lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Sep 2018 01:14:48 +0300
From:   Cyrill Gorcunov <gorcunov@...il.com>
To:     Cyrill Gorcunov <gorcunov@...il.com>
Cc:     Dmitry Safonov <dima@...sta.com>, linux-kernel@...r.kernel.org,
        Dmitry Safonov <0x7f454c46@...il.com>,
        Andrei Vagin <avagin@...nvz.org>,
        Adrian Reber <adrian@...as.de>,
        Andy Lutomirski <luto@...nel.org>,
        Christian Brauner <christian.brauner@...ntu.com>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
        Jeff Dike <jdike@...toit.com>, Oleg Nesterov <oleg@...hat.com>,
        Pavel Emelyanov <xemul@...tuozzo.com>,
        Shuah Khan <shuah@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        containers@...ts.linux-foundation.org, criu@...nvz.org,
        linux-api@...r.kernel.org, x86@...nel.org
Subject: Re: [RFC 02/20] timens: Add timens_offsets

On Thu, Sep 20, 2018 at 09:45:10PM +0300, Cyrill Gorcunov wrote:
> On Wed, Sep 19, 2018 at 09:50:19PM +0100, Dmitry Safonov wrote:
> > From: Andrei Vagin <avagin@...nvz.org>
> > 
> > Introduce offsets for time namespace. They will contain adjustment
> > needed to convert clocks to/from host's.
> > 
> > Allocate one page for each time namespace that will be premapped into
> > userspace with vvar pages.
> 
> Is not it too much?! The whole page per each clone(new-time-ns) call.
> Moreover everytime it is get explicitly zeroifyed. Don't get me wrong,
> maybe I miss something obvious, but additional 4K per process, guys :)

After being talking to Andrew I think there is no better option though.
If syscalls would be free of course we could use them instead but this
vdso stuff, sigh. I thouhgh about modifying vdso code so it would carry
refs inside (or adding some section into elf loader kernel code), but
all this would simply mess the code. Thus this 4K per namespace seems
to be acceptable trade off.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ