Re: Are CAP_SYS_ADMIN and CAP_SYS_NICE still needed for SQPOLL?

[Jens Axboe]

On 3/25/21 7:44 AM, Pavel Begunkov wrote:
> On 25/03/2021 11:33, Stefano Garzarella wrote:
>> Hi Jens, Hi Pavel,
>> I was taking a look at the new SQPOLL handling with io_thread instead of kthread. Great job! Really nice feature that maybe can be reused also in other scenarios (e.g. vhost).
>>
>> Regarding SQPOLL, IIUC these new threads are much closer to user threads, so is there still a need to require CAP_SYS_ADMIN and CAP_SYS_NICE to enable SQPOLL?
> 
> Hmm, good question. If there are under same cgroup (should be in
> theory), and if we add more scheduling points (i.e. need_resched()), and
> don't see a reason why not. Jens?
> 
> Better not right away though. IMHO it's safer to let the change settle
> down for some time.

Yes, agree on both counts - we are not going to need elevated privileges
going forward, but I'd also rather defer making that change until 5.13
so we have a bit more time on the current (new) base first.

-- 
Jens Axboe