diff options
author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-03-26 16:55:49 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-03-26 16:56:03 +0100 |
commit | 23991ee53af21c2fdc28f6e8e002dc1455c71098 (patch) | |
tree | 30dab64887f1f24ec369af4321af43967649a5bb | |
parent | f3a91ab0edc70e1bcb7e770f0878f03459c399e1 (diff) | |
parent | d831831822885717e9841f1ff67c19add566fa45 (diff) |
Merge #15600: lockedpool: When possible, use madvise to avoid including sensitive information in core dumps
d831831822885717e9841f1ff67c19add566fa45 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr)
Pull request description:
If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~.
The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure).
ACKs for top commit:
practicalswift:
Code review ACK d831831822885717e9841f1ff67c19add566fa45 -- patch looks correct
laanwj:
ACK d831831822885717e9841f1ff67c19add566fa45
jonatack:
ACK d831831822885717e9841f1ff67c19add566fa45
vasild:
ACK d831831822885717e9841f1ff67c19add566fa45
Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
-rw-r--r-- | src/support/lockedpool.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp index 6980b6c0da..f3cc12201c 100644 --- a/src/support/lockedpool.cpp +++ b/src/support/lockedpool.cpp @@ -253,6 +253,9 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess) } if (addr) { *lockingSuccess = mlock(addr, len) == 0; +#ifdef MADV_DONTDUMP + madvise(addr, len, MADV_DONTDUMP); +#endif } return addr; } |