| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48AC8F63.3050500@cs.columbia.edu> Date: Wed, 20 Aug 2008 17:40:51 -0400 From: Oren Laadan <orenl@...columbia.edu> To: Pavel Machek <pavel@...e.cz> CC: "Serge E. Hallyn" <serue@...ibm.com>, containers@...ts.linux-foundation.org, Theodore Tso <tytso@....edu>, linux-kernel@...r.kernel.org, Arnd Bergmann <arnd@...db.de>, Dave Hansen <dave@...ux.vnet.ibm.com> Subject: Re: [RFC][PATCH 1/4] checkpoint-restart: general infrastructure Pavel Machek wrote: > Hi! > >>>>> I have to wonder if this is just a symptom of us trying to do this the >>>>> wrong way. We're trying to talk the kernel into writing internal gunk >>>>> into a FD. You're right, it is like a splice where one end of the pipe >>>>> is in the kernel. >>>>> >>>>> Any thoughts on a better way to do this? >>>> Maybe you can invert the logic and let the new syscalls create a file >>>> descriptor, and then have user space read or splice the checkpoint >>>> data from it, and restore it by writing to the file descriptor. >>>> It's probably easy to do using anon_inode_getfd() and would solve this >>>> problem, but at the same time make checkpointing the current thread >>>> hard if not impossible. >>> Yeah, it does seem kinda backwards. But, instead of even having to >>> worry about the anon_inode stuff, why don't we just put it in a fs like >>> everything else? checkpointfs! >> One reason is that I suspect that stops us from being able to send that >> data straight to a pipe to compress and/or send on the network, without >> hitting local disk. Though if the checkpointfs was ram-based maybe not? >> >> As Oren has pointed out before, passing in an fd means we can pass a >> socket into the syscall. > > If you do pass a socket, will it handle blocking correctly? Getting > deadlocked task would be bad. What happens if I try to snapshot into > /proc/self/fd/0 ? Or maybe restore from /proc/cmdline? Hmmm... these are good points. Keep in mind that our principal goal is to checkpoint a whole container, rather then a task to checkpoint itself (which is a by-product). Of course your comments apply to a whole container as well. In both cases, I don't think that blocking on a socket is a problem; the checkpointer will enter a TASK_INTERRUPTIBLE state. Where is the deadlock ? Writing or reading to/from /proc/self/... likewise - the programmer must understand the implications, or the program won't work as expected. I don't see a possible deadlock here, though. For example - writing to /proc/self/fd/0 is ok; the state of fd[0] of that task will be captured at some point in the middle of the checkpoint, so after restart one cannot assume anything about the file position; the rest should work. Oren. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists