1 From: Kurt Garloff <garloff@suse.de>
2 Subject: Increase default RLIMIT_MEMLOCK to 64k
4 Patch-Mainline: mm-increase-the-default-mlock-limit-from-32k-to-64k.patch (2.6.28-rc-mm)
6 By default, non-privileged tasks can only mlock() a small amount of
7 memory to avoid a DoS attack by ordinary users. The Linux kernel
8 defaulted to 32k (on a 4k page size system) to accommodate the
10 However, newer gpg2 needs 64k in various circumstances and otherwise
11 fails miserably, see bnc#329675.
13 Change the default to 64k, and make it more agnostic to PAGE_SIZE.
15 Signed-off-by: Kurt Garloff <garloff@suse.de>
16 Signed-off-by: Nick Piggin <npiggin@suse.de>
18 Index: linux-2.6.27/include/linux/resource.h
19 ===================================================================
20 --- linux-2.6.27.orig/include/linux/resource.h
21 +++ linux-2.6.27/include/linux/resource.h
22 @@ -59,10 +59,10 @@ struct rlimit {
23 #define _STK_LIM (8*1024*1024)
26 - * GPG wants 32kB of mlocked memory, to make sure pass phrases
27 + * GPG2 wants 64kB of mlocked memory, to make sure pass phrases
28 * and other sensitive information are never written to disk.
30 -#define MLOCK_LIMIT (8 * PAGE_SIZE)
31 +#define MLOCK_LIMIT ((PAGE_SIZE > 64*1024) ? PAGE_SIZE : 64*1024)
34 * Due to binary compatibility, the actual resource numbers