From c1aacf0be347b10a6ab9bbce841e8127412bce41 Mon Sep 17 00:00:00 2001 From: Dylan Noblesmith Date: Fri, 24 Jun 2011 03:03:17 +0000 Subject: mlock() all private keys in memory Inline comment and idea come from the encprivkeys branch by Matt Corallo . --- src/serialize.h | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'src/serialize.h') diff --git a/src/serialize.h b/src/serialize.h index 31862a71a9..6952004e2e 100644 --- a/src/serialize.h +++ b/src/serialize.h @@ -28,6 +28,18 @@ typedef unsigned long long uint64; #if defined(_MSC_VER) && _MSC_VER < 1300 #define for if (false) ; else for #endif + +#ifdef __WXMSW__ +// This is used to attempt to keep keying material out of swap +// Note that VirtualLock does not provide this as a guarantee on Windows, +// but, in practice, memory that has been VirtualLock'd almost never gets written to +// the pagefile except in rare circumstances where memory is extremely low. +#define mlock(p, n) VirtualLock((p), (n)); +#define munlock(p, n) VirtualUnlock((p), (n)); +#else +#include +#endif + class CScript; class CDataStream; class CAutoFile; @@ -755,7 +767,8 @@ struct ser_streamplaceholder // -// Allocator that clears its contents before deletion +// Allocator that locks its contents from being paged +// out of memory and clears its contents before deletion. // template struct secure_allocator : public std::allocator @@ -777,10 +790,22 @@ struct secure_allocator : public std::allocator template struct rebind { typedef secure_allocator<_Other> other; }; + T* allocate(std::size_t n, const void *hint = 0) + { + T *p; + p = std::allocator::allocate(n, hint); + if (p != NULL) + mlock(p, sizeof(T) * n); + return p; + } + void deallocate(T* p, std::size_t n) { if (p != NULL) + { memset(p, 0, sizeof(T) * n); + munlock(p, sizeof(T) * n); + } std::allocator::deallocate(p, n); } }; -- cgit v1.2.3 From a48c671957e37594d8f9e0fd51b24e7a4f44300e Mon Sep 17 00:00:00 2001 From: Doug Huff Date: Thu, 30 Jun 2011 02:04:44 +0200 Subject: Make mlock() and munlock() portable to systems that require the address to be on a page boundary. --- src/serialize.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src/serialize.h') diff --git a/src/serialize.h b/src/serialize.h index 6952004e2e..38c533d9ae 100644 --- a/src/serialize.h +++ b/src/serialize.h @@ -38,6 +38,18 @@ typedef unsigned long long uint64; #define munlock(p, n) VirtualUnlock((p), (n)); #else #include +#include +/* This comes from limits.h if it's not defined there set a sane default */ +#ifndef PAGESIZE +#include +#define PAGESIZE sysconf(_SC_PAGESIZE) +#endif +#define mlock(a,b) \ + mlock(((void *)(((size_t)(a)) & (~((PAGESIZE)-1)))),\ + (((((size_t)(a)) + (b) - 1) | ((PAGESIZE) - 1)) + 1) - (((size_t)(a)) & (~((PAGESIZE) - 1)))) +#define munlock(a,b) \ + munlock(((void *)(((size_t)(a)) & (~((PAGESIZE)-1)))),\ + (((((size_t)(a)) + (b) - 1) | ((PAGESIZE) - 1)) + 1) - (((size_t)(a)) & (~((PAGESIZE) - 1)))) #endif class CScript; -- cgit v1.2.3 From 24a0def8cda671e9faedb84e6590eb761ba7487e Mon Sep 17 00:00:00 2001 From: Jeff Garzik Date: Wed, 13 Jul 2011 01:19:26 -0400 Subject: Bump version to 0.3.25 Yes, we might release as v0.4, but let's just do a simple increment for now. --- src/serialize.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/serialize.h') diff --git a/src/serialize.h b/src/serialize.h index 38c533d9ae..cb3a3ea03c 100644 --- a/src/serialize.h +++ b/src/serialize.h @@ -57,7 +57,7 @@ class CDataStream; class CAutoFile; static const unsigned int MAX_SIZE = 0x02000000; -static const int VERSION = 32400; +static const int VERSION = 32500; static const char* pszSubVer = ""; static const bool VERSION_IS_BETA = true; -- cgit v1.2.3