| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Sep 2007 09:58:22 +0530 From: Vivek Goyal <vgoyal@...ibm.com> To: Randy Dunlap <randy.dunlap@...cle.com> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, pete@...elane.com, Jason Wessel <jason.wessel@...driver.com>, Matt Mackall <mpm@...enic.com>, Amit Kale <amitkale@...syssoft.com>, Dave Anderson <anderson@...hat.com>, kdb@....sgi.com, jlan@....com, Andrew Morton <akpm@...ux-foundation.org>, Kexec Mailing List <kexec@...ts.infradead.org>, linux-kernel@...r.kernel.org Subject: Re: My position on general ``RAS'' tool support infrastructure On Mon, Sep 17, 2007 at 06:38:53PM -0700, Randy Dunlap wrote: > On Thu, 13 Sep 2007 07:21:10 -0600 Eric W. Biederman wrote: > > > Pete/Piet Delaney <pete@...elane.com> writes: > > > > > Jason, Eric: > > > > > > Did you read Keith Owens suggestion on RAS tools from: > > > Yes. and I re-read it. > > There are several things in Keith's email that make sense: > > a. all RAS tools should use a common interface > b. it's not the kernel's job to decide which RAS tool runs first > > > Eric makes some good points too. I'm mostly similar to Eric: > paranoid about trusting software/hardware after a panic (or oops). > > So if someone wants to use multiple RAS tools on a panic event, > enabling an admin to set priorities is OK with me, but I'll only > trust the first one that is used, and even that one may have > problems. IOW, I don't see a big need to support multiple RAS > tools at one time. (speaking for myself) > I would be nice to have a kernel debugger co-exist with crash dumping. I like Eric's idea of debugger putting a break point on panic(). This would mean that rest of the post panic() actions have to be performed by second kernel which can perform those actions much more reliably. But this also brings in the additional requirement of passing all the required context to second kernel. For example, in the past somebody wanted to send a message to a remote node that sytem crashed so that standby can take over. If the same job has to be done in second kernel, it requires all the relavant information like remote host IP, port etc passed to the second kernel which I think makes the job little harder. May be one can pre-configure these parameters in user space and let the job be done either from initrd or user space scripts in second kernel. Thanks Vivek - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists