Merge branch 'wip/dueno/madvice' into 'master'

egg: Request that secure memory not be dumped to disk

See merge request GNOME/libsecret!30

1 files changed, 13 insertions, 0 deletions

diff --git a/egg/egg-secure-memory.c b/egg/egg-secure-memory.c
index bc82184..ed6fbcc 100644
--- a/egg/egg-secure-memory.c
+++ b/egg/egg-secure-memory.c
@@ -885,6 +885,19 @@ sec_acquire_pages (size_t *sz,
 
 	DEBUG_ALLOC ("gkr-secure-memory: new block ", *sz);
 
+#if defined(MADV_DONTDUMP)
+	if (madvise (pages, *sz, MADV_DONTDUMP) < 0) {
+		if (show_warning && egg_secure_warnings) {
+			/*
+			 * Not fatal - this was added in Linux 3.4 and older
+			 * kernels will legitimately fail this at runtime
+			 */
+			fprintf (stderr, "couldn't MADV_DONTDUMP %lu bytes of memory (%s): %s\n",
+				 (unsigned long)*sz, during_tag, strerror (errno));
+		}
+	}
+#endif
+
 	show_warning = 1;
 	return pages;