Re: [PATCH v14 2/7] mm: add VM_DROPPABLE for designating always lazily freeable mappings

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Le 03/01/2023 à 21:44, Jason A. Donenfeld a écrit :
On Tue, Jan 03, 2023 at 12:15:57PM -0800, Linus Torvalds wrote:
On Tue, Jan 3, 2023 at 12:03 PM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
That buffering cannot be done safely currently
.. again, this is "your semantics" (the (b) in my humbug list), not
necessarily reality for anybody else.
Yea that's fair. Except, of course, I maintain that my semantics are
important ones. :)


I concur.

To hold secret material, we need MADV_WIPEONFORK | MADV_DONTDUMP and the side effect of mlock() (pages' content never written to swap), inherited across fork().
And I want mlock() without paying the price.

Jason's proposed semantics, which I call MADV_WIPEONSWAP, provide a mean to hold /unlimited/ amount secrets in userspace memory (not limited by RLIMIT_MEMLOCK).
The only constraint for userspace is to handle the case pages are wiped, which is already the case of userspace arc4random()'s implementation.

Regards.

--
Yann Droneaud
OPTEYA





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux