mlock

[daxpedda]

For security purposes it would also be interesting to add mlock. I am not versed in the WASM spec and I am not sure if this should be added here or in multi-memory.

The main use-case is to protect sensitive data by preventing it from using swap memory.

[dtig]

This could be added here, could you elaborate a little bit more on your use case? What sorts of applications would you expect to use mlock?

[daxpedda]

For example currently I'm working on implementing OPAQUE to be used on the client through WASM in the browser. This would require holding some secrets that should not leak to swap, for example the user password.

More complicated cases could hold encryption keys and the like when the Web Crypto API is not enough or when used in conjunction with it.

[daxpedda]

I just saw that it was also mentioned here: WebAssembly/design#1397 (comment).

As far as I understand it was only posted as a reference, my intention is also to re-post it here just for reference too.

Lock

OSes also allow locking virtual pages to physical pages, so that they will not be "evicted" to the page file or relocated to another part of RAM. Obviously, the maximum amount of memory for which this can happen is limited to some portion of the total physical RAM in the system.

Although there's nothing stopping an application from using this feature as a performance optimization ("I know this chunk of memory is important and I never want it swapped out"), it is mainly used for kernel or hardware communication. Because virtual addresses are per-process, and pages can be transient in physical memory, anything that needs to be quickly accessed by multiple processes, the kernel, or hardware collaboratively may need to be locked in physical memory so that it does not need to go through costly kernel operations to ensure consistency.