Date: Mon, 19 Jun 2006 18:43:49 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: "R. B. Riddick" <arne_woerner@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: memory pages nulling when releasing Message-ID: <20060619084349.GA966@turion.vk2pj.dyndns.org> In-Reply-To: <20060618203903.31161.qmail@web30306.mail.mud.yahoo.com> References: <3bcb4e3f0606181309h70c08dc6l691bbb6e5b48615a@mail.gmail.com> <20060618203903.31161.qmail@web30306.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 2006-Jun-18 13:39:03 -0700, R. B. Riddick wrote: Instead of >zero'ing pages immediately after the process does not need them >anymore, it would be much better, to keep the system safe >(especially: security relevant software patches; and (even more) >physical safety) The Unix model provides security as long as you don't bypass the access controls by (eg) reading /dev/mem. The OS only needs to explicitly zero a page if it is handing it back to a process without otherwise initialising it. There's no need to zero a page if it's going to be used to satisfy a pagein request. FreeBSD tries to reduce the effective overhead of page zeroing by zeroing them in the idle loop and keeping a cache of pre-zeroed pages for handing out to processes. --=20 Peter Jeremy --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFElmPF/opHv/APuIcRAr5/AJ0WHP5ubWmzXfcZXjNxKVb6XtNnlACfVLup TfjBJSpkNjCnQXOplaTo0Dw= =xxZa -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060619084349.GA966>