| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 Mar 2009 12:30:55 -0600 From: "Serge E. Hallyn" <serue@...ibm.com> To: Cedric Le Goater <legoater@...e.fr> Cc: Greg Kurz <gkurz@...ibm.com>, containers <containers@...ts.linux-foundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Dave Hansen <dave@...ux.vnet.ibm.com>, Christoph Hellwig <hch@...radead.org>, Ingo Molnar <mingo@...e.hu>, Alexey Dobriyan <adobriyan@...il.com> Subject: Re: [RFC][PATCH 00/11] track files for checkpointability Quoting Cedric Le Goater (legoater@...e.fr): > Serge E. Hallyn wrote: > > Quoting Greg Kurz (gkurz@...ibm.com): > >> On Fri, 2009-03-06 at 01:00 +0300, Alexey Dobriyan wrote: > >>> On Thu, Mar 05, 2009 at 01:27:07PM -0800, Dave Hansen wrote: > >>>>> Imagine, unsupported file is opened between userspace checks > >>>>> for /proc/*/checkpointable and /proc/*/fdinfo/*/checkpointable > >>>>> and whatever, you stil have to do all the checks inside checkpoint(2). > >>>> Alexey, we have two problems here. I completely agree that we have to > >>>> do complete and thorough checks of each file descriptor at > >>>> sys_checkpoint(). Any checks made at other times should not be trusted. > >>>> > >>>> The other side is what Ingo has been asking for. How do we *know* when > >>>> we are checkpointable *before* we call (and without calling) > >>> This "without calling checkpoint(2)" results in much complications > >>> as demonstrated. > >>> > >>> task_struct and file are not like other structures because they are exposed > >>> in /proc. For PROC_FS=n kernels, one can't even check. > >>> > >>> You can do checkpoint(2) without actual dump. You pass, you're most > >>> certainly checkpointable (with inevitable race condition in mind). > >>> > >> Ahhh thank you very much Alexey ! I wanted to explain this to Dave a few > >> monthes ago but I failed... probably because of my poor English skills. > >> > >> https://lists.linux-foundation.org/pipermail/containers/2008-October/013549.html > >> > >> Why would we add checking all over the place when it MUST be done on the > >> sys_checkpoint() path ? The checkpoint(2) dry-run is definitely the way > >> to go. > > > > I'm sure Dave understood that this was possible :) > > > > But what you and Alexey are proposing does not and cannot fullfill > > Ingo's requirement. > > And if Ingo's requirement is fulfilled, would any C/R patchset be acceptable ? Yup, no matter how hideous :) Ok not really. But the point was that it wasn't Dave not understanding Alexey's suggestion, but Greg not understanding Ingo's. If you think Ingo's goal isn't worthwhile or achievable, then argue that (as I am), don't keep elaborating on something we all agree will be needed (Alexey's suggestion or some other way of doing a true may-be-checkpointed test). -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists