←back to thread

Against /tmp

(dotat.at)
201 points todsacerdoti | 1 comments | 22 Oct 24 12:36 UTC | HN request time: 0.202s | source
Show context
Aardwolf ◴[22 Oct 24 13:11 UTC] No.41913873[source]
I like /tmp in RAM myself, it's truly temporary that way

EDIT: I do this more for avoiding certain disk reads/writes than security actually

replies(6): >>41913905 #>>41913910 #>>41913918 #>>41914627 #>>41916103 #>>41916856 #
nullindividual ◴[22 Oct 24 13:15 UTC] No.41913905[source]
You'd need to pin pages in physical memory to guarantee it stays in physical memory. What happens if an 'attacker' (or accidental user) exceeds available physical memory? OOM Kill other applications? Just don't accept temp data, leading to failures in operations requested by the user or system?

Pages in physical memory are not typically zero'ed out upon disuse. Yes, they're temporary... but only guaranteed temporary if you turn the system off and the DRAM cells bleed out their voltage.

replies(4): >>41913943 #>>41913945 #>>41915792 #>>41918431 #
noirscape ◴[22 Oct 24 13:18 UTC] No.41913945[source]
By default a tmpfs has a really low RAM priority so the OS will try to move it in swapspace if memory gets low. tmpfs size is specified on creation of the tmpfs (and cant be larger than the total memory available, which is swap + RAM) but it's only "occupied" when files begin to fill the tmpfs.

If it gets too full for regular OS operations, you get the fun of the OOM Killer shutting down services (tmpfs is never targeted by the OOM Killer) until the entire OS just deadlocks if you somehow manage to fill the tmpfs up entirely.

replies(1): >>41913983 #
nullindividual ◴[22 Oct 24 13:22 UTC] No.41913983[source]
> OS will try to move it in swapspace if memory gets low

That defeats the idea GP presented.

replies(2): >>41914042 #>>41914260 #
dspillett ◴[22 Oct 24 13:51 UTC] No.41914260[source]
Only if memory gets low, otherwise it'll stay in RAM and give the benefit GGP intended. IIRC tmpfs data shouldn't be evicted to swap just to allow more room for cache, or if an app requests a large chunk of memory but doesn't use it, just to allow more room for application pages that are actively in use.

Normal case: tmpfs data stays in RAM

Worst case: it is pushed to swap partitions/files, which is no worse than it being in a filesystem on physical media to start with (depending on access patters and how swap space is arranged it may still be a little more efficient).

It isn't quite the same as /tmp being on disk anyway but under normal loads in cache, because the data will usually get written to disk even if only ever read from cache and the cached data from disk will be evicted to make room for caching other data where tmpfs data is less likely to.

replies(2): >>41917129 #>>41918940 #
cowsandmilk ◴[22 Oct 24 18:21 UTC] No.41917129[source]
Use of /tmp on regular file system has almost the same behavior because the kernel has a file system cache… if you’re using the file, it will remain available in RAM. There’s some subtle differences, but I’ve seen enough benchmarks around this to have realized that tmpfs doesn’t really have an impact.
replies(1): >>41919028 #
1. anyfoo ◴[22 Oct 24 21:41 UTC] No.41919028[source]
Yeah, that's why I think the prime feature of tmpfs is more ephemerality than anything else.