source code of Linux source code
Go to file
York Jasper Niebuhr ba42b524a0 mm: init_mlocked_on_free_v3
Implements the "init_mlocked_on_free" boot option. When this boot option
is enabled, any mlock'ed pages are zeroed on free. If
the pages are munlock'ed beforehand, no initialization takes place.
This boot option is meant to combat the performance hit of
"init_on_free" as reported in commit 6471384af2 ("mm: security:
introduce init_on_alloc=1 and init_on_free=1 boot options"). With
"init_mlocked_on_free=1" only relevant data is freed while everything
else is left untouched by the kernel. Correspondingly, this patch
introduces no performance hit for unmapping non-mlock'ed memory. The
unmapping overhead for purely mlocked memory was measured to be
approximately 13%. Realistically, most systems mlock only a fraction of
the total memory so the real-world system overhead should be close to
zero.

Optimally, userspace programs clear any key material or other
confidential memory before exit and munlock the according memory
regions. If a program crashes, userspace key managers fail to do this
job. Accordingly, no munlock operations are performed so the data is
caught and zeroed by the kernel. Should the program not crash, all
memory will ideally be munlocked so no overhead is caused.

CONFIG_INIT_MLOCKED_ON_FREE_DEFAULT_ON can be set to enable
"init_mlocked_on_free" by default.

Link: https://lkml.kernel.org/r/20240329145605.149917-1-yjnworkstation@gmail.com
Signed-off-by: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2024-04-25 20:56:29 -07:00
Documentation mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
arch x86/mm: care about shadow stack guard gap during placement 2024-04-25 20:56:28 -07:00
block block-6.9-20240412 2024-04-12 10:22:33 -07:00
certs This update includes the following changes: 2023-11-02 16:15:30 -10:00
crypto This push fixes a regression that broke iwd as well as a divide by 2024-03-25 10:48:23 -07:00
drivers mm: switch mm->get_unmapped_area() to a flag 2024-04-25 20:56:25 -07:00
fs mm/ksm: fix ksm exec support for prctl 2024-04-25 20:56:29 -07:00
include mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
init mm: introduce slabobj_ext to support slab object extensions 2024-04-25 20:55:51 -07:00
io_uring mm: switch mm->get_unmapped_area() to a flag 2024-04-25 20:56:25 -07:00
ipc sysctl changes for v6.9-rc1 2024-03-18 14:59:13 -07:00
kernel mm: switch mm->get_unmapped_area() to a flag 2024-04-25 20:56:25 -07:00
lib mm/filemap: optimize filemap folio adding 2024-04-25 20:56:09 -07:00
mm mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
net mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
rust rust: add a rust helper for krealloc() 2024-04-25 20:55:55 -07:00
samples Tracing updates for 6.9: 2024-03-18 15:11:44 -07:00
scripts lib: add allocation tagging support for memory allocation profiling 2024-04-25 20:55:52 -07:00
security mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
sound fix missing vmalloc.h includes 2024-04-25 20:55:49 -07:00
tools selftest/mm: ksm_functional_tests: extend test case for ksm fork/exec 2024-04-25 20:56:29 -07:00
usr Kbuild updates for v6.8 2024-01-18 17:57:07 -08:00
virt KVM Xen and pfncache changes for 6.9: 2024-03-11 10:42:55 -04:00
.clang-format clang-format: Update with v6.7-rc4's `for_each` macro list 2023-12-08 23:54:38 +01:00
.cocciconfig
.editorconfig Add .editorconfig file for basic formatting 2023-12-28 16:22:47 +09:00
.get_maintainer.ignore Add Jeff Kirsher to .get_maintainer.ignore 2024-03-08 11:36:54 +00:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: create a list of all built DTB files 2024-02-19 18:20:39 +09:00
.mailmap MAINTAINERS: update Naoya Horiguchi's email address 2024-04-16 15:39:51 -07:00
.rustfmt.toml rust: add `.rustfmt.toml` 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Drop Gustavo Pimentel as PCI DWC Maintainer 2024-03-27 13:41:02 -05:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: add entries for code tagging and memory allocation profiling 2024-04-25 20:55:58 -07:00
Makefile Linux 6.9-rc4 2024-04-14 13:38:39 -07:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.