[OVAL DEVELOPER] Clarification about priority entity

Prisaca, Dragos (Assoc) dragos.prisaca at nist.gov
Tue Apr 12 18:39:16 EDT 2016


Hello,

According to the OVAL Unix System Characteristics schema (https://github.com/OVALProject/Language/blob/master/schemas/unix-system-characteristics-schema.xsd), the priority entity of a process58_item is defined as: "This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call."
On RHEL systems, I believe the priority can be found in the "/proc/{pid}/stat" - item 18 (priority) which is defined as "For processes running a real-time scheduling policy (policy below; see sched_setscheduler(2)), this is the negated scheduling priority, minus one; that is, a number in the range -2 to -100, corresponding to real-time priorities 1 to 99.  For processes running under a non-real-time scheduling policy, this is the raw nice value (setpriority(2)) as represented in the kernel.  The kernel stores nice values as numbers in the range 0 (high) to 39 (low), corresponding to the user-visible nice range of -20 to 19."
If my understanding is correct, I would suggest to provide additional clarification in the OVAL specification to avoid any confusion.

A related issue on RHEL is regarding the ps command and Standard Format Specifiers. The same value stored in stat file can be retrieve by running the command "ps -o priority {pid}", but 'ps -o pri {pid}' returns a different value. For instance, on RHEL6, the 'man ps' does not mention any of these standard format specifiers. Any thoughts?

Since the priority property is spread across all *nix systems, are other systems affected by this issue?

Any feedback is much appreciated!

Respectfully,
Dragos Prisaca
NVLAP Technical Expert
NIST SCAP Validation Program | http://scap.nist.gov/validation


...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cisecurity.org/pipermail/oval_developer_lists.cisecurity.org/attachments/20160412/d335674c/attachment-0002.html>


More information about the OVAL_Developer mailing list