On Tue, 14 Feb 2006, Michael S. Tsirkin wrote: > Quoting r. Hugh Dickins <[EMAIL PROTECTED]>: > > > Comments much better, thanks. I didn't get your point about mlock'd > > memory, but I'm content to believe you're thinking of an issue that > > hasn't occurred to me. > > I'm referring to the follwing, from man mlock(2): > > "Cryptographic security software often handles critical bytes like passwords > or secret keys as data structures. As a result of paging, these secrets could > be transfered onto a persistent swap store medium, where they might be > accessible to the enemy long after the security software has erased the > secrets in RAM and terminated."
Ah, I get it, thanks: once parent and child have distinct pages, the child's is not locked in memory and might go out to swap. Yes, a valid point, and a relevant use for MADV_DONTFORK. Hugh _______________________________________________ openib-general mailing list [email protected] http://openib.org/mailman/listinfo/openib-general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
