| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190524165213.GB2765@mit.edu>
Date: Fri, 24 May 2019 12:52:13 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: Sahitya Tummala <stummala@...eaurora.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Kirill Tkhai <ktkhai@...tuozzo.com>,
Michal Hocko <mhocko@...e.com>,
Johannes Weiner <hannes@...xchg.org>,
Vladimir Davydov <vdavydov.dev@...il.com>,
Yafang Shao <laoar.shao@...il.com>,
Roman Gushchin <guro@...com>,
Mel Gorman <mgorman@...hsingularity.net>, linux-mm@...ck.org,
Jaegeuk Kim <jaegeuk@...nel.org>,
Eric Biggers <ebiggers@...nel.org>,
linux-fscrypt@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/vmscan.c: drop all inode/dentry cache from LRU
On Fri, May 24, 2019 at 01:36:01PM +0530, Sahitya Tummala wrote:
> This is important for the scenario where FBE (file based encryption)
> is enabled. With FBE, the encryption context needed to en/decrypt a file
> will be stored in inode and any inode that is left in the cache after
> drop_caches is done will be a problem. For ex, in Android, drop_caches
> will be used when switching work profiles.
>
> Signed-off-by: Sahitya Tummala <stummala@...eaurora.org>
Instead of making a change to vmscan.c, it's probably better to
migrate to the new fscrypt key-management framework, which solves this
problem with an explicit FS_IOC_REMOVE_ENCRYPTION_KEY ioctl. This
allows the system to remove all inodes that were made available via a
single key without having nuking all other inodes --- this would make
it much faster after a user logs out of ChromeOS, for example:
See:
https://patchwork.kernel.org/patch/10952019/
- Ted
Powered by blists - more mailing lists