From: "Larry H." <research@subreption.com>
To: Rik van Riel <riel@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
pageexec@freemail.hu, Arjan van de Ven <arjan@infradead.org>,
Ingo Molnar <mingo@elte.hu>,
linux-kernel@vger.kernel.org, Linus Torvalds <torvalds@osdl.org>,
linux-mm@kvack.org, Ingo Molnar <mingo@redhat.com>
Subject: Re: [patch 0/5] Support for sanitization flag in low-level page allocator
Date: Sat, 30 May 2009 10:00:31 -0700 [thread overview]
Message-ID: <20090530170031.GD6535@oblivion.subreption.com> (raw)
In-Reply-To: <4A214752.7000303@redhat.com>
Alright, I wrote some small programs to test the data remanence on
memory. It works in a really simple way and functionality is provided by
three different tools:
scanleak.c
Scans physical memory (using /dev/mem) looking for the
ulonglong pattern. Filtered /dev/mem access breaks this, so
disable it temporarily in your kernel to use it.
secretleak.c
Writes the ulonglong pattern to memory (takes two arguments, a size
in MB, and a number of seconds to delay after free).
zeromem.c
Zeroes all or given MBs of memory (allocating blocks of 100M which
are contiguous). If no argument is given, it allocates more
blocks to ensure we can zero past the used memory (might hit
swap). This can be used to simulate memory workload.
I've done the following test (x86 vm, 600M RAM, 2.6.29.4):
1. ./secretleak 600 1
Will allocate 629145600 bytes (600M).
Zeroing buffer at 0x926bb008... Done.
Writing pattern to 0x926bb008 (402A25246B61654C)... Done.
Freeing buffer at 0x926bb008... Done.
Sleeping for 1 seconds...
2. (2 minutes afterwards) ./zeromem 700
Zeroing 734003200 bytes of memory
Zeroing block at 0xb1b01008 (104857600 bytes, 102400 kB)
Zeroing block at 0xab700008 (104857600 bytes, 102400 kB)
Zeroing block at 0xa52ff008 (104857600 bytes, 102400 kB)
Zeroing block at 0x9eefe008 (104857600 bytes, 102400 kB)
Zeroing block at 0x98afd008 (104857600 bytes, 102400 kB)
Zeroing block at 0x926fc008 (104857600 bytes, 102400 kB)
Zeroing block at 0x8c2fb008 (104857600 bytes, 102400 kB)
Freeing block at 0xb1b01008.
Freeing block at 0xab700008.
Freeing block at 0xa52ff008.
Freeing block at 0x9eefe008.
Freeing block at 0x98afd008.
Freeing block at 0x926fc008.
Freeing block at 0x8c2fb008.
3. Immediately afterwards, sudo ./scanleak | grep Found | wc -l
Reports 142 occurrences.
4. Re-issue ./zeromem 700
5. Re-scan memory, only three occurrences:
Scanning 617398272 bytes of memory from /dev/mem...
Found pattern at 0x70d41e8 (402A25246B61654C)
Found pattern at 0xf5931f8 (402A25246B61654C)
Found pattern at 0xf5e11e8 (402A25246B61654C)
The scanning is PAGE_SIZE aligned, and only one occurrence is considered
per page (otherwise the output would be hideous in kernels without
sanitization).
Those three occurrences will stay there indefinitely... like the PaX
team said, the remanence is proportional to the size of the allocations
and data itself. The more data allocated, the more time it takes for
that memory to be requested back by some other user (kernel or non
kernel). An even more simple test would be to load a file with vim or
nano, which contains a large (of hundred of megabytes magnitude) amount
of text patterns (a md5 hash works), and monitor RAM to see how long it
stays there after you have closed the editor. While most of it will
slowly disappear, at least there will some gaps that will remain for a
long time, possibly days, even under irregular high workloads.
I'm compiling a kernel with my current patches and will report back with
the results of these tools on that one. It will be 2.6.29.4 as well.
I'll make the sources of the tools available somewhere. Because of
corporate policy It might be wiser to find a place where I can make
this stuff available for longer time periods. Does anyone know the
process to request space under pub/linux/kernel/people/?
Larry
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2009-05-30 17:02 UTC|newest]
Thread overview: 115+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-20 18:30 Larry H.
2009-05-20 20:42 ` Peter Zijlstra
2009-05-20 21:24 ` Larry H.
2009-05-21 15:21 ` Robin Holt
2009-05-21 18:43 ` Larry H.
2009-05-29 22:58 ` Andrew Morton
2009-05-30 7:00 ` Larry H.
2009-05-30 7:12 ` Pekka Enberg
2009-05-30 7:35 ` Larry H.
2009-05-30 7:39 ` Pekka Enberg
2009-05-21 19:08 ` Rik van Riel
2009-05-21 19:26 ` Alan Cox
2009-05-21 19:56 ` Larry H.
2009-05-21 20:47 ` Alan Cox
2009-05-21 21:46 ` Larry H.
2009-05-21 22:47 ` Alan Cox
2009-05-22 11:22 ` Larry H.
2009-05-22 13:37 ` Alan Cox
2009-05-26 19:02 ` Pavel Machek
2009-05-21 19:17 ` Rik van Riel
2009-05-21 19:30 ` Larry H.
2009-05-22 7:34 ` Ingo Molnar
2009-05-22 11:38 ` Larry H.
2009-05-22 13:39 ` Alan Cox
2009-05-22 18:03 ` Larry H.
2009-05-22 18:21 ` Alan Cox
2009-05-22 23:25 ` [PATCH] Support for kernel memory sanitization Larry H.
2009-05-22 23:52 ` Randy Dunlap
2009-05-22 23:40 ` [patch 0/5] Support for sanitization flag in low-level page allocator Larry H.
2009-05-23 8:09 ` Alan Cox
2009-05-23 15:56 ` Arjan van de Ven
2009-05-23 18:21 ` [PATCH] Support for unconditional page sanitization Larry H.
2009-05-23 21:05 ` Arjan van de Ven
2009-05-24 10:19 ` pageexec
2009-05-24 16:38 ` Arjan van de Ven
2009-05-28 19:36 ` [patch 0/5] Support for sanitization flag in low-level page allocator Peter Zijlstra
2009-05-29 14:32 ` Arjan van de Ven
2009-05-30 5:48 ` Larry H.
2009-05-30 10:39 ` Peter Zijlstra
2009-05-30 10:43 ` Larry H.
2009-05-30 11:42 ` pageexec
2009-05-30 13:21 ` Peter Zijlstra
2009-05-30 13:24 ` Peter Zijlstra
2009-05-30 13:54 ` pageexec
2009-05-30 14:04 ` Larry H.
2009-05-30 14:13 ` Rik van Riel
2009-05-30 14:08 ` Rik van Riel
2009-05-30 14:30 ` Alan Cox
2009-05-30 14:45 ` Peter Zijlstra
2009-05-30 14:48 ` Rik van Riel
2009-05-30 17:00 ` Larry H. [this message]
2009-05-30 17:25 ` Larry H.
2009-05-30 18:32 ` Ingo Molnar
2009-06-05 13:15 ` Pavel Machek
2009-05-31 14:38 ` Arjan van de Ven
2009-05-31 15:03 ` Arjan van de Ven
2009-05-22 18:37 ` Nai Xia
2009-05-22 19:18 ` Nai Xia
2009-05-23 12:49 ` Ingo Molnar
2009-05-23 22:28 ` Larry H.
2009-05-23 22:42 ` Rik van Riel
2009-05-25 1:17 ` [PATCH] Sanitize memory on kfree() and kmem_cache_free() Larry H.
2009-05-27 22:34 ` [patch 0/5] Support for sanitization flag in low-level page allocator Ingo Molnar
2009-05-28 6:27 ` Alan Cox
2009-05-28 7:00 ` Larry H.
2009-05-28 9:08 ` Ingo Molnar
2009-05-28 11:50 ` Alan Cox
2009-05-28 19:44 ` Peter Zijlstra
2009-05-30 7:35 ` Pekka Enberg
2009-05-30 7:50 ` Larry H.
2009-05-30 7:53 ` Pekka Enberg
2009-05-30 8:20 ` Larry H.
2009-05-30 8:33 ` Pekka Enberg
2009-05-30 15:05 ` Ray Lee
2009-05-30 17:34 ` Ingo Molnar
2009-05-30 18:03 ` Larry H.
2009-05-30 18:21 ` Ingo Molnar
2009-05-30 18:45 ` Larry H.
2009-05-30 19:08 ` Ingo Molnar
2009-05-30 20:39 ` Rik van Riel
2009-05-30 20:53 ` Pekka Enberg
2009-05-30 21:33 ` Larry H.
2009-05-30 23:13 ` Alan Cox
2009-05-30 23:18 ` Larry H.
2009-05-31 6:30 ` Pekka Enberg
2009-05-31 11:49 ` Larry H.
2009-05-31 7:17 ` Pekka Enberg
2009-05-31 11:58 ` Larry H.
2009-05-31 12:16 ` Pekka Enberg
2009-05-31 12:30 ` Larry H.
2009-05-31 12:35 ` Pekka Enberg
2009-05-30 23:10 ` Alan Cox
2009-05-31 6:14 ` Pekka Enberg
2009-05-31 10:24 ` Alan Cox
2009-05-31 10:24 ` Pekka Enberg
2009-05-31 12:16 ` Larry H.
2009-05-31 12:19 ` Pekka Enberg
2009-05-31 16:25 ` Alan Cox
2009-05-30 22:10 ` Ingo Molnar
2009-05-30 23:15 ` Alan Cox
2009-05-30 20:22 ` Pekka Enberg
2009-05-30 22:14 ` Ingo Molnar
2009-05-30 17:39 ` Ingo Molnar
2009-05-30 7:57 ` Pekka Enberg
2009-05-30 9:05 ` Larry H.
2009-05-30 17:46 ` Ingo Molnar
2009-05-30 18:09 ` Larry H.
2009-05-30 8:31 ` Alan Cox
2009-05-30 8:35 ` Pekka Enberg
2009-05-30 9:27 ` Larry H.
2009-05-28 18:48 ` pageexec
2009-05-30 17:50 ` Ingo Molnar
2009-05-28 12:48 ` Pavel Machek
2009-05-28 12:55 ` Larry H.
2009-05-28 18:56 pageexec
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090530170031.GD6535@oblivion.subreption.com \
--to=research@subreption.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=pageexec@freemail.hu \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox