Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK

From: Florian Weimer
Date: Mon Aug 07 2017 - 10:19:32 EST

Next message: John Crispin: "[PATCH] net: dsa: mediatek: add adjust link support for user ports"
Previous message: Kirill A. Shutemov: "[PATCHv3 03/13] x86/xen: Provide pre-built page tables only for XEN_PV and XEN_PVH"
In reply to: Michal Hocko: "Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK"
Next in thread: Rik van Riel: "Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 08/07/2017 03:46 PM, Michal Hocko wrote:
> How do they know that they need to regenerate if they do not get SEGV?
> Are they going to assume that a read of zeros is a "must init again"? Isn't
> that too fragile?

Why would it be fragile? Some level of synchronization is needed to set
things up, of course, but I think it's possible to write a lock-free
algorithm to maintain the state even without strong guarantees of memory
ordering from fork.

In the DRBG uniqueness case, you don't care if you reinitialize because
it's the first use, or because a fork just happened.

In the API-mandated fork check, a detection false positive before a fork
is not acceptable (because it would prevent legitimate API use), but I
think you can deal with this case if you publish a pointer to a
pre-initialized, non-zero mapping.

Thanks,
Florian

Next message: John Crispin: "[PATCH] net: dsa: mediatek: add adjust link support for user ports"
Previous message: Kirill A. Shutemov: "[PATCHv3 03/13] x86/xen: Provide pre-built page tables only for XEN_PV and XEN_PVH"
In reply to: Michal Hocko: "Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK"
Next in thread: Rik van Riel: "Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]