Hi,
Continuing discussing [1], but at different angle - probably worth a separate thread.
To
clarify a bit: I'm building a voice control & communication system
for embedded Linux (part of yet another IoT system, based on Yocto Linux). Of course on top of GStreamer.
At the PoC stage
we're using unix pipes everywhere, but I want to consider other
transports if they're better, especially in my case of limited CPU
(~500MHz signle-core armv7 currently).
So, I'm considering pipes vs POSIX shared memory vs memfds:
(i) Security aspect.
-
With anonymous pipes, I'm planning on passing fd from privileged
process to a sandboxed one - so it can probably have no filesystem
access at all.
- With shm, does it require more privileges? Also
does shm require both parties to cooperate - i.e. if a client is
compromised, there is no security control preventing it from writing to
shm instead of reading only? Also is there a way to withdraw client's
access to a shared memory region? (like, one session with audio data was
intended for one client, another data set - for different one). If
that's not the case, a copy of shared memory is required per each
untrusted client then... Looking at PulseAudio's state, they're using
shm only for per-user setup [2].
- Looks like memfds address the
drawbacks of shm, and also get their way into pulseaudio [2]. But how to
use them for audio IPC properly is a bit unclear - each audio packet =
memfd file (sealed)?
(ii) Performance - does shm/memfds provide
noticeable (or rather, worth the trouble) benefits over pipes?
Especially given that we need to use a separate socket for signaling for
shm (and even if we replace it with eventfd..)? Also, there is a way to
speed up pipes (splice [3], O_DIRECT flag [4] - packet mode for pipes
actually)...
Any insights would be much appreciated.
[1]
https://lists.freedesktop.org/archives/gstreamer-devel/2016-December/062103.html[2]
https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/9.0[3]
https://linux.die.net/man/2/splice[4]
http://man7.org/linux/man-pages/man2/pipe.2.htmlThanks,
Wire Snark
_______________________________________________
gstreamer-devel mailing list
[hidden email]
https://lists.freedesktop.org/mailman/listinfo/gstreamer-devel
Locked
