[Devel] Re: [PATCH 1/1] cr: fix compilation with CONFIG_UTS_NS=n

Serge E. Hallyn serue at us.ibm.com
Fri Jun 19 07:56:06 PDT 2009 

Quoting Nathan Lynch (ntl at pobox.com):
> "Serge E. Hallyn" <serue at us.ibm.com> writes:
> > Quoting Nathan Lynch (ntl at pobox.com):
> >> Oren Laadan <orenl at cs.columbia.edu> writes:
> >> 
> >> > I think it's useful to be able to
> >> >
> >> > 1) checkpoint on a system with !CONFIG_UTS_NS,  and -
> >> > 2) checkpoint on a system with CONFIG_UTS_NS and restart on a
> >> > system with !CONFIG_UTS_NS (as long as all tasks in the image
> >> > share a single uts-ns)
> >> 
> >> In principle I agree, but what confidence can we have that meaningful
> >> testing of such configurations (especially #2) will occur?
> >
> > History says, low confidence.  So far just 1 is bad enough.  It's
> > taking a lot of my time on the LSM c/r (with the various combinations
> > of CONFIG_SECURITY, CONFIG_IPC_NS, and CONFIG_CHECKPOINT), and things
> > like CONFIG_IPC_NS consistently break c/r anyway.
> >
> > So for 2 i'm tempted to say let's encode a sha1sum of the .config
> > into the checkpoint header.  We'll keep *trying* to support (2), and
> > userspace can trivially rewrite the header if it really wants to believe
> > we've succeeded.
> 
> Are you suggesting having sys_restart code path consult the .config
> sha1sum in the image?

Yup.

> Or is it just for the benefit of userspace?  If
> the former, I'm having difficulty grasping the benefit.

Well we could also do it in userspace, but it seemed easier to actually
store the sha1sum in a char buf in the c/r code in the kernel, stick it
in the header at checkpoint, and verify it at restart.

The benefit?  Well...  really I feel opposite today.  Along the lines
of supporting unprivileged restart as long as possible to make us
consider security, I guess I'd argue we should support heterogenous
(in terms of config :) c/r as long as possible.  The reason I was
thinking otherwise yesterday is that I have to special-case things
like the task->security objref when CONFIG_SECURITY=n.  It felt
hacky yesterday, but the end result looks pretty good and is i 
think better thought out than it would have been were we doing the
sha1sum thing.

-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

More information about the Devel mailing list