lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 04 Jun 2012 14:29:43 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	YOSHIDA Masanori <masanori.yoshida.tv@...achi.com>
CC:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
	Vivek Goyal <vgoyal@...hat.com>, linux-kernel@...r.kernel.org,
	Andy Lutomirski <luto@....edu>, Ingo Molnar <mingo@...e.hu>,
	KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>,
	Kees Cook <keescook@...omium.org>,
	Kevin Hilman <khilman@...com>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Prarit Bhargava <prarit@...hat.com>,
	"Rafael J. Wysocki" <rjw@...k.pl>, Tejun Heo <tj@...nel.org>,
	yrl.pp-manager.tt@...achi.com
Subject: Re: [RFC PATCH 0/4 V2] introduce: livedump

On 05/25/2012 02:12 AM, YOSHIDA Masanori wrote:
> 
> Such a mechanism is useful especially in the case where very important
> systems are consolidated onto a single machine via virtualization.
> Assuming a KVM host runs multiple important VMs on it and one of them
> fails, the other VMs have to keep running. However, at the same time, an
> administrator may want to obtain memory dump of not only the failed guest
> but also the host because possibly the cause of failture is not in the
> guest but in the host or the hardware under it.
> 
> Live Dump is based on Copy-on-write technique. Basically processing is
> performed in the following order.
> (1) Suspends processing of all CPUs.
> (2) Makes pages (which you want to dump) read-only.
> (3) Resumes all CPUs
> (4) On page fault, dumps a page including a fault address.
> (5) Finally, dumps the rest of pages that are not updated.
> 
> Currently, Live Dump is just a simple prototype and it has many
> limitations. I list the important ones below.
> (1) It write-protects only kernel's straight mapping areas. Therefore
>     memory updates from vmap areas and user space don't cause page fault.
>     Pages corresponding to these areas are not consistently dumped.
> (2) It supports only x86-64 architecture.
> (3) It can only handle 4K pages. As we know, most pages in kernel space are
>     mapped via 2M or 1G large page mapping. Therefore, the current
>     implementation of Live Dump splits all large pages into 4K pages before
>     setting up write protection.
> (4) It allocates about 50% of physical RAM to store dumped pages. Currently
>     Live Dump saves all dumped data on memory once, and after that a user
>     becomes able to use the dumped data. Live Dump itself has no feature to
>     save dumped data onto a disk or any other storage device.
> 

I am very concerned about the impact of this patch versus its value...
losing half the RAM means the value is extremely limited and the other
limitations above indicates that the cost is very very high.

At the same time, the guest can be dumped without any special tricks.

	-hpa

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ