| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Dec 2021 19:20:12 +0100
From: David Hildenbrand <david@...hat.com>
To: fei luo <morphyluo@...il.com>
Cc: akpm@...ux-foundation.org, mike.kravetz@...cle.com, arnd@...db.de,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
linux-arch@...r.kernel.org, xiaofeng.yan2012@...il.com
Subject: Re: [RFD] clear virtual machine memory when virtual machine is turned
off
> Yes, this feature needs to consider when page migration, the content
> of the old page needs to be cleared, and the swap space needs to
> be cleared before swap. Of course, for security reasons, swap can be
> prohibited. Here I just listed some of the changes involved, not all
> aspects. This feature is mainly aimed at clearing the memory of
> the virtual machine after shutdown, so it is more aimed at anonymous
> mapping and huge page mapping
>
>>>
>>>
>>> When reusing the page that has been cleared, there is no need to clear it
>>>
>>> again, which also speeds up the memory allocation of user-mode programs.
>>>
>>>
>>> Is this feature feasible?
>>
>> "init_on_free=1" for the system as a whole, which might sounds like what
>> might tackle part of your use case.
>>
>
> This feature is mainly to prevent the used memory information from leaking,
> not to clear the memory before use.
That's the whole purpose of init_on_free -- maybe you should give that a
second look.
I don't think MAP_UNMAPZERO is what we want.
--
Thanks,
David / dhildenb
Powered by blists - more mailing lists