On 08.02.21 12:13, David Hildenbrand wrote:
On 08.02.21 11:57, Michal Hocko wrote:
On Mon 08-02-21 11:53:58, David Hildenbrand wrote:
On 08.02.21 11:51, Michal Hocko wrote:
On Mon 08-02-21 11:32:11, David Hildenbrand wrote:
On 08.02.21 11:18, Michal Hocko wrote:
On Mon 08-02-21 10:49:18, Mike Rapoport wrote: > From: Mike Rapoport rppt@linux.ibm.com > > It is unsafe to allow saving of secretmem areas to the hibernation > snapshot as they would be visible after the resume and this essentially > will defeat the purpose of secret memory mappings. > > Prevent hibernation whenever there are active secret memory users.
Does this feature need any special handling? As it is effectivelly unevictable memory then it should behave the same as other mlock, ramfs which should already disable hibernation as those cannot be swapped out, no?
Why should unevictable memory not go to swap when hibernating? We're merely dumping all of our system RAM (including any unmovable allocations) to swap storage and the system is essentially completely halted.
My understanding is that mlock is never really made visible via swap storage.
"Using swap storage for hibernation" and "swapping at runtime" are two different things. I might be wrong, though.
Well, mlock is certainly used to keep sensitive information, not only to protect from major/minor faults.
I think you're right in theory, the man page mentions "Cryptographic security software often handles critical bytes like passwords or secret keys as data structures" ...
however, I am not aware of any such swap handling and wasn't able to spot it quickly. Let me take a closer look.
s/swap/hibernate/