From: Andi Kleen <andi@firstfloor.org>
To: Nicholas Miell <nmiell@comcast.net>
Cc: Andi Kleen <andi@firstfloor.org>,
Ulrich Drepper <drepper@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCH prototype] [0/8] Predictive bitmaps for ELF executables
Date: Sat, 22 Mar 2008 15:29:49 +0100 [thread overview]
Message-ID: <20080322142949.GB10687@one.firstfloor.org> (raw)
In-Reply-To: <1206180991.2438.43.camel@entropy>
On Sat, Mar 22, 2008 at 03:16:31AM -0700, Nicholas Miell wrote:
>
> *sigh* this is probably true
Actually it is a relatively weak argument assuming the standard
4k xattrs, but still an issue.
The other stronger argument against it is that larger xattrs tend to be
outside the inode so you would have another seek again.
> > and a mess to manage (a lot of tools don't know about them)
>
> At this point in time, all tools that don't support xattrs are
> defective,
Good joke.
> I just have an instinctive aversion towards the kernel mucking around in
> ELF objects -- for one thing, you're going to have to blacklist
> cryptographically signed binaries.
What signed binaries?
Anyways there are two ways to deal with this:
- Run the executable through a little filter that zeroes the bitmap before
computing the checksum. That is how rpm -V deals with prelinked binaries which
have a similar issue. You can probably reuse the scripts from rpm.
- Disable the pbitmap header before you sign, either by never adding
one or disabling it by turning the phdr type into a nop (should be very simple)
-Andi
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2008-03-22 14:29 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-18 1:09 Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [1/8] Give ELF shdr types a name Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [2/8] Add support to override mmap exec write protection with O_FORCEWRITE Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [3/8] Make readahead max pinned value a sysctl Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [4/8] Add readahead function to read-ahead based on a bitmap Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [5/8] Add ELF constants for pbitmaps Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [6/8] Core predictive bitmap engine Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [7/8] Add the sysctls to control pbitmaps Andi Kleen
2008-03-18 1:09 ` [PATCH prototype] [8/8] Add mmap_full_slurp support Andi Kleen
2008-03-18 7:36 ` [PATCH prototype] [0/8] Predictive bitmaps for ELF executables Andrew Morton
2008-03-18 14:18 ` Andi Kleen
2008-03-18 16:57 ` Andrew Morton
2008-03-18 17:20 ` Andi Kleen
2008-03-18 17:44 ` Andrew Morton
2008-03-19 8:32 ` Andi Kleen
2008-03-19 9:04 ` Andrew Morton
2008-03-19 22:45 ` Ulrich Drepper
2008-03-19 23:12 ` Andrew Morton
2008-03-20 0:09 ` David Miller, Andrew Morton
2008-03-20 9:00 ` Andi Kleen
2008-03-21 17:15 ` Ulrich Drepper
2008-03-21 17:26 ` Andi Kleen
2008-03-22 4:36 ` Ulrich Drepper
2008-03-22 7:17 ` Andi Kleen
2008-03-22 7:24 ` Nicholas Miell
2008-03-22 9:10 ` Andi Kleen
2008-03-22 10:16 ` Nicholas Miell
2008-03-22 14:29 ` Andi Kleen [this message]
2008-03-23 13:25 ` Pavel Machek
2008-03-23 17:08 ` Andi Kleen
2008-03-24 16:24 ` Pavel Machek
2008-03-24 4:20 ` Ulrich Drepper
2008-03-24 5:16 ` Nicholas Miell
2008-03-24 5:26 ` Andi Kleen
2008-03-24 19:42 ` Ulrich Drepper
2008-03-24 21:47 ` Nicholas Miell
2008-03-25 7:54 ` Andi Kleen
2008-03-26 18:15 ` Ulrich Drepper
2008-03-26 18:54 ` Andi Kleen
2008-03-22 4:38 ` Ulrich Drepper
2008-03-20 0:15 ` Diego Calleja
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080322142949.GB10687@one.firstfloor.org \
--to=andi@firstfloor.org \
--cc=akpm@linux-foundation.org \
--cc=drepper@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nmiell@comcast.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox