Giles Lean <giles@nemeton.com.au> wrote:
> > When you mmap, you don't use write() ! mlock actualy locks page in
> > memory and as long as the page is locked the OS doesn't attempt to
> > store the dirty page. It is intended also for security app to
> > ensure that sensitive data are not written to unsecure storage
> > (hdd). It is definition of mlock so that you can be probably sure
> > with it.
>
> News to me ... can you please point to such a definition? I see no
> reference to such semantics in the mlock() manual page in UNIX98
> (Single Unix Standard, version 2).
>
> mlock() guarantees that the locked address space is in memory. This
> doesn't imply that updates are not written to the backing file.
I've wondered about this myself. It _is_ true on Linux that mlock prevents
writes to the backing store, and this is used as a security feature for
cryptography software. The code for gnupg assumes that if you have mlock()
on any operating system, it does mean this--which doesn't mean it's true,
but perhaps whoever wrote it does have good reason to think so.
But I don't know about other systems. Does anybody know what the POSIX.1b
standard says?
It was even suggested to me on the linux-fsdev mailing list that mlock() was
a good way to insure the write-ahead condition.
Ken Hirsch