lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Apr 2010 22:02:15 -0400 From: Oren Laadan <orenl@...columbia.edu> To: Dan Smith <danms@...ibm.com> CC: Daniel Lezcano <daniel.lezcano@...e.fr>, containers@...ts.osdl.org, Vlad Yasevich <vladislav.yasevich@...com>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH] [RFC] C/R: inet4 and inet6 unicast routes (v2) Dan Smith wrote: > DL> Is it possible to enter the namespace and dump / restore the > DL> routes with NETLINK_ROUTE from userspace ? Or is it something not > DL> possible ? > > I'm sure it would be doable. However, checkpointing the routes that > way would: > > (a) Be inconsistent with how we checkpoint all the other resources, > including the other network resources we handle from the kernel > with rtnl > (b) Require merging of the data from the resources saved in userspace > with those saved in kernelspace See below suggestion for userspace. > (c) Eliminate the ability for an application to easily checkpoint > itself by making a single syscall I can't think of a use-case of a networked application that takes a checkpoint of itself (including live network). Anyway, it's can still be useful to at least do the restore from userspace (while checkpoint is done in kernel - like with pids). We may reduce the complexity of restore (in kernel) greatly. (BTW, instead of syscall one could have a library call that will take care of the userspace "work"). > (d) Require this same sort of jumping back and forth between > namespaces by the userspace task doing the checkpoint/restart > I wonder: if we could relatively simply recreate the network ns, the interfaces in them, and then restore the routing information all from userspace before calling sys_restart, it may be useful in simplifying the kernel code, and allowing more flexibility for userspace alterations. I definitely should have asked the question much earlier when you started the work on restoring network ns and interfaces ... (oh, I reckon it's better late than never). Just tossing out the idea, see what kind of thoughts it evokes. Most likely I'll get a "that won't work because ...", but I'm hoping for a "hmm.. maybe.. let me see.." :) Oren. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists