Re: [RESEND PATCH V2 0/3] Allow user to request memory to be locked on page fault
From: Andy Lutomirski
Date: Thu Jun 25 2015 - 10:26:43 EST
On Thu, Jun 25, 2015 at 7:16 AM, Eric B Munson <emunson@xxxxxxxxxx> wrote:
> On Tue, 23 Jun 2015, Vlastimil Babka wrote:
>
>> On 06/15/2015 04:43 PM, Eric B Munson wrote:
>> >>
>> >>If the new LOCKONFAULT functionality is indeed desired (I haven't
>> >>still decided myself) then I agree that would be the cleanest way.
>> >
>> >Do you disagree with the use cases I have listed or do you think there
>> >is a better way of addressing those cases?
>>
>> I'm somewhat sceptical about the security one. Are security
>> sensitive buffers that large to matter? The performance one is more
>> convincing and I don't see a better way, so OK.
>
> They can be, the two that come to mind are medical images and high
> resolution sensor data.
I think we've been handling sensitive memory pages wrong forever. We
shouldn't lock them into memory; we should flag them as sensitive and
encrypt them if they're ever written out to disk.
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-alpha" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html