| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 4 Jul 2022 11:35:33 +0200
From: David Hildenbrand <david@...hat.com>
To: Michal Hocko <mhocko@...e.com>, CGEL <cgel.zte@...il.com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org, vbabka@...e.cz,
minchan@...nel.org, oleksandr@...hat.com,
xu xin <xu.xin16@....com.cn>, Jann Horn <jannh@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH linux-next] mm/madvise: allow KSM hints for
process_madvise
On 04.07.22 10:40, Michal Hocko wrote:
> On Mon 04-07-22 07:29:41, CGEL wrote:
> [...]
>> Maybe new semantics is needed similarly to MADV_NOHUGEPAGE that ensures that
>> there will *not* be huge pages.
>
> How do you achieve that with a backward compatibility?
Some apps mark secrets via mlock(). I did not check, but I assume
mlock()'ed pages (in VMAs) would not be applicable to KSM. If they would
be, one option would be to not deduplicate them.
But then, I have no clue what's exploitable via a side channel and
what's not. Eventually, having a proper fix for most side channels would
make KSM safer to use in the the general case. But then, who knows what
security researchers will be able to come up with ...
As a very minimum, there would have to be some kind of toggle to allow
forcing KSM on other applications at all. Either/o a compile-time and a
run-time option. Once most of the known side channels are fixed we could
adjust the default of the run-time option.
(I think to this day, Windows still disables system-wide deduplication
as a default and requires an admin to explicitly enable it)
--
Thanks,
David / dhildenb
Powered by blists - more mailing lists