Hi! > > > > This patch adds logic to the kernel power code to zero out contents of > > > > all MADV_WIPEONSUSPEND VMAs present in the system during its transition > > > > to any suspend state equal or greater/deeper than Suspend-to-memory, > > > > known as S3. > > > > > > How does the application learn that its memory got wiped? S2disk is an > > > async operation and it can happen at any time during the task execution. > > > So how does the application work to prevent from corrupted state - e.g. > > > when suspended between two memory loads? > > > > You can do it seqlock-style, kind of - you reserve the first byte of > > the page or so as a "is this page initialized" marker, and after every > > read from the page, you do a compiler barrier and check whether that > > byte has been cleared. > > This is certainly possible yet wery awkwar interface to use IMHO. > MADV_EXTERNALY_VOLATILE would express the actual semantic much better. > I might not still understand the expected usecase but if the target > application has to be changed anyway then why not simply use a > transparent and proper signaling mechanism like poll on a fd. That The goal is to have cryprographically-safe get_random_number() with 0 syscalls. You'd need to do: if (!poll(did_i_migrate)) { use_prng_seed(); if (poll(did_i_migrate)) { /* oops_they_migrated_me_in_middle_of_computation, lets_redo_it() */ goto retry: } } Which means two syscalls.. Best regards, Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature