| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 4 Jun 2007 12:46:21 +0200 From: Pavel Machek <pavel@....cz> To: Jeremy Maitin-Shepard <jbms@....edu> Cc: "Rafael J. Wysocki" <rjw@...k.pl>, linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...l.org>, Nigel Cunningham <nigel@...el.suspend2.net> Subject: Re: A kexec approach to hibernation Hi! > >> But kernel threads also rely on userspace, due to e.g. fuse and usermode > >> helpers. > > > Yes, I know that and I think these issues are solvable within the current > > approach. > > It seems like it would be very hard to get writing of an image to a > fuse filesystem working under the current scheme. > > Trying to image a system while it is running seems fundamentally broken. > As another example, I believe currently although devices are "quiesced" > or stopped while the atomic snapshot is made, they are all then started > again afterward while the image is written to disk. As a result, the > network drivers will continue acking TCP packets that are received after > the snapshot, but these packets will be lost. > > You might claim then that the solution is to simply keep the network > driver quiesced or stopped. But then it is impossible to write the > image over the network. The way to get around this problem is to write > the image over the network using a fresh network stack. The "fresh network stack" will RST any connections that were going, which is ugly, too. > >> Grub, its configuration, and the kernel used to resume the system had > >> better be on a "safe" filesystem already (i.e. a separate, unmounted > >> before hibernation /boot). > > > Currently, you don't need to do that. > > Some people get away with it, but fundamentally it is broken to do so. > (The fact that the current software suspend implementations tell the > filesystems to sync to disk increases its chances of working.) You are > accessing a filesystem that is in an unknown state. Consider that the > user might make a change to grub.conf, but the kernel caches the write. > If the filesystem containing grub.conf is left mounted, the write might > never reach disk before the system is hibernated. As a result, when > grub attempts to read it, it doesn't get the expected data. sync is perfectly safe way of telling the fs to store data on disk. > >> That is why I think the kexec solution is the elegant solution. > > > Frankly, I think it's tricky. ;-) > > To me, it seems a lot easier to get right than the current approaches. Well, you are certainly welcome to create the patch. "suspend3" name is still free, AFAICT. If _I_ were willing to add some runtime overhead to make hibernation simpler, I'd just use some virtualization to do that... with added advantage of "hibernate here, resume on different hw". Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists