Merge pull request #2673 from patricklodder/1.14.5-2019-15947
security: Backport madvise() for lockedpool sensitive data from 1.21-dev
This commit is contained in:
commit
97c98cf0a6
|
@ -230,6 +230,11 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
|
|||
addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
|
||||
if (addr) {
|
||||
*lockingSuccess = mlock(addr, len) == 0;
|
||||
#if defined(MADV_DONTDUMP) // Linux
|
||||
madvise(addr, len, MADV_DONTDUMP);
|
||||
#elif defined(MADV_NOCORE) // FreeBSD
|
||||
madvise(addr, len, MADV_NOCORE);
|
||||
#endif
|
||||
}
|
||||
return addr;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue