Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 17 Apr 2018 22:20:18 +0200
From: Solar Designer <>
To: Jann Horn <>
Cc: Kernel Hardening <>
Subject: Re: mmap flags

On Tue, Apr 17, 2018 at 09:37:43PM +0200, Jann Horn wrote:
> On Tue, Apr 17, 2018 at 9:31 PM, Solar Designer <> wrote:
> > I'd like to have two new security-related mmap() flags on Linux:
> >
> > 1. MAP_NOCORE - same as FreeBSD already has, "Region is not included in
> > a core file." per their man page.  We can now do similar by writing a
> > bitmask into /proc/<pid>/coredump_filter, but it's cumbersome (not
> > something a library would be OK doing because of its one security
> > sensitive and/or very large mapping needing this), low granularity (not
> > per mapping), and non-portable (MAP_NOCORE would be portable at least
> > between Linux and FreeBSD).
> Linux already has madvise(addr, len, MADV_DONTDUMP):

Oh, missed it.  Thanks!

Maybe introduce MAP_NOCORE as well, for easier use and for compatibility
with FreeBSD?  Should be trivial with MADV_DONTDUMP already in there.

> > 2. MAP_ZEROIZE (or whatever we call it) - zeroize the pages on unmap
> > (but not necessarily before the munmap() syscall returns), including on
> > [abnormal] process exit

Maybe MAP_WIPEONUNMAP and MADV_WIPEONUNMAP, for similarity with the


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.