12 Jul
2005
12 Jul
'05
6:46 p.m.
On Tue, 2005-07-12 at 12:56, Iain Duncan wrote:
So am I correct in believing that the preempt patch is the one that
makes a difference if I intend to run as root anyway?
It makes (should make?) a difference independent of whether you run as
root or not. If you run as root you can access everything. If you don't
run as root (highly recommended :-) you need some additional stuff to
get the same performance.
I've just joined the list and it's pretty
interesting.
Can someone tell me something about the differences between the
preempt patch from Ingo and the "Realtime Linux Security Module"?
I currently use the latter one and I'm quite satisfied as jack works
really fast. Perhaps one should try this way instead of the vanilla
kernel patch. There have to be pros and cons I'm interested in. Can
someone point them out?
The LSM and Ingo's patches are addressing 2 separate issues. Ingo's
patch is working to minimize sources of latency in various code paths in
the kernel. The rtlimits and the realtime-lsm are addressing the issue
of providing a security model for realtime applications to get the
capabilities they need to run in real-time. Ordinarilly these
capabilities (CAP_SET_PCAP, mlockall(), and SCHED_FIFO()) are only
accessible as root. rtlimits and the realtime-lsm provide infrastructure
for allowing these capabilities to be granted to only a specified set of
users/processes. ( Yeah I know I'm
not supposed to, but IMO my machine is just a synthesizer in disguise as
a computer and I'll unplug the ethernet cable if I need to. )
2.6.12 already includes the rlimits patch that will allow you to run
well as a non-root user. But you will need a patch to pam (if your
distro uses pam) or a special user program to access realtime scheduling
as a non-root user (was posted not long ago to this list).
-- Fernando