mirror of
https://github.com/20kdc/OC-KittenOS.git
synced 2024-11-27 04:48:05 +11:00
fix Glacier GPU allocation, move Icecap root request higher up
This commit is contained in:
parent
981ea559c6
commit
584108d6af
@ -94,25 +94,36 @@ local function announceFreeMonitor(address, except)
|
||||
end
|
||||
|
||||
local function getGPU(monitor)
|
||||
local bestG
|
||||
local bestD = 0
|
||||
local bestG, bestStats = nil, {-math.huge, -math.huge, -math.huge}
|
||||
currentGPUBinding = {}
|
||||
for v in gpus.list() do
|
||||
v.bind(monitor.address, false)
|
||||
currentGPUBinding[v.address] = nil
|
||||
local w, h = v.maxResolution()
|
||||
local d = v.maxDepth() * w * h
|
||||
if d > bestD then
|
||||
local quality = w * h * v.maxDepth()
|
||||
local users = (currentGPUUsers[v.address] or 0)
|
||||
local gquality = 0
|
||||
for scr in screens.list() do
|
||||
v.bind(scr.address, false)
|
||||
w, h = v.maxResolution()
|
||||
local squality = w * h * v.maxDepth()
|
||||
gquality = math.max(gquality, squality)
|
||||
end
|
||||
local stats = {quality, -users, -gquality}
|
||||
for i = 1, #stats do
|
||||
if stats[i] > bestStats[i] then
|
||||
bestG = v
|
||||
bestD = d
|
||||
bestU = currentGPUUsers[v.address] or 0
|
||||
elseif d == bestD then
|
||||
if (currentGPUUsers[v.address] or 0) < bestU then
|
||||
bestG = v
|
||||
bestD = d
|
||||
bestU = currentGPUUsers[v.address] or 0
|
||||
bestStats = stats
|
||||
break
|
||||
elseif stats[i] < bestStats[i] then
|
||||
break
|
||||
end
|
||||
end
|
||||
end
|
||||
if bestG then
|
||||
neo.emergency("glacier bound " .. monitor.address .. " to " .. bestG.address)
|
||||
else
|
||||
neo.emergency("glacier failed to bind " .. monitor.address)
|
||||
end
|
||||
return bestG
|
||||
end
|
||||
|
||||
|
@ -5,10 +5,9 @@
|
||||
-- In general, this is what userspace will be interacting with in some way or another to get stuff done
|
||||
|
||||
local settings = neo.requireAccess("x.neo.sys.manage", "security sysconf access")
|
||||
|
||||
local fs = neo.requireAccess("c.filesystem", "file managers")
|
||||
|
||||
local donkonitDFProvider = neo.requireAccess("r.neo.pub.base", "creating basic NEO APIs")
|
||||
local rootAccess = neo.requireAccess("k.root", "installing GUI integration")
|
||||
|
||||
local targsDH = {} -- data disposal
|
||||
|
||||
@ -280,7 +279,6 @@ local function wrapWASS(perm, req)
|
||||
end
|
||||
|
||||
-- Connect in security policy now
|
||||
local rootAccess = neo.requireAccess("k.root", "installing GUI integration")
|
||||
local backup = rootAccess.securityPolicyINIT or rootAccess.securityPolicy
|
||||
rootAccess.securityPolicyINIT = backup
|
||||
rootAccess.securityPolicy = function (pid, proc, perm, req)
|
||||
|
@ -21,6 +21,28 @@ As it runs in a coroutine, events are
|
||||
and potentially accesses headed in
|
||||
its direction...)
|
||||
|
||||
NOTE regarding security of this!
|
||||
|
||||
For efficiency, APIs are generally
|
||||
used "directly". This allows read
|
||||
access to all events, including any
|
||||
security responses.
|
||||
|
||||
The assumption made here is that if
|
||||
you're communicating with an app you
|
||||
don't trust, you will wrap access to
|
||||
it in a coroutine shell, and perform
|
||||
ensureType usage on everything that
|
||||
it spews out.
|
||||
|
||||
In particular, this is a good way to
|
||||
isolate yourself from any effects,
|
||||
including timeout, of a function you
|
||||
know to be environment-sandboxed:
|
||||
|
||||
coroutine.resume(coroutine.create(
|
||||
functionIDontTrust))
|
||||
|
||||
An example KittenOS NEO program,
|
||||
solely using kernel APIs,
|
||||
that you will likely have to kill:
|
||||
|
Loading…
Reference in New Issue
Block a user