| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1224644563.1848.232.camel@nimitz> Date: Tue, 21 Oct 2008 20:02:43 -0700 From: Dave Hansen <dave@...ux.vnet.ibm.com> To: Daniel Jacobowitz <dan@...ian.org> Cc: Oren Laadan <orenl@...columbia.edu>, linux-api@...r.kernel.org, containers@...ts.linux-foundation.org, mingo@...e.hu, linux-kernel@...r.kernel.org, linux-mm@...ck.org, viro@...iv.linux.org.uk, hpa@...or.com, Andrew Morton <akpm@...ux-foundation.org>, torvalds@...ux-foundation.org, tglx@...utronix.de Subject: Re: [RFC v7][PATCH 2/9] General infrastructure for checkpoint restart On Tue, 2008-10-21 at 22:55 -0400, Daniel Jacobowitz wrote: > I haven't been following - but why this whole container restriction? > Checkpoint/restart of individual processes is very useful too. > There are issues with e.g. IPC, but I'm not convinced they're > substantially different than the issues already present for a > container. Containers provide isolation. Once you have isolation, you have a discrete set of resources which you can checkpoint/restart. Let's say you have a process you want to checkpoint. If it uses a completely discrete IPC namespace, you *know* that nothing else depends on those IPC ids. We don't even have to worry about who might have been using them and when. Also think about pids. Without containers, how can you guarantee a restarted process that it can regain the same pid? -- Dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists