Re: [PATCH] scheduling priorities with rlimit

From: Chris Wright
Date: Sun Jan 09 2005 - 15:38:26 EST

Next message: Subodh Shrivastava: "2.6.10-mm2 frame buffer does not works with X"
Previous message: Christoph Hellwig: "Re: removing bcopy... because it's half broken"
In reply to: utz lehmann: "Re: [PATCH] scheduling priorities with rlimit"
Next in thread: utz lehmann: "Re: [PATCH] scheduling priorities with rlimit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Arjan van de Ven (arjan@xxxxxxxxxxxxx) wrote:
> On Sun, 2005-01-09 at 18:15 +0100, utz lehmann wrote:
> > Hi
> >
> > I really like the idea of controlling the maximum settable scheduling
> > priorities via rlimit. See the Realtime LSM thread. I want to give users
> > the right to raise the priority of previously niced jobs.
> >
> > I have modified Chris Wright's patch (against 2.6.10):
> > (http://marc.theaimsgroup.com/?l=linux-kernel&m=110513793228776&w=2)
> >
> > - allow always to increase nice levels (lower priority).
> > - set the default for RLIMIT_PRIO to 0.
> > - add the other architectures.
> >
> > With this the default is compatible with the old behavior.
> >
> > With RLIMIT_PRIO > 0 a user is able to raise the priority up to the
> > value. 0-39 for nice levels 19 .. -20, 40-139 for realtime priorities
> > (0 .. 99).
>
> this is a bit of an awkward interface don't you think?

Yes it is. But I didn't think of a better one.

> I much rather have the rlimit match the exact nice values we communicate
> to userspace elsewhere, both to be consistent and to not expose
> scheduler internals to userpsace.

The problem is the numbers are inconsistent between user interfaces already.
RT priorities are [0, 99], nice vaules are [-20, 19]. Perhaps it'd be
simpler to break it down to just three values for the rlimit.

0: Same as now, raise nice value only.
1: Can lower nice value.
2: Can set RT policy (this includes any priority [1, 99], or optionally
max out at something lower than 99, reserving full CAP_SYS_NICE to 99).

Each level inherits the permissions of the lower level, and none of them
allow the CAP_SYS_NICE ability to affect processes other than your own.

> Also I like the idea of allowing sysadmins to make certain users/groups
> nice levels 5 and higher (think a university machine that makes all
> students nice 5 and higher only, while giving staff 0 and higher, and
> the sysadmin -5 and higher ;)

This is a separate issue. It's about setting the default during login
which can be done with setpriority (still could be done via pam).

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Subodh Shrivastava: "2.6.10-mm2 frame buffer does not works with X"
Previous message: Christoph Hellwig: "Re: removing bcopy... because it's half broken"
In reply to: utz lehmann: "Re: [PATCH] scheduling priorities with rlimit"
Next in thread: utz lehmann: "Re: [PATCH] scheduling priorities with rlimit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]