Are Real-Time Kernels Safe?
Moderators: MattKingUSA, khz
-
- Established Member
- Posts: 61
- Joined: Tue Jan 25, 2022 1:33 am
- Has thanked: 16 times
- Been thanked: 20 times
Are Real-Time Kernels Safe?
According to Ubuntu Studio, they are not:
https://help.ubuntu.com/community/Ubunt ... TimeKernel
Is there anything to this? for the record, I'm using Ubuntu Studio, but more because I like it. but if this is true, I'm glad I am!
I personally don't need RT, as I just do midi, and latency is not an issue for me.
https://help.ubuntu.com/community/Ubunt ... TimeKernel
Is there anything to this? for the record, I'm using Ubuntu Studio, but more because I like it. but if this is true, I'm glad I am!
I personally don't need RT, as I just do midi, and latency is not an issue for me.
- GMaq
- Established Member
- Posts: 2827
- Joined: Fri Sep 25, 2009 1:42 pm
- Has thanked: 530 times
- Been thanked: 573 times
Re: Are Real-Time Kernels Safe?
Hi,
Well.. it's theoretically possible like most Linux kernel exploits are, it's like asteroid-hitting-earth unlikely though, if your system is that vulnerable to an exploit then you have bigger security problems than an RT patch IMHO.
That said most RT is more trouble than it's worth these days for almost all Linux Audio users, lowlatency gives most people the performance they need and specialty kernels like Liquorix often equal if not exceed the performance of RT patched kernels.
Well.. it's theoretically possible like most Linux kernel exploits are, it's like asteroid-hitting-earth unlikely though, if your system is that vulnerable to an exploit then you have bigger security problems than an RT patch IMHO.
That said most RT is more trouble than it's worth these days for almost all Linux Audio users, lowlatency gives most people the performance they need and specialty kernels like Liquorix often equal if not exceed the performance of RT patched kernels.
- autostatic
- Established Member
- Posts: 1994
- Joined: Wed Dec 09, 2009 5:26 pm
- Location: Beverwijk, The Netherlands
- Has thanked: 32 times
- Been thanked: 104 times
- Contact:
Re: Are Real-Time Kernels Safe?
Ubuntu now offers a RT kernel too. And that the attack vector of an RT kernel would be bigger than a non-RT kernel, I doubt it, I concur with Gmaq on that one.
- bluzee
- Established Member
- Posts: 340
- Joined: Mon Nov 30, 2020 11:43 pm
- Has thanked: 18 times
- Been thanked: 88 times
Re: Are Real-Time Kernels Safe?
I've always used kernels that I have patched for RT and compiled myself. On the last upgrade I found the results from my RT kernel to be unsatisfactory. If memory serves it was a 5.15 kernel. I don't know what has changed to cause this.
I tried a Liquorix kernel instead and am very happy with it's performance.
The default Ubuntu kernel is really tuned more for server use. For regular desktop use the lowlatency kernel is probably more suitable from most accounts I've read.
For midi you will benefit from the higher frequency timer. 1000hz vs 250hz.
I have now installed Liquorix on every machine except the one with Nvidia. I can not install Nvidia driver with Liquorix and have no vdpau GPU video decoding without it. Setting GPU decoding up with nouveau causes my system to lock up.
I suspect I won't bother with the RT patch any more in future.
I tried a Liquorix kernel instead and am very happy with it's performance.
The default Ubuntu kernel is really tuned more for server use. For regular desktop use the lowlatency kernel is probably more suitable from most accounts I've read.
For midi you will benefit from the higher frequency timer. 1000hz vs 250hz.
I have now installed Liquorix on every machine except the one with Nvidia. I can not install Nvidia driver with Liquorix and have no vdpau GPU video decoding without it. Setting GPU decoding up with nouveau causes my system to lock up.
I suspect I won't bother with the RT patch any more in future.
- GMaq
- Established Member
- Posts: 2827
- Joined: Fri Sep 25, 2009 1:42 pm
- Has thanked: 530 times
- Been thanked: 573 times
Re: Are Real-Time Kernels Safe?
nVidia dropped support for Kepler chipsets, this seems to be causing a lot of trouble in newer Kernels because there are no Kepler drivers for Kernels past 5.10. Secondly there were significant new patches to Kernel 5.16 to lower the latency of USB Audio devices independent of RT patching. People may find the performance of their devices are helped significantly without any changes to their Kernel at all. This is another upstream improvement that diminishes the need for RT preemption.bluzee wrote: ↑Mon May 02, 2022 5:50 pm I've always used kernels that I have patched for RT and compiled myself. On the last upgrade I found the results from my RT kernel to be unsatisfactory. If memory serves it was a 5.15 kernel. I don't know what has changed to cause this.
I tried a Liquorix kernel instead and am very happy with it's performance.
The default Ubuntu kernel is really tuned more for server use. For regular desktop use the lowlatency kernel is probably more suitable from most accounts I've read.
For midi you will benefit from the higher frequency timer. 1000hz vs 250hz.
I have now installed Liquorix on every machine except the one with Nvidia. I can not install Nvidia driver with Liquorix and have no vdpau GPU video decoding without it. Setting GPU decoding up with nouveau causes my system to lock up.
I suspect I won't bother with the RT patch any more in future.
- autostatic
- Established Member
- Posts: 1994
- Joined: Wed Dec 09, 2009 5:26 pm
- Location: Beverwijk, The Netherlands
- Has thanked: 32 times
- Been thanked: 104 times
- Contact:
Re: Are Real-Time Kernels Safe?
Afaik there is no modern MIDI software that still uses this frequency timer, most, if not all software relies on snd-hrtimer. Or are there other contexts related to audio or multimedia where you could benefit from a 1000Hz frequency timer?
- bluzee
- Established Member
- Posts: 340
- Joined: Mon Nov 30, 2020 11:43 pm
- Has thanked: 18 times
- Been thanked: 88 times
Re: Are Real-Time Kernels Safe?
Code: Select all
nVidia dropped support for Kepler chipsets, this seems to be causing a lot of trouble in newer Kernels because there are no Kepler drivers for Kernels past 5.10. Secondly there were significant new patches to Kernel 5.16 to lower the latency of USB Audio devices independent of RT patching. People may find the performance of their devices are helped significantly without any changes to their Kernel at all. This is another upstream improvement that diminishes the need for RT preemption.
Not sure if you noticed the round trip timings I posted at one point. The new kernel almost cut this in half.
- khz
- Established Member
- Posts: 1648
- Joined: Thu Apr 17, 2008 6:29 am
- Location: German
- Has thanked: 42 times
- Been thanked: 92 times
Re: Are Real-Time Kernels Safe?
Thanks to @basstrombone music-daw deb.file and the discussions and answers of @x42 I have thought a lot. Among other things, x42 wrote this about it:autostatic wrote: ↑Mon May 02, 2022 6:51 pmAfaik there is no modern MIDI software that still uses this frequency timer, most, if not all software relies on snd-hrtimer. Or are there other contexts related to audio or multimedia where you could benefit from a 1000Hz frequency timer?
I think it's good when we collect current knowledge.https://discourse.ardour.org/t/deb-file-to-optimize-linux-mint-to-use-in-proaudio/104368/23 wrote:Back in the day, there was no high-resolution timer, and snd-hrtimer was the shit!
The only two live MIDI apps back then indeed used /dev/rtc (which is why HZ_1000 was useful). These days no app uses that anymore. There are much better option available, and systems perform better with a tickless NO_HZ system that isn’t limited to 1kHz.
Addition: As long as you use jackd (and MIDI) tick_double I guess has contributed a lot to the stability.
https://jackaudio.org/news/2021/07/16/jack2-v1919-release.html wrote:Now, for the rationale behind the transport tick_double API update:
When using JACK transport to sync between clients with precise timing requirements (such as MIDI sequencers) rounding errors would accumulate and eventually make the separate clients out of sync.
This was observed in Carla and mod-host, which use audio plugins as JACK clients. Some MIDI plugins could miss notes due to rounding errors. This change has been deployed in MOD Devices for a couple of releases already and it is known to work (that is, it corrects the situation).
There were discussions on IRC about this potentially be unnecessary, that clients can just use bar_start_tick to store the non-integer part of the tick.
While the idea could work in theory, supporting it turns out to be non-trivial and from all applications that I have tested none implemented this part correctly.
Some applications do not set bar_start_tick at all, even though they can be run as transport master.
So since the transport API has padding members available for use and it has been unchanged for several years (so there won’t be a need to add more fields in the short or middle term), well let’s just go for it.
. . . FZ - Does humor belongs in Music?
. . GNU/LINUX@AUDIO ~ /Wiki $ Howto.Info && GNU/Linux Debian installing >> Linux Audio Workstation LAW
. . GNU/LINUX@AUDIO ~ /Wiki $ Howto.Info && GNU/Linux Debian installing >> Linux Audio Workstation LAW
- I don't care about the freedom of speech because I have nothing to say.
- thetotalchaos
- Established Member
- Posts: 212
- Joined: Mon Sep 29, 2014 8:29 pm
- Has thanked: 55 times
- Been thanked: 9 times
- Contact:
Re: Are Real-Time Kernels Safe?
In 2014 i wrote a master's paper on "Linux configuration for professional audio". The first chapter of it, was about the "specialized" Linux kernels.
So in two words, if your goal is to have a pro-level, musical studio environment, that will be use exclusively for music production, you use the PREEMPT_RT aka Linux-RT type kernel.
If your goal is to have a general system environment, that will be also tuned for music production, you use the PREEMPT aka Linux-Lowlatency type kernel.
That is the simple rule on Linux for music production.
Best regards, Totalchaos
So in two words, if your goal is to have a pro-level, musical studio environment, that will be use exclusively for music production, you use the PREEMPT_RT aka Linux-RT type kernel.
If your goal is to have a general system environment, that will be also tuned for music production, you use the PREEMPT aka Linux-Lowlatency type kernel.
That is the simple rule on Linux for music production.
Best regards, Totalchaos
You can listen to my music at: https://totalchaos-music.bandcamp.com/
Take a journey to wonderland with The Butterfly Effect 2016
https://totalchaos-music.bandcamp.com/a ... fly-effect
Take a journey to wonderland with The Butterfly Effect 2016
https://totalchaos-music.bandcamp.com/a ... fly-effect
-
- Established Member
- Posts: 21
- Joined: Tue Jun 21, 2022 11:46 am
- Has thanked: 10 times
- Been thanked: 3 times
Re: Are Real-Time Kernels Safe?
Inaudible latencies can only be achieved with real RT-Kernels. Low-Latency and Liquorix-Kernels are nice tries but they almost double latency so they are unfortunately not an option for professional audio recordings - at least up to now.
I set up a Dual Boot Linux PC (Vanilla-Kernel for daily use and RT-Kernel for music production) to get the best of both worlds. Although I'm often online with the RT-Kernel I haven't had any damage for many years with RT-Kernels.
I set up a Dual Boot Linux PC (Vanilla-Kernel for daily use and RT-Kernel for music production) to get the best of both worlds. Although I'm often online with the RT-Kernel I haven't had any damage for many years with RT-Kernels.
-
- Established Member
- Posts: 2083
- Joined: Mon Sep 28, 2015 8:06 pm
- Location: Here, of course!
- Has thanked: 232 times
- Been thanked: 400 times
- Contact:
Re: Are Real-Time Kernels Safe?
I've been using RT kernels exclusively on all my machines for years. So far I've not had any problems with this.
The Yoshimi guy {apparently now an 'elderly'}
- nikgnomicradio
- Established Member
- Posts: 109
- Joined: Wed Feb 07, 2018 9:31 pm
- Has thanked: 1 time
- Been thanked: 7 times
- Contact:
Re: Are Real-Time Kernels Safe?
I used to link to this Wiki page before the latest edit when it had good information about different kernels
https://help.ubuntu.com/community/Ubunt ... all&rev=11
The last edit has no citations and seems to be just an emotive opinion
If a RT kernel were to lock a user out of their machine I would expect any potential hackers or botnets would also be locked out too
and the only issue is whether you can remember how to REISUB instead of a hard reset
https://help.ubuntu.com/community/Ubunt ... all&rev=11
The last edit has no citations and seems to be just an emotive opinion
If a RT kernel were to lock a user out of their machine I would expect any potential hackers or botnets would also be locked out too
and the only issue is whether you can remember how to REISUB instead of a hard reset
- rncbc
- Established Member
- Posts: 1071
- Joined: Mon Apr 19, 2010 12:20 pm
- Has thanked: 45 times
- Been thanked: 279 times
- Contact:
Re: Are Real-Time Kernels Safe?
obviously you never put your foot wet on pipewire did you?
ps. unlike JACK, PW and PREEMPT_RT are not a friendly combination... if you want insane, x-run free low-latency, PW just won't cut it.. stay with a vanilla PREEMPT kernel. stop
-
- Established Member
- Posts: 2083
- Joined: Mon Sep 28, 2015 8:06 pm
- Location: Here, of course!
- Has thanked: 232 times
- Been thanked: 400 times
- Contact:
Re: Are Real-Time Kernels Safe?
Exactly!
I'll stick with jack until the problems with pipewire are sorted. Jack just works, has done so for a good long time, and I've far too much going on to faff about with the nuts and bolts.
The Yoshimi guy {apparently now an 'elderly'}
- rncbc
- Established Member
- Posts: 1071
- Joined: Mon Apr 19, 2010 12:20 pm
- Has thanked: 45 times
- Been thanked: 279 times
- Contact:
Re: Are Real-Time Kernels Safe?
fwiw. PW scheduling is mostly based on timers, while JACK(on ALSA) is tightly rigged on IRQs ... you know the drill... by design, PW problems won't get solved any time soon
iow. stay away from kernel-rt if you're betting on pipewire.
iow. stay away from kernel-rt if you're betting on pipewire.