mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-26 20:38:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/include
History
York Jasper Niebuhr ba42b524a0 mm: init_mlocked_on_free_v3 
Implements the "init_mlocked_on_free" boot option. When this boot option
is enabled, any mlock'ed pages are zeroed on free. If
the pages are munlock'ed beforehand, no initialization takes place.
This boot option is meant to combat the performance hit of
"init_on_free" as reported in commit 6471384af2 ("mm: security:
introduce init_on_alloc=1 and init_on_free=1 boot options"). With
"init_mlocked_on_free=1" only relevant data is freed while everything
else is left untouched by the kernel. Correspondingly, this patch
introduces no performance hit for unmapping non-mlock'ed memory. The
unmapping overhead for purely mlocked memory was measured to be
approximately 13%. Realistically, most systems mlock only a fraction of
the total memory so the real-world system overhead should be close to
zero.

Optimally, userspace programs clear any key material or other
confidential memory before exit and munlock the according memory
regions. If a program crashes, userspace key managers fail to do this
job. Accordingly, no munlock operations are performed so the data is
caught and zeroed by the kernel. Should the program not crash, all
memory will ideally be munlocked so no overhead is caused.

CONFIG_INIT_MLOCKED_ON_FREE_DEFAULT_ON can be set to enable
"init_mlocked_on_free" by default.

Link: https://lkml.kernel.org/r/20240329145605.149917-1-yjnworkstation@gmail.com
Signed-off-by: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: York Jasper Niebuhr <yjnworkstation@gmail.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2024-04-25 20:56:29 -07:00
..
acpi mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
asm-generic mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
clocksource
crypto mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
drm drm fixes for 6.9-rc1 2024-03-21 19:04:31 -07:00
dt-bindings Char/Misc and other driver subsystem updates for 6.9-rc1 2024-03-21 13:21:31 -07:00
keys
kunit
kvm KVM: arm64: Fix host-programmed guest events in nVHE 2024-03-26 01:51:44 -07:00
linux mm: init_mlocked_on_free_v3 2024-04-25 20:56:29 -07:00
math-emu
media media updates for v6.9-rc1 2024-03-15 11:36:54 -07:00
memory
misc
net mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
pcmcia
ras
rdma fix missing vmalloc.h includes 2024-04-25 20:55:49 -07:00
rv
scsi scsi: sd: Fix TCG OPAL unlock on system resume 2024-03-25 15:46:12 -04:00
soc Char/Misc and other driver subsystem updates for 6.9-rc1 2024-03-21 13:21:31 -07:00
sound ASoC: Fixes for v6.9 2024-04-05 08:48:12 +02:00
target
trace dax: use huge_zero_folio 2024-04-25 20:56:20 -07:00
uapi vhost-vdpa: change ioctl # for VDPA_GET_VRING_SIZE 2024-04-08 04:11:04 -04:00
ufs
vdso vdso: Use CONFIG_PAGE_SHIFT in vdso/datapage.h 2024-04-03 21:50:04 +02:00
video
xen