OpenSDV
/
original_kernel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
original_kernel/Documentation
History
York Jasper Niebuhr ba42b524a0 mm: init_mlocked_on_free_v3 
Implements the "init_mlocked_on_free" boot option. When this boot option
is enabled, any mlock'ed pages are zeroed on free. If
the pages are munlock'ed beforehand, no initialization takes place.
This boot option is meant to combat the performance hit of
"init_on_free" as reported in commit 6471384af2 ("mm: security:
introduce init_on_alloc=1 and init_on_free=1 boot options"). With
"init_mlocked_on_free=1" only relevant data is freed while everything
else is left untouched by the kernel. Correspondingly, this patch
introduces no performance hit for unmapping non-mlock'ed memory. The
unmapping overhead for purely mlocked memory was measured to be
approximately 13%. Realistically, most systems mlock only a fraction of
the total memory so the real-world system overhead should be close to
zero.

Optimally, userspace programs clear any key material or other
confidential memory before exit and munlock the according memory
regions. If a program crashes, userspace key managers fail to do this
job. Accordingly, no munlock operations are performed so the data is
caught and zeroed by the kernel. Should the program not crash, all
memory will ideally be munlocked so no overhead is caused.

CONFIG_INIT_MLOCKED_ON_FREE_DEFAULT_ON can be set to enable
"init_mlocked_on_free" by default.

Link: https://lkml.kernel.org/r/20240329145605.149917-1-yjnworkstation@gmail.com
Signed-off-by: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 		2024-04-25 20:56:29 -07:00
..
ABI
PCI
RCU
accel
accounting
admin-guide mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
arch
block
bpf
cdrom
core-api
cpu-freq
crypto
dev-tools
devicetree Merge tag 'drm-msm-next-2024-04-11' of https://gitlab.freedesktop.org/drm/msm into drm-fixes 2024-04-12 11:01:45 +10:00
doc-guide
driver-api virtio: store owner from modules with register_virtio_driver() 2024-04-08 04:11:04 -04:00
fault-injection
fb
features
filesystems lib: add allocation tagging support for memory allocation profiling 2024-04-25 20:55:52 -07:00
firmware-guide
firmware_class
fpga
gpu
hid
hwmon
i2c
iio
images
infiniband
input
isdn
kbuild
kernel-hacking
leds
litmus-tests
livepatch
locking
maintainer
mhi
misc-devices
mm remove references to page->flags in documentation 2024-04-25 20:56:15 -07:00
netlabel
netlink
networking
nvdimm
nvme
pcmcia
peci
power
process
rust
scheduler
scsi
security
sound
sphinx
sphinx-static
spi
staging
target
tee
timers
tools
trace
translations remove references to page->flags in documentation 2024-04-25 20:56:15 -07:00
usb
userspace-api
virt
w1
watchdog
wmi
.gitignore
Changes
CodingStyle
Kconfig
Makefile
SubmittingPatches
atomic_bitops.txt
atomic_t.txt
conf.py
docutils.conf
dontdiff
index.rst
memory-barriers.txt
subsystem-apis.rst