memory pages nulling when releasing
Peter Jeremy
peterjeremy at optushome.com.au
Mon Jun 19 08:43:55 UTC 2006
On Sun, 2006-Jun-18 13:39:03 -0700, R. B. Riddick wrote: Instead of
>zero'ing pages immediately after the process does not need them
>anymore, it would be much better, to keep the system safe
>(especially: security relevant software patches; and (even more)
>physical safety)
The Unix model provides security as long as you don't bypass the
access controls by (eg) reading /dev/mem.
The OS only needs to explicitly zero a page if it is handing it back
to a process without otherwise initialising it. There's no need to
zero a page if it's going to be used to satisfy a pagein request.
FreeBSD tries to reduce the effective overhead of page zeroing by
zeroing them in the idle loop and keeping a cache of pre-zeroed pages
for handing out to processes.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20060619/fb289375/attachment.pgp
More information about the freebsd-security
mailing list