Karolin Varner
Karolin Varner
I think I am done. I would say very well done; the implementation looks solid for a business-logic standard of quality. We will be able to work together to raise...
> There now also exists [a summary](https://github.com/stv0g/go-rosenpass/issues/27#issue-1771428269) in the description of this issue. For larger issues which might require their own discussion, I will create a separate issue in this...
> In response to: [#27 (comment)](https://github.com/stv0g/go-rosenpass/issues/27#issuecomment-1604272535) & [#27 (comment)](https://github.com/stv0g/go-rosenpass/issues/27#issuecomment-1604272535) > > I've implemented proper constant-time big integer arithmetic for the biscuit counter in [164eb6f](https://github.com/stv0g/go-rosenpass/commit/164eb6f26e8a2d7fca8bbe07ca6081b8bfd88af1). Would you take it as a...
> Note to reproducer/fixer: > > Memory that can be allocated is limited by rlimit parameters when using memfd_secret- a soft limit by the process, and a hard limit by...
I think we could estimate the amount of secret memory needed per peer and then just do a back of the envelope estimation within the application to check if there...
Oh and actually we should use mlock even for secret memory allocated without memfd-secret
> > Oh and actually we should use mlock even for secret memory allocated without memfd-secret > > mlock is used- just that it is used by memsec only for...
> > > > Oh and actually we should use mlock even for secret memory allocated without memfd-secret > > > > > > > > > mlock is used-...
> > Well, you do use a mmap call to actually map the secret into memory…and there you have control over the memory layout… > > True but is there...
> I was able to reproduce this issue on my setup (Ubuntu 23.10, Rust 1.80 nightly, `apracar:generate_config` branch, both DUT and ATE on same machine). To set `RLIMIT_MEMLOCK`, I ran...