[Devel] Re: [RFC v6][PATCH 0/9] Kernel based checkpoint/restart
David Newall
davidn at davidnewall.com
Thu Oct 16 23:30:57 PDT 2008
Peter Chubb wrote:
>>>>>> "Oren" == Oren Laadan <orenl at cs.columbia.edu> writes:
>>>>>>
>
> Oren> Daniel Lezcano wrote:
>
>
>>>> The one exception (and it is a tedious one !) are states in which
>>>> the task is already frozen by definition: any ptrace blocking
>>>> point where the tracee waits for the tracer to grant permission to
>>>> proceed with its execution. Another example is in vfork(), waiting
>>>> for completion.
>>>>
>>> I would say these are perfect places for "may be
>>> non-checkpointable" :)
>>>
>
> Oren> For now, yes. But we definitely want this capability in the long
> Oren> run; otherwise we won't be able to checkpoint a kernel compile
> Oren> ('make' uses vfork), or anything with 'gdb' running inside, or
> Oren> 'strace', and other goodies.
>
> The strace/gdb example is *really* hard; but for vfork, you just wait
> until it's over. The interval between vfork and exec/exit should be
> short enough not to affect the overall time for a checkpoint
A malicious user could trivially exploit that.
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list