GnuPG 1.0.4 and HP-UX 10.20 (mlock vs. plock)
gnupg-devel@thewrittenword.com
gnupg-devel@thewrittenword.com
Wed Mar 7 22:05:01 2001
On Wed, Mar 07, 2001 at 11:39:45AM -0600, David Hayes wrote:
> On Wed, Mar 07, 2001 at 10:12:10AM -0600, gnupg-devel@thewrittenword.com wrote:
> > Yes, locking the entire *data* segment is overkill but it's better
> > than nothing. What do you all think?
>
> I think that keeping sensitive information from leaking to disk is more
> important than the fact that we'll consume a bit more physical RAM. Go
> for it.
Patch attached. plock() is called only if mlock is detected as being
broken.
--
albert chin (china@thewrittenword.com)
-- snip snip
--- acinclude.m4.orig Mon Mar 5 15:41:08 2001
+++ acinclude.m4 Wed Mar 7 10:17:29 2001
@@ -417,6 +417,7 @@
if test "$gnupg_cv_have_broken_mlock" = "yes"; then
AC_DEFINE(HAVE_BROKEN_MLOCK)
AC_MSG_RESULT(yes)
+ AC_CHECK_FUNCS(plock)
else
if test "$gnupg_cv_have_broken_mlock" = "no"; then
AC_MSG_RESULT(no)
--- util/secmem.c.orig Wed Mar 7 10:18:56 2001
+++ util/secmem.c Wed Mar 7 10:21:22 2001
@@ -32,6 +32,9 @@
#ifdef USE_CAPABILITIES
#include <sys/capability.h>
#endif
+ #ifdef HAVE_PLOCK
+ #include <sys/lock.h>
+ #endif
#endif
#include "types.h"
@@ -115,6 +118,13 @@
uid = getuid();
#ifdef HAVE_BROKEN_MLOCK
+ /* ick. but at least we get secured memory. about to lock
+ entire data segment. */
+ #ifdef HAVE_PLOCK
+ err = plock( DATLOCK );
+ if( err && errno )
+ err = errno;
+ #else
if( uid ) {
errno = EPERM;
err = errno;
@@ -124,6 +134,7 @@
if( err && errno )
err = errno;
}
+ #endif
#else
err = mlock( p, n );
if( err && errno )