events o Controller management for MIDI devices o Event list editor with some actual editing capabilities o Event filter on current selection o Classification of audio plugins using liblrdf o Percussion and variations support in bank management o Import Studio from File o Markers o File merging for all file types o Notation rendering using real scalable fonts (one supplied) o Multi-page notation rendering with panner o Much better score printing o Print Preview o Segment colouring o Configurable metronome o Better Lilypond export o MusicXML export that works, though it's still pretty basic o Can now drag notes around in notation view o Several new .rgd device files o Better handling of MIDI devices that come and go o Much improved audio scheduling infrastructure o Ability to drag-and-drop audio files onto segment canvas o Many optimisations throughout Chris

21 years, 1 month

Re: [linux-audio-dev] Re: POSIX caps/realtime/root processes

by Kjetil Svalastog Matheussen

Roger Larsson: > > > > So how is the low-latency situation for 2.6? I did install 2.6 on > > > > my private machine, but was not able to get better performance > > > > than 2.4 with ll+pre (kicked out of jack-graph pretty soon with 128 > > > > frames period). Is there a trick to get better lowlatency performance > > > > with 2.6 I don't know about? > > > > > > Did you compile with CONFIG_PREEMPT enabled? > > > > Yes. :) > > echo 1 > /proc/sys/kernel/lowlatency ? > If you have enabled "Control low latency with sysctl" > I didnt know there were an option for lowlatency for 2.6? However, I do remember there were no /proc/sys/kernel/lowlatency file. Have to check when I get home. > It might be possible that something like lock break is needed... > > Lots of good stuff is available at: > http://www.tech9.net/rml/linux/ > But most are for 2.4 or early 2.5 kernels > I couldn't find a lock-break patch for 2.6 there, and the other one that might might have helped, the Scheduler Hints patch, was not very updated. But I think I remember reading about setting various kinds of scheduler-behaviour by using a kernel option? Could that make the situation better? This is a bit irritating, because in 2.4.23-pre8+ll+pre I can run with a frame size of 32 in jack and run ardour for a very long time without being kicked, and have very few xruns. With 2.6.0-pre4 I cant even run with 128 for more than a minute or so, and I get lots of xruns before that. My machine is nforce2, xp2800, using the built in soundcard, built-in gfx card, ps2 mouse+keyb., and no pci or agp slots used. --

21 years, 1 month

[linux-audio-dev] Making a song with festival for voices:

by Juan Linietsky

By request of some of the people here, I am posting a complete song that you can open and check, as well as the lyric files (xml), and the notes on the problems i found when creating the sounds with festival. The song was composed in one hour and you can see how the audio chunks were mixed, as well of which ladspa effects were applied to 'produce' it. http://reduz.com.ar/festisong The song (.ct file) can be opened with the (unreleased yet) version of cheesetracker, as it uses the new equalizer filters and all that. http://reduz.dyndns.org/cheesetracker-0.9.5.tar.gz Cheers! Lets hope we get more festivalized songs soon :) Maybe Paul Davis will consider integrating festival to ardour hehe... Juan Linietsky

21 years, 1 month

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Linux-audio-dev November 2003