1. 15 Jun, 2009 1 commit
    • Lennart Poettering's avatar
      sched: Introduce SCHED_RESET_ON_FORK scheduling policy flag · ca94c442
      Lennart Poettering authored
      This patch introduces a new flag SCHED_RESET_ON_FORK which can be passed
      to the kernel via sched_setscheduler(), ORed in the policy parameter. If
      set this will make sure that when the process forks a) the scheduling
      priority is reset to DEFAULT_PRIO if it was higher and b) the scheduling
      policy is reset to SCHED_NORMAL if it was either SCHED_FIFO or SCHED_RR.
      
      Why have this?
      
      Currently, if a process is real-time scheduled this will 'leak' to all
      its child processes. For security reasons it is often (always?) a good
      idea to make sure that if a process acquires RT scheduling this is
      confined to this process and only this process. More specifically this
      makes the per-process resource limit RLIMIT_RTTIME useful for security
      purposes, because it makes it impossible to use a fork bomb to
      circumvent the per-process RLIMIT_RTTIME accounting.
      
      This feature is also useful for tools like 'renice' which can then
      change the nice level of a process without having this spill to all its
      child processes.
      
      Why expose this via sched_setscheduler() and not other syscalls such as
      prctl() or sched_setparam()?
      
      prctl() does not take a pid parameter. Due to that it would be
      impossible to modify this flag for other processes than the current one.
      
      The struct passed to sched_setparam() can unfortunately not be extended
      without breaking compatibility, since sched_setparam() lacks a size
      parameter.
      
      How to use this from userspace? In your RT program simply replace this:
      
        sched_setscheduler(pid, SCHED_FIFO, &param);
      
      by this:
      
        sched_setscheduler(pid, SCHED_FIFO|SCHED_RESET_ON_FORK, &param);
      Signed-off-by: default avatarLennart Poettering <lennart@poettering.net>
      Acked-by: default avatarPeter Zijlstra <a.p.zijlstra@chello.nl>
      LKML-Reference: <20090615152714.GA29092@tango.0pointer.de>
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      ca94c442
  2. 14 Jun, 2009 32 commits
  3. 13 Jun, 2009 7 commits