-
Type: Improvement
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Security
-
Fully Compatible
-
Platforms 13 (04/22/16), Platforms 14 (05/13/16)
-
0
The secure allocator should be more like a real allocator. I.e. it shouldn't require a mmap or virtual alloc call for every allocation.
We would need to retain the constraints that:
- Memory is zeroed after deallocate
- Memory is always locked in memory
Lets:
- Always ask the os for full pages of memory
- hand out multiple allocations from the same page
- refcount the pages and unlocking and returning after all consumers were gone
- related to
-
SERVER-23705 Number of databases on Windows is limited when using on-disk encryption
- Closed