| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Sep 2017 15:21:47 -0400
From: Rik van Riel <riel@...hat.com>
To: "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>,
Colm MacCárthaigh <colm@...costs.net>
Cc: linux-man@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, linux-api@...r.kernel.org, nilal@...hat.com,
Florian Weimer <fweimer@...hat.com>,
Mike Kravetz <mike.kravetz@...cle.com>
Subject: Re: [patch v2] madvise.2: Add MADV_WIPEONFORK documentation
On Tue, 2017-09-19 at 21:07 +0200, Michael Kerrisk (man-pages) wrote:
> Thanks. I applied this, and tweaked the madvise.2 text a little, to
> read as follows (please let me know if I messed anything up):
>
> MADV_WIPEONFORK (since Linux 4.14)
> Present the child process with zero-filled
> memory in this
> range after a fork(2). This is useful in forking
> servers
> in order to ensure that sensitive per-
> process data (for
> example, PRNG seeds, cryptographic secrets, and so
> on) is
> not handed to child processes.
>
> The MADV_WIPEONFORK operation can be applied
> only to pri‐
> vate anonymous pages (see mmap(2)).
That looks great. Thank you, Michael!
--
All rights reversed
Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists