12 Jul
2005
12 Jul
'05
2:47 p.m.
On Tue, Jul 12, 2005 at 06:11:55PM +0200, Marcel Karras wrote:
Hello,
I've just joined the list and it's pretty interesting.
Can someone tell me something about the differences between the
preempt patch from Ingo and the "Realtime Linux Security Module"?
I currently use the latter one and I'm quite satisfied as jack works
really fast. Perhaps one should try this way instead of the vanilla
kernel patch. There have to be pros and cons I'm interested in. Can
someone point them out?
The LSM and Ingo's patches are addressing 2 separate issues. Ingo's
patch is working to minimize sources of latency in various code paths in
the kernel. The rtlimits and the realtime-lsm are addressing the issue
of providing a security model for realtime applications to get the
capabilities they need to run in real-time. Ordinarilly these
capabilities (CAP_SET_PCAP, mlockall(), and SCHED_FIFO()) are only
accessible as root. rtlimits and the realtime-lsm provide infrastructure
for allowing these capabilities to be granted to only a specified set of
users/processes.
--
Eric Dantan Rzewnicki | Systems Administrator
Technical Operations Division | Radio Free Asia
2025 M Street, NW | Washington, DC 20036 | 202-530-4900
CONFIDENTIAL COMMUNICATION
This e-mail message is intended only for the use of the addressee and
may contain information that is privileged and confidential. Any
unauthorized dissemination, distribution, or copying is strictly
prohibited. If you receive this transmission in error, please contact
network(a)rfa.org.