[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1507576124.21121.168.camel@redhat.com>
Date: Mon, 09 Oct 2017 15:08:44 -0400
From: Rik van Riel <riel@...hat.com>
To: mtk.manpages@...il.com
Cc: Colm MacCárthaigh <colm@...costs.net>,
linux-man <linux-man@...r.kernel.org>,
lkml <linux-kernel@...r.kernel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
Linux API <linux-api@...r.kernel.org>, nilal@...hat.com,
Florian Weimer <fweimer@...hat.com>,
Mike Kravetz <mike.kravetz@...cle.com>
Subject: Re: [patch v2] madvise.2: Add MADV_WIPEONFORK documentation
On Mon, 2017-10-09 at 21:06 +0200, Michael Kerrisk (man-pages) wrote:
> Hi Rik,
>
> I have a follow-up question re wipe-on-fork. What are the semantics
> for this setting with respect to fork() and exec()? That is, in the
> child of a fork(), does the flag remain set for the specified address
> range? (My quick read of the source suggests yes, but I have not
> tested.) And, when we do an exec(), my assumption is that the flag is
> cleared for the address range, but it would be good to have
> confirmation.
Indeed, on exec() the flag is cleared, because all
memory regions get replaced on exec().
The flag remains across a fork(), so if a child task
were to fork, the memory would be empty of contents
again in its child. This seems to most closely match
the use case of discarding things like cryptographic
secrets at fork time.
Powered by blists - more mailing lists