memory pages nulling when releasing
R. B. Riddick
arne_woerner at yahoo.com
Sun Jun 18 10:09:20 UTC 2006
--- Nick Borisov <neiro21 at gmail.com> wrote:
> Could you tell me if FreeBSD supports memory page nulling when
> releasing it to prevent unauthorized access to data left in the page
> after it's allocated again.
> If it does, what sys calls etc provide that?
> IMHO this is an important issue when operating data with different
> sensivity levels.
It is important, that no user process can look at non-shared (mmap(2) /
MAP_SHARED) pages in main memory that were used by another process before.
I think FreeBSD does it as follows (but I am not sure):
1. If a page is allocated for a process it is either overwritten with zeroes
(0x00) (e. g. in case of a page for the stack segment of a process) or it is
overwritten with the bytes of an executable or another file or so...
2. For maximum performance the system keeps a bunch of "pre-zero-ed" pages, so
that the OS is quite fast, when a process wants pages for data (malloc(3)) or
Here is my "proof": :-)
% vmstat -s | grep zero
3840247 zero fill pages zeroed
844738 zero fill pages prezeroed
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the freebsd-security