From 7aab2968b93387463d4d5d0aabf9c29a76c994b8 Mon Sep 17 00:00:00 2001 From: Mike Gabriel Date: Sun, 17 Mar 2019 17:25:37 +0100 Subject: Remove mlockall. Protect memory from being paged to disk, as we deal with passwords According to systemd-dev, "mlockall() is generally a bad idea and certainly has no place in a graphical program. A program like this uses lots of memory and it is crucial that this memory can be paged out to relieve memory pressure." With systemd version 239 the ulimit for RLIMIT_MEMLOCK was set to 16 MiB and therefore the mlockall call would fail. This is lucky becasue the subsequent mmap would not fail. With systemd version 240 the RLIMIT_MEMLOCK is now set to 64 MiB and now the mlockall no longer fails. However, it not possible to mmap in all the memory and because that would still exceed the MEMLOCK limit. " See https://bugzilla.redhat.com/show_bug.cgi?id=1662857 & https://github.com/CanonicalLtd/lightdm/issues/55 RLIMIT_MEMLOCK = 64 MiB means, arctica-greeter will most likely fail with 64 bit and will always fail on 32 bit systems. Hence we better disable it. Ported from Unity Greeter / Slick Greeter. https://bugs.launchpad.net/ubuntu/+source/unity-greeter/+bug/1815493 https://github.com/linuxmint/slick-greeter/pull/127 --- src/arctica-greeter.vala | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/arctica-greeter.vala b/src/arctica-greeter.vala index bf5750a..48f96cc 100644 --- a/src/arctica-greeter.vala +++ b/src/arctica-greeter.vala @@ -637,8 +637,30 @@ public class ArcticaGreeter public static int main (string[] args) { - /* Protect memory from being paged to disk, as we deal with passwords */ - Posix.mlockall (Posix.MCL_CURRENT | Posix.MCL_FUTURE); + /* Protect memory from being paged to disk, as we deal with passwords + + According to systemd-dev, + + "mlockall() is generally a bad idea and certainly has no place in a graphical program. + A program like this uses lots of memory and it is crucial that this memory can be paged + out to relieve memory pressure." + + With systemd version 239 the ulimit for RLIMIT_MEMLOCK was set to 16 MiB + and therefore the mlockall call would fail. This is lucky becasue the subsequent mmap would not fail. + + With systemd version 240 the RLIMIT_MEMLOCK is now set to 64 MiB + and now the mlockall no longer fails. However, it not possible to mmap in all + the memory and because that would still exceed the MEMLOCK limit. + " + See https://bugzilla.redhat.com/show_bug.cgi?id=1662857 & + https://github.com/CanonicalLtd/lightdm/issues/55 + + RLIMIT_MEMLOCK = 64 MiB means, arctica-greeter will most likely fail with 64 bit and + will always fail on 32 bit systems. + + Hence we better disable it. */ + + /*Posix.mlockall (Posix.MCL_CURRENT | Posix.MCL_FUTURE);*/ /* Disable the stupid global menubar */ Environment.unset_variable ("UBUNTU_MENUPROXY"); -- cgit v1.2.3