Re: [patch 0/5] Support for sanitization flag in low-level page allocator

From: Rik van Riel
Date: Thu May 21 2009 - 15:09:42 EST

Next message: Mathieu Desnoyers: "Test module : benchmarking read-side locking speed"
Previous message: Masami Hiramatsu: "Re: [PATCH -tip v6.1 1/5] x86: instruction decoder API"
In reply to: Larry H.: "Re: [patch 0/5] Support for sanitization flag in low-level pageallocator"
Next in thread: Alan Cox: "Re: [patch 0/5] Support for sanitization flag in low-level pageallocator"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Zijlstra wrote:

Seems like a particularly wasteful use of a pageflag. Why not simply
erase the buffer before freeing in those few places where we know its
important (ie. exactly those places you now put the pageflag in)?

You don't always know this at page free time.

I could see the PG_sensitive flag being used from
userspace through mmap or madvise flags. This way
the sensitive memory from a program like gpg would
be cleaned, even if gpg died in a segfault accident.

I could also imagine the suspend-to-disk code skipping
PG_sensitive pages when storing data to disk, and
replacing it with some magic signature so programs
that use special PG_sensitive buffers can know that
their crypto key disappeared after a restore.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mathieu Desnoyers: "Test module : benchmarking read-side locking speed"
Previous message: Masami Hiramatsu: "Re: [PATCH -tip v6.1 1/5] x86: instruction decoder API"
In reply to: Larry H.: "Re: [patch 0/5] Support for sanitization flag in low-level pageallocator"
Next in thread: Alan Cox: "Re: [patch 0/5] Support for sanitization flag in low-level pageallocator"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]