lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 23 Aug 2010 11:50:17 -0700
From:	Jeremy Fitzhardinge <jeremy@...p.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
CC:	Ian Jackson <ijackson@...ark.greenend.org.uk>,
	Peter Zijlstra <peterz@...radead.org>,
	Greg KH <gregkh@...e.de>, Ian Campbell <ijc@...lion.org.uk>,
	linux-kernel@...r.kernel.org, stable@...nel.org,
	stable-review@...nel.org, akpm@...ux-foundation.org,
	alan@...rguk.ukuu.org.uk
Subject: Re: [RFC] mlock/stack guard interaction fixup

 On 08/23/2010 10:34 AM, Linus Torvalds wrote:
> Quite frankly, I personally believe that people who play games with
> mlock are misguided. The _one_ special case is for protecting keys or
> private data that you do not want to hit the disk in some unencrypted
> mode, and quite frankly, you should strive to handle those way more
> specially than just putting them in some random place ("on the stack"
> or "in some malloc()'ed area"). The sane model for doing that is
> generally to explicitly mmap() and mlock the area, so that you get a
> very controlled access pattern, and never have to worry about things
> like COW etc.

Is that guaranteed to work (in Linux or in general)?  mlock has always
meant "won't generate disk IO to fault in/evicted", but does it prevent
dirty pages from being written out so long as they also remain
resident?  Or does it depend on the precise type of page you're
mlocking?  For example, what does mlock on a shared writeable mapping mean?

    J
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ