On Tue, 2005-07-12 at 12:56, Iain Duncan wrote: > >>I've just joined the list and it's pretty interesting. > >>Can someone tell me something about the differences between the > >>preempt patch from Ingo and the "Realtime Linux Security Module"? > >>I currently use the latter one and I'm quite satisfied as jack works > >>really fast. Perhaps one should try this way instead of the vanilla > >>kernel patch. There have to be pros and cons I'm interested in. Can > >>someone point them out? > > > > > > The LSM and Ingo's patches are addressing 2 separate issues. Ingo's > > patch is working to minimize sources of latency in various code paths in > > the kernel. The rtlimits and the realtime-lsm are addressing the issue > > of providing a security model for realtime applications to get the > > capabilities they need to run in real-time. Ordinarilly these > > capabilities (CAP_SET_PCAP, mlockall(), and SCHED_FIFO()) are only > > accessible as root. rtlimits and the realtime-lsm provide infrastructure > > for allowing these capabilities to be granted to only a specified set of > > users/processes. > > So am I correct in believing that the preempt patch is the one that > makes a difference if I intend to run as root anyway? It makes (should make?) a difference independent of whether you run as root or not. If you run as root you can access everything. If you don't run as root (highly recommended :-) you need some additional stuff to get the same performance. > ( Yeah I know I'm > not supposed to, but IMO my machine is just a synthesizer in disguise as > a computer and I'll unplug the ethernet cable if I need to. ) 2.6.12 already includes the rlimits patch that will allow you to run well as a non-root user. But you will need a patch to pam (if your distro uses pam) or a special user program to access realtime scheduling as a non-root user (was posted not long ago to this list). -- Fernando
