From: Andrew Morton <akpm@linux-foundation.org>
To: Josselin Mouette <joss@debian.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Increase the default RLIMIT_MEMLOCK
Date: Thu, 1 May 2008 17:50:37 -0700 [thread overview]
Message-ID: <20080501175037.01d8d3dc.akpm@linux-foundation.org> (raw)
In-Reply-To: <1209324387.4203.22.camel@shizuru>
On Sun, 27 Apr 2008 21:26:27 +0200
Josselin Mouette <joss@debian.org> wrote:
> Currently, the default value for RLIMIT_MEMLOCK (defined in
> include/linux/resource.h) is 32 KiB, because this value is enough for
> GnuPG.
>
> However this value is not enough for gnome-keyring-daemon, which will
> store both SSH and GnuPG keys, plus user passwords for various kinds of
> resources. Upstream authors recommend to provide a limit of at least 256
> KiB for RLIMIT_MEMLOCK for the keys to remain securely in memory.
>
> Given the amount of memory in current machines, I think 256 KiB is still
> a very reasonable value. What do you think of increasing this default
> value in the kernel?
>
> Cheers,
> --
> .''`.
> : :' : We are debian.org. Lower your prices, surrender your code.
> `. `' We will add your hardware and software distinctiveness to
> `- our own. Resistance is futile.
>
>
> [linux_mlock_256k.patch text/x-patch (668B)]
> --- include/linux/resource.h.orig 2008-04-27 21:15:47.000000000 +0200
> +++ include/linux/resource.h 2008-04-27 21:23:06.000000000 +0200
> @@ -58,10 +58,11 @@
> #define _STK_LIM (8*1024*1024)
>
> /*
> - * GPG wants 32kB of mlocked memory, to make sure pass phrases
> - * and other sensitive information are never written to disk.
> + * The biggest widespread mlocked memory consumer is
> + * gnome-keyring-manager. It needs 256kB to make sure SSH/GPG
> + * passphrases and network passwords are never written to disk.
> */
> -#define MLOCK_LIMIT (8 * PAGE_SIZE)
> +#define MLOCK_LIMIT (64 * PAGE_SIZE)
gee, it seems rather arbitrary. Perhaps we should have set it to zero on
day one to _force_ distributors to set an appropriate RLIMIT_MEMLOCK in
init.
We can do this of course, but does it actually help anything? Perhaps it's
actually a bad thing, permitting userspace developers to rely upon kernel
defaults rather than setting things they way they should be set?
next prev parent reply other threads:[~2008-05-02 0:51 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-27 19:26 [PATCH] Increase the default RLIMIT_MEMLOCK Josselin Mouette
2008-05-02 0:50 ` Andrew Morton [this message]
2008-05-02 1:12 ` Chris Wright
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080501175037.01d8d3dc.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=joss@debian.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox