mlock behavior across fork, as broken as it looks?

From: Olaf Titz (olaf@bigred.inka.de)
Date: Mon Feb 28 2000 - 07:56:18 EST

Next message: James A Simmons: "Re: Lost Link"
Previous message: Chris Meadors: "Still long logins in new devel kernels."
Next in thread: Jamie Lokier: "Re: mlock behavior across fork, as broken as it looks?"
Reply: Jamie Lokier: "Re: mlock behavior across fork, as broken as it looks?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

According to the mlock(2) manpage, "Child processes do not inherit
page locks across a fork." Even if I call mlock() for the critical
pages again just after the fork(), in my understanding there is a
small time window when the pages can, theoretically, be swapped out.
(Increase this window for a potential exploit with the usual high
load, high mem pressure attack.)

So is it really impossible to guarantee that locked pages will never
be swapped out if the process holding them does fork? This would be a
severe limitation for the case of cryptographic keys, as it in effect
means "fork() is forbidden for such applications". If so, this is a
deficiency which should be fixed.

Olaf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: James A Simmons: "Re: Lost Link"
Previous message: Chris Meadors: "Still long logins in new devel kernels."
Next in thread: Jamie Lokier: "Re: mlock behavior across fork, as broken as it looks?"
Reply: Jamie Lokier: "Re: mlock behavior across fork, as broken as it looks?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Feb 29 2000 - 21:00:19 EST