Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262003AbVBKItV (ORCPT ); Fri, 11 Feb 2005 03:49:21 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262009AbVBKItV (ORCPT ); Fri, 11 Feb 2005 03:49:21 -0500 Received: from mx2.elte.hu ([157.181.151.9]:10628 "EHLO mx2.elte.hu") by vger.kernel.org with ESMTP id S262003AbVBKItQ (ORCPT ); Fri, 11 Feb 2005 03:49:16 -0500 Date: Fri, 11 Feb 2005 09:48:43 +0100 From: Ingo Molnar To: Matt Mackall Cc: Paul Davis , Peter Williams , Nick Piggin , Chris Wright , "Jack O'Quin" , Andrew Morton , Christoph Hellwig , linux-kernel@vger.kernel.org, Con Kolivas , rlrevell@joe-job.com Subject: Re: 2.6.11-rc3-mm2 Message-ID: <20050211084843.GA3980@elte.hu> References: <420C25D6.6090807@bigpond.net.au> <200502110341.j1B3fS8o017685@localhost.localdomain> <20050211065753.GE15058@waste.org> <20050211075417.GA2287@elte.hu> <20050211082536.GF15058@waste.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050211082536.GF15058@waste.org> User-Agent: Mutt/1.4.1i X-ELTE-SpamVersion: MailScanner 4.31.6-itk1 (ELTE 1.2) SpamAssassin 2.63 ClamAV 0.73 X-ELTE-VirusStatus: clean X-ELTE-SpamCheck: no X-ELTE-SpamCheck-Details: score=-4.9, required 5.9, autolearn=not spam, BAYES_00 -4.90 X-ELTE-SpamLevel: X-ELTE-SpamScore: -4 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1573 Lines: 37 * Matt Mackall wrote: > Here's Chris' patch for reference: > > http://groups-beta.google.com/group/linux.kernel/msg/6408569e13ed6e80 how does this patch solve the separation of 'negative nice values' and 'RT priority rlimits'? In one piece of code it handles the rlimit value as a 0-39 nice value, in another place it handles it as a limit for a 1-100 RT priority range. The two ranges overlap and have nothing to do with each other. [*] anyway, as long as it doesnt touch the scheduler runtime code (and it doesnt), both types of solutions are fine to me - it's basically the security-subsystem people's call. if the patch solves the negative-nice-value and the RT-priority issues at once, then it indeed looks more flexible (and more generic) than the LSM solution. [**] Ingo [*] one acceptable way to 'merge' the two priority ranges would be to introduce a unified priority range of 0-139: 0-39 would be for nice values while 40-139 would be for RT priorities 1-99. NOTE: due to rlimit semantics (users can always lower them without any security checks), value 39 _must_ denote nice -20 and value 0 must denote nice +19. I.e. it must strictly in increasing priority order. [**] in fact, the 'Gnome problem' wrt. suid/gid binaries would be solved via the rlimit too. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/