| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Jun 2018 08:10:45 +0200
From: Richard Weinberger <richard@....at>
To: Jefferson Carpenter <jeffersoncarpenter2@...il.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Cc: Michal Hocko <mhocko@...nel.org>
Subject: Re: Memory zeroed when made available to user process
Am Freitag, 29. Juni 2018, 02:52:16 CEST schrieb Jefferson Carpenter:
> On 6/27/2018 1:18 PM, Richard Weinberger wrote:
> > Am Mittwoch, 27. Juni 2018, 15:12:48 CEST schrieb Michal Hocko:
> >> On Wed 27-06-18 13:29:05, Richard Weinberger wrote:
> >>> On Wed, Jun 27, 2018 at 11:34 AM, Jefferson Carpenter
> >>> <jeffersoncarpenter2@...il.com> wrote:
> >>>> Is there a way for a user process to mark memory as 'sensitive' or
> >>>> 'non-sensitive' when it is allocated? That could allow it not to have to be
> >>>> zeroed before being allocated to another process.
> >>>
> >>> Isn't this what we have Meltdown and Spectre for? ;-)
> >>>
> >>> No, memory from the kernel is always zeroed.
> >>> libc offers malloc() and calloc() for this purpose.
>
> Interesting. Let's say
>
> Process 1:
> free(use_memory(malloc(1024)));
>
> Then Process 2:
> malloc(1024);
>
> The physical RAM used to service Process 2's malloc call has to be
> zeroed to prevent it from leaking data from Process 1. However, if
> Process 1 could mark that memory as non-sensitive, then it would not
> have to be zeroed, saving the time it takes to do that. However, this
> would require at least a bit per memory page, so maybe it's not worth it.
Is this really a measurable overhead on your system?
Do you have numbers?
Thanks,
//richard
Powered by blists - more mailing lists