December 2013
Intermediate to advanced
496 pages
8h 57m
Chinese
Content preview from LINUX系統程式設計 第二版
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
348
|
第九章
安全性
如果有私密性的資料被保存在記憶體中,這些私密性的資料可能會被置換出去,並
以未加密的形式存放在磁碟。舉例來說,如果一個用戶的金鑰在正常的情況下會以
加密過的形式存放在磁碟上,那麼記憶體中金鑰的一個未加密之副本可能會出現在
置換檔裡。在高度重視安全性的環境中,這種行為也許不能被接受。有此類顧慮的
應用程式可以要求包含金鑰的記憶體總是保留在實體記憶體中。
當然,改變核心的行為會對系統的整體效能造成負面的影響。一個應用程式的確定性或
安全性可以獲得改善,但是當它的頁面被鎖入記憶體時,另一個應用程式的頁面將會
被置換出去。核心(如果我們信賴它的設計)總是會把最優選的頁面換出至磁碟—也就
是,未來最不可能被用到的頁面—所以當你變更核心的行為,它必須把次優選的頁面換
出至磁碟。
鎖住一個位址空間的一部分
POSIX 1003.1b-1993 定義了兩個介面,可以把一或多個頁面鎖入實體記憶體,以確保它
們不會被換出至磁碟。第一個介面可以鎖住特定範圍的位址:
#include <sys/mman.h>
int mlock (const void *addr, size_t len);
叫用
mlock()
,可以從
addr
開始把虛擬記憶體中
len
個位元組鎖入實體記憶體。執行成
功時,此呼叫會傳回
0
;執行失敗時,此呼叫會傳回
-1
,而且會把
errno
設定為適當
的值。
一次成功的叫用,可以把包含
[addr,addr+len)
的所有實體頁面鎖入記憶體。舉例來
說,如果一次叫用僅指定了單一位元組,則包含該位元組的頁面會整個被鎖入記憶體。 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.