sikkienl/dash
1
0
Fork 0
mirror of https://github.com/dashpay/dash.git synced 2024-12-26 04:22:55 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge #15600: lockedpool: When possible, use madvise to avoid including sensitive information in core dumps

Browse Source 
d831831822885717e9841f1ff67c19add566fa45 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr)

Pull request description:

  If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~.

  The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure).

ACKs for top commit:
  practicalswift:
    Code review ACK d831831822885717e9841f1ff67c19add566fa45 -- patch looks correct
  laanwj:
    ACK d831831822885717e9841f1ff67c19add566fa45
  jonatack:
    ACK d831831822885717e9841f1ff67c19add566fa45
  vasild:
    ACK d831831822885717e9841f1ff67c19add566fa45

Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
This commit is contained in:
Wladimir J. van der Laan 2020-03-26 16:55:49 +01:00 committed by pasta
parent 9156e07334
commit 8e8048e1c3
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/support/lockedpool.cpp
View File

@ -257,6 +257,9 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
}
if (addr) {
*lockingSuccess = mlock(addr, len) == 0;
#ifdef MADV_DONTDUMP
madvise(addr, len, MADV_DONTDUMP);
#endif
}
return addr;
}