help-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: feature request: use optional memory option code for per process onl

From: Kerin Millar
Subject: Re: feature request: use optional memory option code for per process only memory, on newer linux kernels
Date: Sun, 10 Oct 2021 01:16:17 +0100 
On Sun, 10 Oct 2021 01:04:36 +0200
Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> wrote:

> On Sun, Oct 10, 2021, 00:56 Greg Wooledge <greg@wooledge.org> wrote:
> 
> > On Sun, Oct 10, 2021 at 12:51:45AM +0200, Alex fxmbsw7 Ratchev wrote:
> > > i read in an article vaguely linux just nownincluded a memory code iption
> > > for 'memory accessable only by process' or similiar
> > > could you please utilize it

Note that this is the wrong list for feature requests.

> >
> > Can you give us more details about this -- a URL that describes this
> > new feature?  Or even its name, so we could Google it?
> >
> 
> i sadly cant find any hint about it in my bookmarks or history, i think
> googles bug that is
> i think it was in the news about releaee notes for 5.14
> it was a BIG_CASE mem tag flag to use

Ah. You are probably thinking of what became the memfd_secret(2) syscall.

> 
> [for 5.16 futex2 may be sheduled, good for ipc]
> 
> How does this differ from memory that's allocated the old-fashioned way?
> >
> 
> it just as far i read but may not be limited to, mark allocated memory by
> kernel interface only accessable by own process ( dunno if its just that )
> that makes the whole sound more secure
> id use it everywhere

Would you, though? It seems like a case of putting the cart before the horse.

> but yea i dunno, there are no benefits for syses without this feature
> but i think its a very major feature coding facilities shouldnt miss
> 
> How would you propose that bash make use of it?  What benefits does it
> > offer?  What would bash do on other platforms where this feature does
> > not exist?
> >
> 
> i dunno either how would be implented, and dunno if for all or just parts
> user specified
> 'own_map' or something

You would need to address the question of what sort of information bash deals 
with that is so important that it is worth protecting from the kernel itself. 
The only candidate that I can think of is the history buffer. Keep in mind that 
the feature is unusable unless the kernel is loaded with the secretmem_enable=1 
parameter, in which case hibernation becomes impossible. Being an opt-in 
feature makes it harder to argue that it is worth supporting as a 
platform-specific feature except where there is a distinct benefit, such as in 
the handling of cryptographic keys.

-- 
Kerin Millar
reply via email to
[Prev in Thread] Current Thread [Next in Thread]