From: "Ludovic Courtès" <ludo@gnu.org>
To: zimoun <zimon.toutoune@gmail.com>
Cc: 41425@debbugs.gnu.org
Subject: [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks
Date: Fri, 22 May 2020 15:55:56 +0200 [thread overview]
Message-ID: <87r1vc9iqb.fsf@gnu.org> (raw)
In-Reply-To: <CAJ3okZ3cp8knVLAiGPV17fM6WFLG9t0jF=5msvZdJakzEDz3Xw@mail.gmail.com> (zimoun's message of "Thu, 21 May 2020 16:06:27 +0200")
Hi Simon,
zimoun <zimon.toutoune@gmail.com> skribis:
> On Wed, 20 May 2020 at 23:39, Ludovic Courtès <ludo@gnu.org> wrote:
>
>> By default ‘guix pull’ would now error out if the target commit of a
>> channel is not a descendant of the currently-used commit, according to
>> the commit graph. There’s an option to bypass that. ‘guix
>> time-machine’ behavior is unchanged though: it never complains.
>
> What is the extra time cost of such check?
The problem is not the cost. ‘guix pull’ compares the target commit(s)
against the commit(s) of the currently-used ‘guix’; it can clearly see
if it’s a forward pull or not.
However, in the case of ‘guix time-machine’, there’s nothing to compare
against (it’s a bit like a fresh ‘git clone’ as opposed to a ‘git pull’,
if you see what I mean.)
Additionally, the purpose of ‘guix time-machine’ is to travel in time,
usually in the past, so it would be inconvenient to get warnings or
errors every time.
> It is not easy -- nor impossible -- to evaluate such cost at the level
> of "guix pull". And I failed to evaluate it using 'commit-relation'
> with "guix repl" -- Segmentation fault with commit
> c81457a5883ea43950eb2ecdcbb58a5b144bcd11 and
> 4bdf4182fe080c3409f6ef9b410146b67cfa2595; probably because I did used
> correctly the API.
How can I reproduce the issue?
> Well, what will be the timing impact of checking the "fast-fowardness"?
I haven’t measured it, but it’s small compared to the cost of fetching
the new revisions and performing the checkout. It’s roughly what ‘git
pull’ does, although ‘git pull’ is probably faster because it’s in C and
has been well optimized over the years.
Thanks for your feedback!
Ludo’.
next prev parent reply other threads:[~2020-05-22 13:57 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-20 21:38 [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks Ludovic Courtès
2020-05-20 21:47 ` [bug#41425] [PATCH 1/5] git: Add 'commit-relation' Ludovic Courtès
2020-05-20 21:47 ` [bug#41425] [PATCH 2/5] channels: 'latest-channel-instances' doesn't leak internal state Ludovic Courtès
2020-05-20 21:47 ` [bug#41425] [PATCH 3/5] git: 'update-cached-checkout' returns the commit relation Ludovic Courtès
2020-05-20 21:47 ` [bug#41425] [PATCH 4/5] channels: 'latest-channel-instances' guards against non-forward updates Ludovic Courtès
2020-05-20 21:47 ` [bug#41425] [PATCH 5/5] pull: Protect against downgrade attacks Ludovic Courtès
2020-05-21 14:06 ` [bug#41425] [PATCH 0/5] Have 'guix pull' protect " zimoun
2020-05-22 13:55 ` Ludovic Courtès [this message]
2020-05-25 14:36 ` zimoun
2020-05-27 16:32 ` Ludovic Courtès
2020-05-28 8:06 ` zimoun
2020-05-24 22:02 ` bug#41425: " Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r1vc9iqb.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=41425@debbugs.gnu.org \
--cc=zimon.toutoune@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).