<div class="gmail_quote">On Sun, Apr 18, 2010 at 7:29 PM, Fernando Lopez-Lezcano <span dir="ltr"><<a href="mailto:nando@ccrma.stanford.edu" target="_blank">nando@ccrma.stanford.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> described here:<a href="http://old.nabble.com/help-w--qjackctl-locks-up-X-GUI-(perhaps-caused-by-dbus-or-kernel-2.6.32.11-99.fc12.x86_64)-to28221239.html" target="_blank">http://old.nabble.com/help-w--qjackctl-locks-up-X-GUI-(perhaps-caused-by-dbus-or-kernel-2.6.32.11-99.fc12.x86_64)-to28221239.html</a> )</div>
<div>
<br>
</div>I don't think we know why that was happening.<br></blockquote><div><br></div><div>I was hypothesizing that any other application which made request for rtprio, negative nice, or memlock, but might be granted lower or higher priority than jack, may end up getting exactly the same priority levels as jackd; this could mean that two application, running by design at different priority levels, wouldn't deadlock -- but run at the same priority levels, they have a better chance of deadlocking. So for example if this new jackd was trying to signal via dbus to turn off pulseaudio, and pulseaudio itself was now attempting to run, except that I've turned off pulseaudio on my workstations, and removed the packages. But nonetheless, something (libgnome?) still is creating ~/.pulse and ~/.pulse-cookie and perhaps deadlocking in the process.... </div>
<div><br></div><div>Alternately, this could be an instance of "priority inversion" made famous by the mars pathfinder <a href="http://research.microsoft.com/en-us/um/people/mbj/Mars_Pathfinder/Authoritative_Account.html" target="_blank">http://research.microsoft.com/en-us/um/people/mbj/Mars_Pathfinder/Authoritative_Account.html</a> but also plaguing more prosaic hardware such as <a href="http://reviews.cnet.com/digital-video-recorders-dvrs/directv-hr20-directv-plus/4852-6474_7-32065196.html?tag=psum" target="_blank">http://reviews.cnet.com/digital-video-recorders-dvrs/directv-hr20-directv-plus/4852-6474_7-32065196.html?tag=psum</a> (deadlock whackamole on hardware with four simultaneous HD PVRs, that could barely record or watch two channels w/o crashing).</div>
<div><br></div><div>One difference between the workstation that suffered from the lockup problem, and one that didn't -- is the following entry in limits.conf (from F12's Jack, but didn't get removed by CCRMA's jack?) found on the problematic computer:</div>
<div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
## Automatically appended by jack-audio-connection-kit</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@jackuser - rtprio 20</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@jackuser - memlock 4194304</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
## Automatically appended by jack-audio-connection-kit</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@pulse-rt - rtprio 20</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@pulse-rt - nice -20</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
## Automatically appended by the Planet CCRMA jack-audio-connection-kit</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
* - rtprio 99</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
* - memlock 4194304</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
* - nice -10</blockquote><div><br></div><div>In other words, the jack options at the end would potentially "override" the settings above for 'pulse-rt' and 'jackuser' -- this seems problematic. I've removed the additional non-CCRMA jack-audio-connection-kit settings from this limits.conf, and also changed the wildcards to @jackuser -- we'll see how things go now...</div>
<div><br></div><div>........</div><div><br></div>
<div><blockquote class="gmail_quote" style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-color:rgb(204, 204, 204);border-left-style:solid;padding-left:1ex">
This is not related to applications but to users. It means any user can</blockquote><blockquote class="gmail_quote" style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-color:rgb(204, 204, 204);border-left-style:solid;padding-left:1ex">
run apps with realtime priorities.</blockquote><div><br></div><div>It's related to applications in that most applications don't request realtime priority, negative nice levels, etc. However, with the settings from limits.conf, any application, including a rogue application that might otherwise be well behaved because it wasn't granted permission to run at elevated priv levels -- would now get them. Furthermore if some other app had settings in limits.conf with lesser priority levels (say nice of -1, and less rtprio), the wildcard matching for all apps && all users could end up giving that app the potential of running at much higher priorities.</div>
<div><br></div><div>Worst, services/deamons that normally run safely due to their minimal set of privileges and a security design principle towards <a href="http://en.wikipedia.org/wiki/Privilege_separation">http://en.wikipedia.org/wiki/Privilege_separation</a> would now all have the privileges, literally, combined. Daemon processes running as 'nobody' or as separate low-priv users with a specific part of the filesystem they can read/write, will now be able to attain unreasonable levels of priority. This means that one could lockup such a workstation remotely simply by activating a network service -- even if only for the service to deny access -- do it often enough w/ a highly privileged process and you can lockup a computer. It sidesteps the whole notion of "dropping root" in a network service (e.g. sshd):</div>
<div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
Many network service daemons have to do a specific privileged operation such as open a raw socket or an Internet socket in the well known ports range. Administrative utilities can require particular privileges at runtime as well. Such software tends to separate privileges by revoking them completely after the critical section is done, and change the user it runs under to some unprivileged account after so doing. This action is known as dropping root under Unix-like operating systems. The unprivileged part is usually run under the "nobody" user or an equivalent separate user account.</blockquote>
<div><br></div><div>Now normally, if this was a simple denial-of-service -- no biggie, just reboot. But with the current settings, even a simple "rogue" script could trigger a far worse DOS -- eg. jamming a network, router, website, etc. This is especially true because every single workstation that installed jack could become a host for a distributed DOS attack. </div>
<div><br></div><div>Normally, installing fedora packages doesn't automatically degrade security -- you have to configure it, and/or add servces to chkconfig in order to activate. In this case, a user who blindly installs any package from CCRMA will get jackd's limits.conf settings as a dependency. Due to the security concerns, I assume/hope those settings will not be in the F12 version of jack2.</div>
</div><div><br></div><div>Given all that fear, uncertainty and doubt, combined with my general level of weeniedom, I changed my limits.conf to:</div><div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
## Automatically appended by the Planet CCRMA jack-audio-connection-kit</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
## NPM changed '*' to @jackuser to limi</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@jackuser - rtprio 99</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@jackuser - memlock 4194304</blockquote><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
@jackuser - nice -10</blockquote><div> </div><div>-- Niels </div><div><a href="http://nielsmayer.com">http://nielsmayer.com</a></div></div>