[RFC PATCH] enable configurable SECMEM_BUFFER_SIZE

Shah, Amul Amul.Shah at fisglobal.com
Fri Nov 24 11:30:48 CET 2017


From: Werner Koch [mailto:wk at gnupg.org] Sent: Friday, November 24, 2017 11:00 AM
>
>On Thu, 23 Nov 2017 10:43, Amul.Shah at fisglobal.com said:
>
>> but xmalloc allocations can use the overflow pool(s). This means that
>> every xmalloc allocation consumes the limited main pool. Once the
>> mainpool is exhausted, xmalloc allocations continue, but secure mallocs stop.
>
>To clarify: that is xmalloc_secure.  I meanwhile implemented a Libgcrypt
>feature to allow expanding the secmem pool.  It is also possible to advice
>Libcgrypt on the size of the newly allocated pools.  The latter can be
>important because all calls to free need to check whether that free is affects
>the secmem pool - this is done by comparing the tagnges of all secmem pools -
>many pools obviously take a little bit longer.
>
>gpg-agent has a new option --auto-expand-secmem to enable this features.
>This is currently in the 2.2 branch but will soon be merged into master.

[amul:3] Awesome! And thanks for the explanation.

>ENOMEM does not mean it is not possible to allocate more memory.  It should
>always been viewed as a temporary error code.  Right a different error code
>would be useful but has the disadvantgae that all ENOMEM handling code needs
>to be adjusted.  With the auto-expand-secmem feature any ENOMEM will anyway be
>a "real" ENOMEM.

[amul:3] I never considered ENOMEM as a transient error. Something new to think about.


>> [amul:2] I updated the bug with the test script that I used to expose the problem.
>
>Thanks.  All as been pushed and a Libgcrypt 1.8.2 release can be done soonish.
>GnuPG 2.2.4 needs to wait a few weeks.

[amul:3] DKG, What does one need to do to back-port these changes to stable?
File a bug, attach patches that apply cleanly to the target sources and request
the maintainer to add them?
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.



More information about the Gnupg-devel mailing list