Merge #18443: lockedpool: avoid sensitive data in core files (FreeBSD)

laanwj · laanwj · commit b549cb1bd2cc · 2020-05-04T16:31:07.000+02:00
f852030 lockedpool: avoid sensitive data in core files (FreeBSD) (Vasil Dimov) Pull request description: This is a followup to 23991ee / bitcoin/bitcoin#15600 to also use madvise(2) on FreeBSD to avoid sensitive data allocated with secure_allocator ending up in core files in addition to preventing it from going to the swap. ACKs for top commit: sipa: ACK f852030 if someone verifies this works as intended on *BSD. laanwj: ACK f852030 practicalswift: Code-review ACK f852030 assuming a reviewer with FreeBSD access verifies that the PR goal is achieved :) Tree-SHA512: 2e6d4ab6a9fbe18732c8ba530eacc17f58128c97140758b80c905b5b838922a2bcaa5f9abc45ab69d5a1a2baa0cba322f006048b60a877228e089c7e64dadd2a
diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp
@@ -253,8 +253,10 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
     }
     if (addr) {
         *lockingSuccess = mlock(addr, len) == 0;
-#ifdef MADV_DONTDUMP
+#if defined(MADV_DONTDUMP) // Linux
         madvise(addr, len, MADV_DONTDUMP);
+#elif defined(MADV_NOCORE) // FreeBSD
+        madvise(addr, len, MADV_NOCORE);
 #endif
     }
     return addr;

Original file line number	Diff line number	Diff line change
`@@ -253,8 +253,10 @@ void PosixLockedPageAllocator::AllocateLocked(size_t len, bool lockingSuccess)`
`253`	`253`	`}`
`254`	`254`	`if (addr) {`
`255`	`255`	`*lockingSuccess = mlock(addr, len) == 0;`
`256`		`-#ifdef MADV_DONTDUMP`
	`256`	`+#if defined(MADV_DONTDUMP) // Linux`
`257`	`257`	`madvise(addr, len, MADV_DONTDUMP);`
	`258`	`+#elif defined(MADV_NOCORE) // FreeBSD`
	`259`	`+ madvise(addr, len, MADV_NOCORE);`
`258`	`260`	`#endif`
`259`	`261`	`}`
`260`	`262`	`return addr;`