lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 2 Feb 2021 09:32:50 -0500
From:   "Michael S. Tsirkin" <mst@...hat.com>
To:     Pavel Machek <pavel@....cz>
Cc:     Adrian Catangiu <acatan@...zon.com>, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, qemu-devel@...gnu.org,
        kvm@...r.kernel.org, linux-s390@...r.kernel.org,
        gregkh@...uxfoundation.org, graf@...zon.com, arnd@...db.de,
        ebiederm@...ssion.com, rppt@...nel.org, 0x7f454c46@...il.com,
        borntraeger@...ibm.com, Jason@...c4.com, jannh@...gle.com,
        w@....eu, colmmacc@...zon.com, luto@...nel.org, tytso@....edu,
        ebiggers@...nel.org, dwmw@...zon.co.uk, bonzini@....org,
        sblbir@...zon.com, raduweis@...zon.com, corbet@....net,
        mhocko@...nel.org, rafael@...nel.org, mpe@...erman.id.au,
        areber@...hat.com, ovzxemul@...il.com, avagin@...il.com,
        ptikhomirov@...tuozzo.com, gil@...l.com, asmehra@...hat.com,
        dgunigun@...hat.com, vijaysun@...ibm.com, oridgar@...il.com,
        ghammer@...hat.com
Subject: Re: [PATCH v4 1/2] drivers/misc: sysgenid: add system generation id
 driver

On Wed, Jan 27, 2021 at 11:15:05PM +0100, Pavel Machek wrote:
> Hi!
> 
> > - Solution
> > 
> > The System Generation ID is a simple concept meant to alleviate the
> > issue by providing a monotonically increasing u32 counter that changes
> > each time the VM or container is restored from a snapshot.
> 
> I'd make it u64.
> 
> But as people explained, this has race problems that may be impossible
> to solve?

Well the read/write interface could be used in a safe way thinkably:

- application checks VM gen id
- application sends a transaction e.g. to  database
- application re-checks VM gen id
- if id changed, application checks the database for duplicate
  transactions

not sure how can the mmap interface be used safely.
Drop it for now?



> Best regards,
> 								Pavel
> 								
> -- 
> http://www.livejournal.com/~pavelmachek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ