[CRIU] Re: [PATCH 3/7] fowners: Add regular files/pipes owners
dumping
Cyrill Gorcunov
gorcunov at openvz.org
Wed Apr 11 06:36:19 EDT 2012
On Wed, Apr 11, 2012 at 02:12:50PM +0400, Cyrill Gorcunov wrote:
> > I don't understand this thirst for zeroifying everything larger than int even if
> > this thing is about to be re-initialized one line of code below. The code from you
> > is always full of this. Please, explain it to me.
> >
>
> I need the fown member to be zero here, so I though
>
> - either to use params.fown = (fown_t){ };
> - either zeroify everything on declaration
>
> the second is simplier (still I remember what have you said
> about zeroifying and hidden bugs). If the first form is preferred,
> I'll update the patch.
Still I believe if there some structure which we dump on disk,
it simply _must_ be init'ed (either zeroified explicitly or
by gcc internally), just from security pov, the stack might
have some sensible information. And this is not "imagined"
situation, it doesn't hit us at moment but may in future.
And after all, string instructions are very fast on
present cpus so I don't expect mutch perfomance lose
here (if only the structure is not crossing cache
line).
Cyrill
More information about the CRIU
mailing list