Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754548Ab0HWT0z (ORCPT ); Mon, 23 Aug 2010 15:26:55 -0400 Received: from casper.infradead.org ([85.118.1.10]:36417 "EHLO casper.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753825Ab0HWT0x convert rfc822-to-8bit (ORCPT ); Mon, 23 Aug 2010 15:26:53 -0400 Subject: Re: [RFC] mlock/stack guard interaction fixup From: Peter Zijlstra To: Jeremy Fitzhardinge Cc: Linus Torvalds , Ian Jackson , Greg KH , Ian Campbell , linux-kernel@vger.kernel.org, stable@kernel.org, stable-review@kernel.org, akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk In-Reply-To: <4C72CAA7.5070202@goop.org> References: <1282391770.29609.1223.camel@localhost.localdomain> <1282460275.11348.865.camel@localhost.localdomain> <1282462386.11348.871.camel@localhost.localdomain> <1282470917.11348.891.camel@localhost.localdomain> <20100822172548.GB8957@suse.de> <19570.38608.79434.179797@chiark.greenend.org.uk> <1282580751.2605.1997.camel@laptop> <19570.44367.719276.128881@chiark.greenend.org.uk> <4C72C2E9.3070408@goop.org> <1282590457.2605.2200.camel@laptop> <4C72CAA7.5070202@goop.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8BIT Date: Mon, 23 Aug 2010 21:26:32 +0200 Message-ID: <1282591592.2605.2221.camel@laptop> Mime-Version: 1.0 X-Mailer: Evolution 2.28.3 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 856 Lines: 21 On Mon, 2010-08-23 at 12:23 -0700, Jeremy Fitzhardinge wrote: > On 08/23/2010 12:07 PM, Peter Zijlstra wrote: > > mlock() simply avoids major faults, nothing more. > > > > I think both page migration and page-out for shared pages where some > > maps are !mlocked can cause unmaps and thus minor faults. > > > > mlock and dirty do not interact, they will still be cleaned/written out > > as normal. > > So mlock is useless for preventing secret stuff from being written to disk. Well, if you put your sekrit in a file map, sure. Use a mmap(MAP_ANONYMOUS|MAP_LOCK) and madvise(MADV_DONTFORK) for your sekrits. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/