Re: [PATCH v11 1/4] random: add vgetrandom_alloc() syscall

From: Jann Horn
Date: Mon Dec 05 2022 - 14:15:16 EST

Next message: Vipin Sharma: "[Patch v3 03/13] KVM: x86: Hyper-V invariant TSC control"
Previous message: Vipin Sharma: "[Patch v3 01/13] x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define"
In reply to: Jason A. Donenfeld: "Re: [PATCH v11 1/4] random: add vgetrandom_alloc() syscall"
Next in thread: Jason A. Donenfeld: "Re: [PATCH v11 1/4] random: add vgetrandom_alloc() syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 5, 2022 at 3:01 AM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
> + mm->def_flags |=
> + /*
> + * Don't allow state to be written to swap, to preserve forward secrecy.
> + * This works in conjunction with MAP_LOCKED in do_mmap(), below, which
> + * actually does the locking (and associated permission check and accounting).
> + * Here, VM_LOCKONFAULT together with VM_NORESERVE simply make the mlocking
> + * happen the first time it's actually used, the same as when calling
> + * mlock2(MLOCK_ONFAULT) from userspace.
> + */
> + VM_LOCKONFAULT | VM_NORESERVE |

Have you checked the interaction with this line in dup_mmap()?
"tmp->vm_flags &= ~(VM_LOCKED | VM_LOCKONFAULT);"

As the mlock.2 manpage says, "Memory locks are not inherited by a
child created via fork(2)". I think the intention here is that the VMA
should stay unswappable after fork(), right?

Of course, trying to reserve more mlocked memory in fork() would also
be problematic...

Next message: Vipin Sharma: "[Patch v3 03/13] KVM: x86: Hyper-V invariant TSC control"
Previous message: Vipin Sharma: "[Patch v3 01/13] x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define"
In reply to: Jason A. Donenfeld: "Re: [PATCH v11 1/4] random: add vgetrandom_alloc() syscall"
Next in thread: Jason A. Donenfeld: "Re: [PATCH v11 1/4] random: add vgetrandom_alloc() syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]