| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Feb 2016 11:12:06 +0800
From: Jianyu Zhan <nasa4836@...il.com>
To: Xishi Qiu <qiuxishi@...wei.com>
Cc: Linux MM <linux-mm@...ck.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] mm: why we should clear page when do anonymous page fault
On Mon, Feb 22, 2016 at 10:56 AM, Xishi Qiu <qiuxishi@...wei.com> wrote:
> handle_pte_fault()
> do_anonymous_page()
> alloc_zeroed_user_highpage_movable()
>
> We will alloc a zeroed page when do anonymous page fault, I don't know
> why should clear it? just for safe?
>
> If user space program do like the following, there are two memset 0, right?
> kernel alloc zeroed page, and user memset 0 it again, this will waste a
> lot of time.
>
> main()
> {
> ...
> vaddr = malloc(size)
> if (vaddr)
> memset(vaddr, 0, size);
> ...
> }
>
>
> Thanks,
> Xishi Qiu
>
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@...ck.org. For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@...ck.org"> email@...ck.org </a>
I believe this is mainly for security reason.
To zero a highmem page, we could avoid another process peeking into the page
that is (highly likely) just released by another process, who might
well have put its confidential
data in that very page.
IIRC, Windows zeros the pages at freeing time. Linux instead does it lazily.
And for the userspace zeroing action, it is another problem - user
just wants a clean, definitive
context to act on ( and we can be sure he/she is a self-disciplined
guy who does not peek into
other's secret, but we can not assume that for all).
Thanks,
Jianyu Zhan
Powered by blists - more mailing lists