| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Apr 2007 00:40:05 +0200 From: Pavel Machek <pavel@....cz> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Nigel Cunningham <nigel@...el.suspend2.net>, Pekka Enberg <penberg@...helsinki.fi>, LKML <linux-kernel@...r.kernel.org> Subject: Re: Back to the future. Hi! > > * Doing things in the right order? (Prepare the image, then do the > > atomic copy, then save). > > I'd actually like to discuss this a bit.. > > I'm obviously not a huge fan of the whole user/kernel level split and > interfaces, but I actually do think that there is *one* split that makes > sense: > > - generate the (whole) snapshot image entirely inside the kernel > > - do nothing else (ie no IO at all), and just export it as a single image > to user space (literally just mapping the pages into user space). > *one* interface. None of the "pretty UI update" crap. Just a single > system call: > > void *snapshot_system(u32 *size); > > which will map in the snapshot, return the mapped address and the size > (and if you want to support snapshots > 4GB, be my guest, but I suspect > you're actually *better* off just admitting that if you cannot shrink > the snapshot to less than 32 bits, it's not worth doing) This is basically how uswsusp is designed. (We do not use system call, you just read from /dev/snapshot, and you have to make few ioctls to stop the other tasks). > and for testing, you should be able to basically do > > u32 size; > void *buffer = snapshot_system(&size); > if (buffer != MAP_FAILED) > resume_snapshot(buffer, size); > > and it should obviously work. Which is what I did long time ago, during uswsusp development. > Once you have that snapshot image in user space you can do anything you > want. And again: you'd hav a fully working system: not any degradation > *at*all*. If you're in X, then X will continue running etc even after the > snapshotting, although obviously the snapshotting will have tried to page > a lot of stuff out in order to make the snapshot smaller, so you'll likely > be crawling. Well... We decided not to do this in the fully working system. SIGSTOP is just not strong enough, and we want the snapshot atomic. Now, it would be _very_ nice to be able to snapshot system and continue running, but I just don't see how to do it without extensive filesystem support. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists