GPGME and custom memory allocators
Ben Kibbey
bjk at luxsci.net
Tue Oct 21 23:40:50 CEST 2014
On Tue, Oct 21, 2014 at 04:00:20PM -0400, Robert J. Hansen wrote:
> >> I'm hoping people can test the bjk/master branch of
> >> git://git.gnupg.org/gpgme.git before being pulled into master. It
> >> adds custom memory allocators to gpgme much like libassuan and
> >> libgcrypt.
> >
> > Why?
>
> There are lots of reasons to do this -- maybe you're on a Beowulf
> cluster and you want to make sure memory gets allocated on the same
> machine the process is running on, to minimize access time. Maybe
> you've got memory with some really exotic security safeguard, like
> embedded in tamper-resistant epoxy to make various forensic techniques
> more difficult, and you want to make sure memory gets allocated there
> and not in an easier-to-attack DIMM. Maybe...
>
> Writing custom memory allocators sounds really exotic, but it's a fairly
> common bit of systems-level programming. GnuPG has its own custom
> allocator built into it, for instance, to provide some software-based
> security guarantees to the memory block.
It's also useful for memory allocation tracking and leak detection and
zero'ing before free().
--
Ben Kibbey
More information about the Gnupg-devel
mailing list