From owner-svn-src-head@freebsd.org  Fri Apr 14 20:57:25 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0D4ADD3E3BE;
 Fri, 14 Apr 2017 20:57:25 +0000 (UTC)
 (envelope-from delphij@gmail.com)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com
 [IPv6:2607:f8b0:4003:c06::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id C3561E51;
 Fri, 14 Apr 2017 20:57:24 +0000 (UTC)
 (envelope-from delphij@gmail.com)
Received: by mail-oi0-x22c.google.com with SMTP id f22so100861290oib.2;
 Fri, 14 Apr 2017 13:57:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=LsQ9R81ymmjNdMlanNSo9alSr4oIT8XWYPIgpRLGJtw=;
 b=AtSIxN/u3DXnd3vgXZgJtmOGAGUYKnOll1eBraLKlK7lgbX5pg4r0vTbN23NpLsqit
 HB62p7f7vWc0njpkGL9MlsCWgmFk6I1mE/YI0kCNbhL6zagiMcwJvA7DWG6OUcQFcC/5
 tuB++aBFkyeoG5hNUuzn1s7MzTvXDBA3+RNXwXPa4xPXt4pGt0vVHFELyHO0BUP8nntD
 UCHP6XH3UPEedFvHH6Re9yHaLcGW8BBfSesOckl7dMC2BtUrI6joKHD4xw/5QTrlJk/G
 jR/k6RXesEM8oRZWAXZDctJMtc3mdZNrjdQ8JVMu9fc3yttiv/kez/JMQ1agGWQi5Hls
 ljDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=LsQ9R81ymmjNdMlanNSo9alSr4oIT8XWYPIgpRLGJtw=;
 b=SFHd656iL7qCgIkQmjhuiPM6CG1b2vLuAVsU36F/Bg2Cq0BAGRukKcSA/3HTSWczNj
 8wJd+2p8ZqNrcIOexppo3ifO3clCKN/z9xqlG/N2GsOxHPNwctBcesPHiJFD0y2+8FJT
 mb/XAX3tpZBbOw9hh5HO7HZYJntTGz5dR3CFSMvR4lP0XoKNZpJofOCyT4Q78IfXLwyT
 9zg/jD2Xf5DLfTmd7KdeDGDrfjCamrpGL5hNiTgUmTr7JNjZkTb2gXjr4k8z9Qye9Os7
 cp9nmPl0ph26K8q7bNP/+wf0cDw3MDzkSJ78acj1y0i40X99FrZMRfJwetjfRCLyEGr2
 TCuw==
X-Gm-Message-State: AN3rC/7/BZlryhIlG++FRyIVqtghgEi+DqXGa+ltF5oGJdYCOpVpNY7G
 +qjtW1rDntpujzDtC1J9Pprg/5pajQac
X-Received: by 10.202.215.67 with SMTP id o64mr5480427oig.83.1492203443948;
 Fri, 14 Apr 2017 13:57:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.63.179 with HTTP; Fri, 14 Apr 2017 13:57:23 -0700 (PDT)
In-Reply-To: <op.yypdd3pxkndu52@53556c9c.cm-6-6b.dynamic.ziggo.nl>
References: <201704141941.v3EJfmCW003347@repo.freebsd.org>
 <CAOtMX2gPHWRGiE9UA5AevZz=cTv_qksAWX0H-xRjDEHp0huCVg@mail.gmail.com>
 <20170414202918.GD5039@wkstn-mjohnston.west.isilon.com>
 <op.yypdd3pxkndu52@53556c9c.cm-6-6b.dynamic.ziggo.nl>
From: Xin LI <delphij@gmail.com>
Date: Fri, 14 Apr 2017 13:57:23 -0700
Message-ID: <CAGMYy3sGKEygnPw=tjarB-n9cjkL752tR79Qd8xrn_ZHyVOPEQ@mail.gmail.com>
Subject: Re: svn commit: r316938 - head/sbin/savecore
To: Ronald Klop <ronald-lists@klop.ws>
Cc: Alan Somers <asomers@freebsd.org>, Mark Johnston <markj@freebsd.org>, 
 "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>, 
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, 
 "src-committers@freebsd.org" <src-committers@freebsd.org>,
 Ngie Cooper <ngie@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2017 20:57:25 -0000

No, this is not the threat model for swaps.

On Fri, Apr 14, 2017 at 1:47 PM, Ronald Klop <ronald-lists@klop.ws> wrote:
> On Fri, 14 Apr 2017 22:29:18 +0200, Mark Johnston <markj@freebsd.org> wrote:
>
>> On Fri, Apr 14, 2017 at 01:49:51PM -0600, Alan Somers wrote:
>>>
>>> On Fri, Apr 14, 2017 at 1:41 PM, Ngie Cooper <ngie@freebsd.org> wrote:
>>> > Author: ngie
>>> > Date: Fri Apr 14 19:41:48 2017
>>> > New Revision: 316938
>>> > URL: https://svnweb.freebsd.org/changeset/base/316938
>>> >
>>> > Log:
>>> >   savecore: fix space calculation with respect to `minfree` in
>>> > check_space(..)
>>> >
>>> >   - Use strtoll(3) instead of atoi(3), because atoi(3) limits the
>>> >     representable data to INT_MAX. Check the values received from
>>> >     strtoll(3), trimming trailing whitespace off the end to maintain
>>> >     POLA.
>>> >   - Use `KiB` instead of `kB` when describing free space, total space,
>>> >     etc. I am now fully aware of `KiB` being the IEC standard for 1024
>>> >     bytes and `kB` being the IEC standard for 1000 bytes.
>>> >   - Store available number of KiB in `available` so it can be more
>>> >     easily queried and compared to ensure that there are enough KiB to
>>> >     store the dump image on disk.
>>> >   - Print out the reserved space on disk, per `minfree`, so end-users
>>> >     can troubleshoot why check_space(..) is reporting that there isn't
>>> >     enough free space.
>>> >
>>> >   MFC after:    7 weeks
>>> >   Reviewed by:  Anton Rang <rang@acm.com> (earlier diff), cem (earlier
>>> > diff)
>>> >   Tested with:  positive/negative cases (see review); make tinderbox
>>> >   Sponsored by: Dell EMC Isilon
>>> >   Differential Revision:        D10379
>>>
>>> The free space calculation is still uselessly conservative, because it
>>> doesn't account for the fact that core dumps will always be either
>>> spare or compressed.  The result is that savecore will frequently
>>> refuse to save corefiles even when there's plenty of space.  I
>>> proposed removing the space check altogether in
>>> https://reviews.freebsd.org/D2587.  However, I agreed to wait until
>>> after the compressed core dump feature was merged, because then mostly
>>> accurate space checks will be possible.  AFAIK the compressed core
>>> dump feature still hasn't been finished.
>>
>>
>> I had held off on it for a while because it was going to conflict with
>> the work to add encrypted dump support, which of course has finished.
>>
>> The patch to add compression support is here and should largely still
>> work:
>>
>> https://people.freebsd.org/~markj/patches/core-compression/20141110-kern_dump.diff
>>
>> I've been hesitant about pushing it forward:
>> - The dump_write* APIs need some simplification after the addition of
>>   encrypted dump support and support for dumping to 4Kn drives.
>> - I'm not sure how encryption should compose with compression. It seems
>>   intuitively obvious that we should compress before encrypting if the
>>   compression is to be of any use, but I don't know enough to know
>>   whether the compression might somehow compromise the effectiveness of
>>   the encryption.
>>
>> If anyone has some insight on the second of these two points, I'd
>> appreciate hearing it.
>
>
> About compression before encryption there is some information. For example:
> https://en.wikipedia.org/wiki/CRIME
> Openssh removed compression in pre-authentication in
> http://www.openssh.com/txt/release-7.4
>
> Regards,
> Ronald.
>