On Saturday 31 July 2010 15:45:59 Cory Nelson wrote: > On Fri, Jul 30, 2010 at 9:58 AM, Matthew Toseland > <[email protected]> wrote: > > On Friday 30 July 2010 17:02:35 Cory Nelson wrote: > >> I know that at least Windows lets you lock pages in RAM. Maybe Java > >> has a launch option that does this? Even better would be to use large > >> pages, which are more efficient (lowers overhead and TLB cache misses) > >> and are also locked in RAM. > > > > No, not practical given java is garbage collected, and not supported anyway > > afaik. Unless maybe some recent nio change? > > Large pages seem to work with -XX:+UseLargePages > > Found here: > http://www.oracle.com/technetwork/java/javase/tech/largememory-jsp-137182.html > http://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html
Which has nothing whatsoever to do with what we are discussing. It is possible that there is some variant on ByteBuffer.allocateDirect() in a recent JVM that allows us to allocate some space that is locked in memory, which would provide additional confidentiality for keys. Anything that is just created as an object - *and that includes the temporary structures involved in encryption implemented in java* (whether by us or by sun) - is potentially swappable.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] http://freenetproject.org/cgi-bin/mailman/listinfo/devl
