| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Jun 2007 18:03:28 +0200 From: Xavier Bestel <xavier.bestel@...e.fr> To: Jeremy Maitin-Shepard <jbms@....edu> Cc: nigel@...el.suspend2.net, "Rafael J. Wysocki" <rjw@...k.pl>, linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...l.org>, Pavel Machek <pavel@....cz> Subject: Re: A kexec approach to hibernation On Mon, 2007-06-11 at 11:51 -0400, Jeremy Maitin-Shepard wrote: > Xavier Bestel <xavier.bestel@...e.fr> writes: > > > On Mon, 2007-06-11 at 11:01 -0400, Jeremy Maitin-Shepard wrote: > >> >> You might claim then that the solution is to simply keep the network > >> >> driver quiesced or stopped. But then it is impossible to write the > >> >> image over the network. The way to get around this problem is to write > >> >> the image over the network using a fresh network stack. > >> > >> > Or teach the driver stack about the difference/reset it. Remember that > >> > even if you get a fresh network stack, you'll still be getting packets > >> > for the old stack. Getting a new ip (assuming one is available) won't > >> > stop other connections getting killed, either because we send resets > >> > from the kexec'd kernel, or because they timeout looking for the old > >> > ip. > >> > >> I could be mistaken, but I think that bringing up the network interface > >> with a different IP address would prevent it from reseting existing TCP > >> connections, because it would never receive the packets for those > >> existing connections. > > > That can't work. There are networks where the client must have a fixed > > IP, or must accept the adress given by dhcp in order to talk to > > fileservers. And you still have the same mac adress, which may cause > > problems. > > I wasn't suggesting that using a different IP address would be a general > solution. It might be a solution for a few people. > > In general, I'd imagine that most people would not bring up the network > interface at all, and most of the people that do would bring it up with > the same IP address, causing some existing TCP connections to possibly > be reset. > > I think that causing connections to be reset is, however, far better > than acking packets that are then silently thrown away. If I were helping you coding I'd suggest to only concentrate on having your project work on standard filesystems, and then when it works maybe think about suspending on crypto-over-loop-over-fuse-over-vpn-over-wifi. But talk is cheap so I'm shutting up. Right now. :) Xav - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists