Re: dump to cgdNb device

To: Alexander Nasonov <alnsn%yandex.ru@localhost>
Subject: Re: dump to cgdNb device
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Thu, 16 Jun 2016 07:31:01 -0400

On Jun 16,  7:18am, alnsn%yandex.ru@localhost (Alexander Nasonov) wrote:
-- Subject: Re: dump to cgdNb device

| Christos Zoulas wrote:
| > That means that either cpu_dump or the next function returned ENXIO.
| > The code is very careful to dump only on partitions that are marked as
| > swap and on devices it knows about to avoid accidents. Dumping on
| > "software" devices is very dangerous since typically when you are dumping
| > you've probably corrupted memory already.
| 
| There is a risk even with hardware devices but it's smaller because less
| software is involved. Dumping to cgd is a quite important usecase and
| perhaps we should make an exception. Would it help to RO protect some
| data structures like private keys?

Well, we could make an exception on cgd... We have to think carefully
what to do to make it safer. Perhaps it should be turned on via a sysctl
or a kernel option only?

christos

References:
- Re: dump to cgdNb device
  - From: Alexander Nasonov

Prev by Date: Re: dump to cgdNb device
Next by Date: Re: dump to cgdNb device
Previous by Thread: Re: dump to cgdNb device
Next by Thread: re: dump to cgdNb device
Indexes:

Home | Main Index | Thread Index | Old Index