lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20080501175037.01d8d3dc.akpm@linux-foundation.org>
Date:	Thu, 1 May 2008 17:50:37 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Josselin Mouette <joss@...ian.org>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Increase the default RLIMIT_MEMLOCK

On Sun, 27 Apr 2008 21:26:27 +0200
Josselin Mouette <joss@...ian.org> wrote:

> Currently, the default value for RLIMIT_MEMLOCK (defined in
> include/linux/resource.h) is 32 KiB, because this value is enough for
> GnuPG.
> 
> However this value is not enough for gnome-keyring-daemon, which will
> store both SSH and GnuPG keys, plus user passwords for various kinds of
> resources. Upstream authors recommend to provide a limit of at least 256
> KiB for RLIMIT_MEMLOCK for the keys to remain securely in memory.
> 
> Given the amount of memory in current machines, I think 256 KiB is still
> a very reasonable value. What do you think of increasing this default
> value in the kernel?
> 
> Cheers,
> -- 
>  .''`.
> : :' :      We are debian.org. Lower your prices, surrender your code.
> `. `'       We will add your hardware and software distinctiveness to
>   `-        our own. Resistance is futile.
> 
> 
> [linux_mlock_256k.patch  text/x-patch (668B)]
> --- include/linux/resource.h.orig	2008-04-27 21:15:47.000000000 +0200
> +++ include/linux/resource.h	2008-04-27 21:23:06.000000000 +0200
> @@ -58,10 +58,11 @@
>  #define _STK_LIM	(8*1024*1024)
>  
>  /*
> - * GPG wants 32kB of mlocked memory, to make sure pass phrases
> - * and other sensitive information are never written to disk.
> + * The biggest widespread mlocked memory consumer is 
> + * gnome-keyring-manager. It needs 256kB to make sure SSH/GPG 
> + * passphrases and network passwords are never written to disk.
>   */
> -#define MLOCK_LIMIT	(8 * PAGE_SIZE)
> +#define MLOCK_LIMIT	(64 * PAGE_SIZE)

gee, it seems rather arbitrary.  Perhaps we should have set it to zero on
day one to _force_ distributors to set an appropriate RLIMIT_MEMLOCK in
init.

We can do this of course, but does it actually help anything?  Perhaps it's
actually a bad thing, permitting userspace developers to rely upon kernel
defaults rather than setting things they way they should be set?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ