Quoting r. Hugh Dickins <[email protected]>:
> Subject: Re: [openib-general] Re: madvise MADV_DONTFORK/MADV_DOFORK
>
> On Mon, 13 Feb 2006, Michael S. Tsirkin wrote:
> >
> > Like this then?
>
> Almost. I would still prefer madvise_vma to allow MADV_DONTFORK
> on a VM_IO vma, even though it must prohibit MADV_DOFORK there.
> But if Linus disagrees, of course ignore me.
I'm not sure about this point. Linus?
> Comments much better, thanks. I didn't get your point about mlock'd
> memory, but I'm content to believe you're thinking of an issue that
> hasn't occurred to me.
I'm referring to the follwing, from man mlock(2):
"Cryptographic security software often handles critical bytes like passwords
or secret keys as data structures. As a result of paging, these secrets could
be transfered onto a persistent swap store medium, where they might be
accessible to the enemy long after the security software has erased the
secrets in RAM and terminated."
--
Michael S. Tsirkin
Staff Engineer, Mellanox Technologies
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]