From: ebiederm@xmission.com (Eric W. Biederman)
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>,
Alexey Dobriyan <adobriyan@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
Pavel Emelyanov <xemul@parallels.com>,
Andrey Vagin <avagin@openvz.org>, Ingo Molnar <mingo@elte.hu>,
Thomas Gleixner <tglx@linutronix.de>,
Glauber Costa <glommer@parallels.com>,
Andi Kleen <andi@firstfloor.org>, Tejun Heo <tj@kernel.org>,
Matt Helsley <matthltc@us.ibm.com>,
Pekka Enberg <penberg@kernel.org>,
Eric Dumazet <eric.dumazet@gmail.com>,
Vasiliy Kulikov <segoon@openwall.com>,
Andrew Morton <akpm@linux-foundation.org>,
Valdis.Kletnieks@vt.edu
Subject: Re: [RFC] syscalls, x86: Add __NR_kcmp syscall
Date: Tue, 17 Jan 2012 13:35:00 -0800 [thread overview]
Message-ID: <m1obu29fnf.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <4F15C249.3000602@zytor.com> (H. Peter Anvin's message of "Tue, 17 Jan 2012 10:47:37 -0800")
"H. Peter Anvin" <hpa@zytor.com> writes:
> On 01/17/2012 06:44 AM, Cyrill Gorcunov wrote:
>> On Tue, Jan 17, 2012 at 04:38:14PM +0200, Alexey Dobriyan wrote:
>>> On 1/17/12, Cyrill Gorcunov <gorcunov@gmail.com> wrote:
>>>> +#define KCMP_EQ 0
>>>> +#define KCMP_LT 1
>>>> +#define KCMP_GT 2
>>>
>>> LT and GT are meaningless.
>>>
>>
>> I found symbolic names better than open-coded values. But sure,
>> if this is problem it could be dropped.
>>
>> Or you mean that in general anything but 'equal' is useless?
>>
>
> Why on Earth would user space need to know which order in memory certain
> kernel objects are?
For checkpoint restart and for some other kinds of introspection what is
needed is a comparison function to see if two processes share the same
object. The most interesting of these objects from a checkpoint restart case
are file descriptors, and there can be a lot of file descriptors.
The order in memory does not matter. What does matter is that the
comparison function return some ordering between objects. The algorithm
for figuring out of N items which of them are duplicates is O(N^2) if
the comparison function can only return equal or not equal. The
algorithm for finding duplications is only O(NlogN) if the comparison
function will return an ordering among the objects.
> Keep in mind that this is *exactly* the kind of information which makes
> rootkits easier.
I would be very surprised if basic in memory ordering information was
not already available from simple creation ordering.
If using the in memory ordering is a problem in practice there are a lot
of other possible ways to order the kernel objects. Allocating sequence
numbers for the kernel objects, passing the pointers through a
cryptographically secure hash before comparing them, etc.
It does look like Cyrill's patch description lacked the important bit of
information about the algorithm complexity requiring an ordering among
kernel objects. Cyrill you probably want to describe more prominently
what is happening now and why in your patch description rather than give
the history of different approaches.
Eric
next prev parent reply other threads:[~2012-01-17 21:32 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-17 14:27 [RFC] syscalls, x86: Add __NR_kcmp syscall Cyrill Gorcunov
2012-01-17 14:38 ` Alexey Dobriyan
2012-01-17 14:44 ` Cyrill Gorcunov
2012-01-17 18:47 ` H. Peter Anvin
2012-01-17 21:15 ` Cyrill Gorcunov
2012-01-17 21:40 ` Eric W. Biederman
2012-01-18 5:07 ` Pavel Emelyanov
2012-01-17 21:35 ` Eric W. Biederman [this message]
2012-01-18 8:01 ` Cyrill Gorcunov
2012-01-18 9:12 ` KOSAKI Motohiro
2012-01-18 9:19 ` Pavel Emelyanov
2012-01-18 9:23 ` KOSAKI Motohiro
2012-01-18 11:57 ` Cyrill Gorcunov
2012-01-18 16:46 ` KOSAKI Motohiro
2012-01-18 17:20 ` Cyrill Gorcunov
2012-01-18 22:05 ` david
2012-01-18 22:49 ` Cyrill Gorcunov
2012-01-18 23:29 ` Eric W. Biederman
2012-01-19 6:55 ` Cyrill Gorcunov
2012-01-20 3:16 ` Eric W. Biederman
2012-01-20 8:40 ` Cyrill Gorcunov
2012-01-20 9:02 ` Cyrill Gorcunov
2012-01-20 14:51 ` H. Peter Anvin
2012-01-20 16:29 ` Cyrill Gorcunov
2012-01-20 16:57 ` H. Peter Anvin
2012-01-20 18:19 ` Cyrill Gorcunov
2012-01-20 18:22 ` Cyrill Gorcunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1obu29fnf.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=avagin@openvz.org \
--cc=eric.dumazet@gmail.com \
--cc=glommer@parallels.com \
--cc=gorcunov@gmail.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matthltc@us.ibm.com \
--cc=mingo@elte.hu \
--cc=penberg@kernel.org \
--cc=segoon@openwall.com \
--cc=tglx@linutronix.de \
--cc=tj@kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).