Re: 2.6.19-rc6-rt5
* Mark Knecht <[EMAIL PROTECTED]> wrote: > Forwarding it off list. > > Thanks Ingo. I'm very interested if it works for you to do this. i've integrated it into -rt (see the patch below), but i marked it obsolete and i might not be able to carry it for long - we'll see. The preferred solution is to use newer PAM and its rt-limits features. But to ease migration i'll keep the realtime-lsm for a while. Ingo --- security/Kconfig |9 +++ security/Makefile |1 security/realcap.c | 147 + 3 files changed, 157 insertions(+) Index: linux/security/Kconfig === --- linux.orig/security/Kconfig +++ linux/security/Kconfig @@ -80,6 +80,15 @@ config SECURITY_CAPABILITIES This enables the "default" Linux capabilities functionality. If you are unsure how to answer this question, answer Y. +config REALTIME_CAPABILITIES + tristate "Real-Time LSM (Obsolete)" + depends on SECURITY && EXPERIMENTAL + help + This is an obsolete LSM - use newer PAM and rt-limites + to manage your real-time apps. + + If you are unsure how to answer this question, answer N. + config SECURITY_ROOTPLUG tristate "Root Plug Support" depends on USB && SECURITY Index: linux/security/Makefile === --- linux.orig/security/Makefile +++ linux/security/Makefile @@ -15,4 +15,5 @@ obj-$(CONFIG_SECURITY)+= security.o d # Must precede capability.o in order to stack properly. obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o obj-$(CONFIG_SECURITY_CAPABILITIES)+= commoncap.o capability.o +obj-$(COMMON_REALTIME_CAPABILITIES)+= commoncap.o realcap.o obj-$(CONFIG_SECURITY_ROOTPLUG)+= commoncap.o root_plug.o Index: linux/security/realcap.c === --- /dev/null +++ linux/security/realcap.c @@ -0,0 +1,147 @@ +/* + * Realtime Capabilities Linux Security Module + * + * Copyright (C) 2003 Torben Hohn + * Copyright (C) 2003, 2004 Jack O'Quin + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + */ + +#include +#include + +#define RT_LSM "Realtime LSM " /* syslog module name prefix */ +#define RT_ERR "Realtime: "/* syslog error message prefix */ + +#include +MODULE_INFO(vermagic,VERMAGIC_STRING); + +/* module parameters + * + * These values could change at any time due to some process writing + * a new value in /sys/module/realtime/parameters. This is OK, + * because each is referenced only once in each function call. + * Nothing depends on parameters having the same value every time. + */ + +/* if TRUE, any process is realtime */ +static int rt_any; +module_param_named(any, rt_any, int, 0644); +MODULE_PARM_DESC(any, " grant realtime privileges to any process."); + +/* realtime group id, or NO_GROUP */ +static int rt_gid = -1; +module_param_named(gid, rt_gid, int, 0644); +MODULE_PARM_DESC(gid, " the group ID with access to realtime privileges."); + +/* enable mlock() privileges */ +static int rt_mlock = 1; +module_param_named(mlock, rt_mlock, int, 0644); +MODULE_PARM_DESC(mlock, " enable memory locking privileges."); + +/* helper function for testing group membership */ +static inline int gid_ok(int gid) +{ + if (gid == -1) + return 0; + + if (gid == current->gid) + return 1; + + return in_egroup_p(gid); +} + +static void realtime_bprm_apply_creds(struct linux_binprm *bprm, int unsafe) +{ + cap_bprm_apply_creds(bprm, unsafe); + + /* If a non-zero `any' parameter was specified, we grant +* realtime privileges to every process. If the `gid' +* parameter was specified and it matches the group id of the +* executable, of the current process or any supplementary +* groups, we grant realtime capabilites. +*/ + + if (rt_any || gid_ok(rt_gid)) { + cap_raise(current->cap_effective, CAP_SYS_NICE); + if (rt_mlock) { + cap_raise(current->cap_effective, CAP_IPC_LOCK); + cap_raise(current->cap_effective, CAP_SYS_RESOURCE); + } + } +} + +static struct security_operations capability_ops = { + .ptrace = cap_ptrace, + .capget = cap_capget, + .capset_check = cap_capset_check, + .capset_set = cap_capset_set, + .capable = cap_capable, + .netlink_send = cap_netlink_send, + .netlink_recv =
Re: 2.6.19-rc6-rt5
Forwarding it off list. Thanks Ingo. I'm very interested if it works for you to do this. Cheers, Mark On 11/28/06, Ingo Molnar <[EMAIL PROTECTED]> wrote: * Lee Revell <[EMAIL PROTECTED]> wrote: > >I know there were some comments awhile back about being required > > to switch to PAM. Has that occurred? > > > >If not then there is a regression issue for realtime-lsm. > > As Realtime LSM is an out of tree module and there's no stable kernel > module API it's impossible to prevent regressions. > > That being said, the realtime LSM patch is so simple that it should > work - how exactly does it fail? i can include it in -rt if it's simple enough - if someone's interested then please send me a patch. Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
* Lee Revell <[EMAIL PROTECTED]> wrote: > >I know there were some comments awhile back about being required > > to switch to PAM. Has that occurred? > > > >If not then there is a regression issue for realtime-lsm. > > As Realtime LSM is an out of tree module and there's no stable kernel > module API it's impossible to prevent regressions. > > That being said, the realtime LSM patch is so simple that it should > work - how exactly does it fail? i can include it in -rt if it's simple enough - if someone's interested then please send me a patch. Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
On Tue, 2006-11-28 at 11:53 -0800, Mark Knecht wrote: > I know you've pushed > me to move to PAM telling me realtime-lsm wasn't going to work in the > future. I really just wanted to know that PAM was now a requirement > instead of only best practice. I said it was not guaranteed to work. It should work as long as someone maintains it. I don't think anyone expected it to take so long for distros to update their PAM packages so as to make patching the kernel unnecessary. Lee - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
On 11/28/06, Lee Revell <[EMAIL PROTECTED]> wrote: On Wed, 2006-11-22 at 06:06 -0800, Mark Knecht wrote: > Ingo, >I started building the new kernels a few days ago with your > 2.6.19-rc6-rt0 announcement. The kernels have built fine but so far I > am unable to build the realtime-lsm package against them so no reason > to reboot. > >I know there were some comments awhile back about being required to > switch to PAM. Has that occurred? > >If not then there is a regression issue for realtime-lsm. As Realtime LSM is an out of tree module and there's no stable kernel module API it's impossible to prevent regressions. That being said, the realtime LSM patch is so simple that it should work - how exactly does it fail? Lee Hi Lee, The failure is a Gentoo sandbax failure. On the surface of it I didn't really think it was a kernel problem but I know you've pushed me to move to PAM telling me realtime-lsm wasn't going to work in the future. I really just wanted to know that PAM was now a requirement instead of only best practice. Thanks, Mark - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
On Wed, 2006-11-22 at 06:06 -0800, Mark Knecht wrote: > Ingo, >I started building the new kernels a few days ago with your > 2.6.19-rc6-rt0 announcement. The kernels have built fine but so far I > am unable to build the realtime-lsm package against them so no reason > to reboot. > >I know there were some comments awhile back about being required to > switch to PAM. Has that occurred? > >If not then there is a regression issue for realtime-lsm. As Realtime LSM is an out of tree module and there's no stable kernel module API it's impossible to prevent regressions. That being said, the realtime LSM patch is so simple that it should work - how exactly does it fail? Lee - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
* Karsten Wiese <[EMAIL PROTECTED]> wrote: > this fixes issues like rmmod hanging and inodes leaking. thanks ... i have reverted the other dcache.c changes as well. Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
> i've released the 2.6.19-rc6-rt5 tree, which can be downloaded from the Hi this fixes issues like rmmod hanging and inodes leaking. Karsten --- fs/dcache.c~2006-11-21 11:25:11.0 +0100 +++ fs/dcache.c 2006-11-26 15:20:31.0 +0100 @@ -150,7 +150,7 @@ void dput(struct dentry *dentry) repeat: if (atomic_read(&dentry->d_count) == 1) might_sleep(); - if (atomic_dec_and_test(&dentry->d_count)) + if (!atomic_dec_and_test(&dentry->d_count)) return; spin_lock(&dentry->d_lock); - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-rc6-rt5
Something is really wrong with page alloc on this one. Compiled 2.6.19-rc6-rt5 with the one patch to page_alloc.c as posted on the list here. Kernel uses around 50% mem and 30% swap without doing anything. I get a lot of these: X invoked oom-killer: gfp_mask=0xd0, order=0, oomkilladj=0 [] out_of_memory+0x176/0x1d0 [] __alloc_pages+0x286/0x2f0 [] __get_free_pages+0x46/0x60 [] __pollwait+0xb0/0x100 [] unix_poll+0xc6/0xd0 [] sock_poll+0x23/0x30 [] do_select+0x288/0x4c0 [] __pollwait+0x0/0x100 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] default_wake_function+0x0/0x20 [] core_sys_select+0x223/0x360 [] __schedule+0x2e9/0x6b0 [] convert_fxsr_from_user+0x22/0xf0 [] sys_select+0xff/0x1e0 [] sys_gettimeofday+0x3b/0x90 [] sysenter_past_esp+0x56/0x79 === Mem-info: DMA per-cpu: CPU0: Hot: hi:0, btch: 1 usd: 0 Cold: hi:0, btch: 1 usd: 0 Normal per-cpu: CPU0: Hot: hi: 186, btch: 31 usd: 31 Cold: hi: 62, btch: 15 usd: 58 HighMem per-cpu: CPU0: Hot: hi: 186, btch: 31 usd: 66 Cold: hi: 62, btch: 15 usd: 14 Active:111463 inactive:36109 dirty:0 writeback:0 unstable:0 free:4018 slab:163934 mapped:26114 pagetables:874 DMA free:3560kB min:68kB low:84kB high:100kB active:396kB inactive:356kB present:16256kB pages_scanned:1370 all_unreclaimable? yes lowmem_reserve[]: 0 873 1254 Normal free:3720kB min:3744kB low:4680kB high:5616kB active:111304kB inactive:108296kB present:894080kB pages_scanned:339028 all_unreclaimable? yes lowmem_reserve[]: 0 0 3047 HighMem free:8792kB min:380kB low:788kB high:1196kB active:334152kB inactive:35784kB present:390084kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA: 0*4kB 1*8kB 0*16kB 1*32kB 1*64kB 1*128kB 1*256kB 0*512kB 1*1024kB 1*2048kB 0*4096kB = 3560kB Normal: 0*4kB 5*8kB 0*16kB 1*32kB 1*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 1*2048kB 0*4096kB = 3720kB HighMem: 924*4kB 517*8kB 40*16kB 2*32kB 0*64kB 0*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8792kB Swap cache: add 107141, delete 56933, find 4493/5856, race 0+0 Free swap = 113440kB Total swap = 488336kB Free swap: 113440kB 327664 pages of RAM 98288 pages of HIGHMEM 4383 reserved pages 94253 pages shared 50208 pages swap cached 0 pages dirty 0 pages writeback 26114 pages mapped 163934 pages slab 874 pages pagetables 327664 pages of RAM 98288 pages of HIGHMEM 4383 reserved pages 94253 pages shared 50208 pages swap cached 0 pages dirty 0 pages writeback 26114 pages mapped 163934 pages slab 874 pages pagetables audacious invoked oom-killer: gfp_mask=0xd0, order=0, oomkilladj=0 [] out_of_memory+0x176/0x1d0 [] __alloc_pages+0x286/0x2f0 [] cache_alloc_refill+0x30e/0x5d0 [] kmem_cache_alloc+0x57/0x60 [] sock_alloc_inode+0x19/0x60 [] alloc_inode+0x19/0x190 [] fget_light+0x85/0xa0 [] new_inode+0x16/0x90 [] sock_alloc+0x14/0x70 [] sys_accept+0x56/0x270 [] do_notify_resume+0x402/0x750 [] convert_fxsr_from_user+0x22/0xf0 [] sys_socketcall+0xd1/0x280 [] sysenter_past_esp+0x56/0x79 === Mem-info: DMA per-cpu: CPU0: Hot: hi:0, btch: 1 usd: 0 Cold: hi:0, btch: 1 usd: 0 Normal per-cpu: CPU0: Hot: hi: 186, btch: 31 usd: 31 Cold: hi: 62, btch: 15 usd: 58 HighMem per-cpu: CPU0: Hot: hi: 186, btch: 31 usd: 66 Cold: hi: 62, btch: 15 usd: 14 Active:111494 inactive:36078 dirty:0 writeback:0 unstable:0 free:4018 slab:163934 mapped:26114 pagetables:874 DMA free:3560kB min:68kB low:84kB high:100kB active:396kB inactive:356kB present:16256kB pages_scanned:1370 all_unreclaimable? yes lowmem_reserve[]: 0 873 1254 Normal free:3720kB min:3744kB low:4680kB high:5616kB active:111420kB inactive:108180kB present:894080kB pages_scanned:339127 all_unreclaimable? yes lowmem_reserve[]: 0 0 3047 HighMem free:8792kB min:380kB low:788kB high:1196kB active:334160kB inactive:35776kB present:390084kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA: 0*4kB 1*8kB 0*16kB 1*32kB 1*64kB 1*128kB 1*256kB 0*512kB 1*1024kB 1*2048kB 0*4096kB = 3560kB Normal: 0*4kB 5*8kB 0*16kB 1*32kB 1*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 1*2048kB 0*4096kB = 3720kB HighMem: 924*4kB 517*8kB 40*16kB 2*32kB 0*64kB 0*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8792kB Swap cache: add 107141, delete 56933, find 4493/5856, race 0+0 Free swap = 113440kB Total swap = 488336kB Free swap