lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAHz2CGUDM5qHKBFjkDnEvRt1TrohuETtFzNhknxkVZEUASeVCQ@mail.gmail.com>
Date:	Mon, 22 Feb 2016 11:12:06 +0800
From:	Jianyu Zhan <nasa4836@...il.com>
To:	Xishi Qiu <qiuxishi@...wei.com>
Cc:	Linux MM <linux-mm@...ck.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] mm: why we should clear page when do anonymous page fault

On Mon, Feb 22, 2016 at 10:56 AM, Xishi Qiu <qiuxishi@...wei.com> wrote:
> handle_pte_fault()
>         do_anonymous_page()
>                 alloc_zeroed_user_highpage_movable()
>
> We will alloc a zeroed page when do anonymous page fault, I don't know
> why should clear it? just for safe?
>
> If user space program do like the following, there are two memset 0, right?
> kernel alloc zeroed page, and user memset 0 it again, this will waste a
> lot of time.
>
> main()
> {
>         ...
>         vaddr = malloc(size)
>         if (vaddr)
>                 memset(vaddr, 0, size);
>         ...
> }
>
>
> Thanks,
> Xishi Qiu
>
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@...ck.org.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@...ck.org"> email@...ck.org </a>

I believe this is mainly for security reason.

To zero a highmem page, we could avoid another process peeking into the page
that is (highly likely) just released by another process, who might
well have put its confidential
data in that very page.

IIRC, Windows zeros the pages at freeing time. Linux instead does it lazily.

And for the userspace zeroing action,  it is another problem - user
just wants a clean, definitive
context to act on ( and we can be sure he/she is a self-disciplined
guy who does not peek into
other's secret,  but we can not assume that for all).


Thanks,
Jianyu Zhan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ