Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-23570

Make SecureAllocator a real allocator

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.7, 3.3.5
    • Component/s: Security
    • Labels:
    • Backwards Compatibility:
      Fully Compatible
    • Backport Completed:
    • Sprint:
      Platforms 13 (04/22/16), Platforms 14 (05/13/16)
    • Linked BF Score:
      0

      Description

      The secure allocator should be more like a real allocator. I.e. it shouldn't require a mmap or virtual alloc call for every allocation.

      We would need to retain the constraints that:

      • Memory is zeroed after deallocate
      • Memory is always locked in memory

      Lets:

      • Always ask the os for full pages of memory
        • hand out multiple allocations from the same page
        • refcount the pages and unlocking and returning after all consumers were gone

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. DOCS-6885 Add "Locked Memory Pages" ulimit note

          • Major - P3 - Major loss of function.
          • Open
          related to

          Bug - A problem which impairs or prevents the functions of the product. SERVER-23705 Number of databases on Windows is limited when using on-disk encryption

          • Major - P3 - Major loss of function.
          • Closed

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: