Re: [openib-general] Re: madvise MADV_DONTFORK/MADV_DOFORK

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quoting r. Hugh Dickins <[email protected]>:
> Subject: Re: [openib-general] Re: madvise MADV_DONTFORK/MADV_DOFORK
> 
> On Mon, 13 Feb 2006, Michael S. Tsirkin wrote:
> > 
> > Like this then?
> 
> Almost.  I would still prefer madvise_vma to allow MADV_DONTFORK
> on a VM_IO vma, even though it must prohibit MADV_DOFORK there.
> But if Linus disagrees, of course ignore me.

I'm not sure about this point. Linus?

> Comments much better, thanks.  I didn't get your point about mlock'd
> memory, but I'm content to believe you're thinking of an issue that
> hasn't occurred to me.

I'm referring to the follwing, from man mlock(2):

"Cryptographic  security  software often handles critical bytes like passwords
or secret keys as data structures. As a result of paging, these secrets could
be  transfered  onto  a persistent swap store medium, where they might be
accessible to the enemy long after the security  software  has erased the
secrets in RAM and terminated."



-- 
Michael S. Tsirkin
Staff Engineer, Mellanox Technologies
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux