diff options
author | Daiki Ueno <ueno@gnu.org> | 2019-06-05 10:51:49 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2019-06-05 10:51:49 +0000 |
commit | 7844baa78e307e5e544388a3618262cb05201ea6 (patch) | |
tree | 614a06101009d3016a23e504f776dc7d857629a4 | |
parent | 529758c153a85467ccd4ebaf4b469f7d0c8d49d1 (diff) | |
parent | fb813abe5c130d03fa516cb82d43973f73cb5fa7 (diff) | |
download | libsecret-7844baa78e307e5e544388a3618262cb05201ea6.tar.gz |
Merge branch 'wip/dueno/madvice' into 'master'
egg: Request that secure memory not be dumped to disk
See merge request GNOME/libsecret!30
-rw-r--r-- | egg/egg-secure-memory.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/egg/egg-secure-memory.c b/egg/egg-secure-memory.c index bc82184..ed6fbcc 100644 --- a/egg/egg-secure-memory.c +++ b/egg/egg-secure-memory.c @@ -885,6 +885,19 @@ sec_acquire_pages (size_t *sz, DEBUG_ALLOC ("gkr-secure-memory: new block ", *sz); +#if defined(MADV_DONTDUMP) + if (madvise (pages, *sz, MADV_DONTDUMP) < 0) { + if (show_warning && egg_secure_warnings) { + /* + * Not fatal - this was added in Linux 3.4 and older + * kernels will legitimately fail this at runtime + */ + fprintf (stderr, "couldn't MADV_DONTDUMP %lu bytes of memory (%s): %s\n", + (unsigned long)*sz, during_tag, strerror (errno)); + } + } +#endif + show_warning = 1; return pages; |