shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-18 10:04:04 +03:00
Code

cryptenroll: Lock memory pages before operating on the device

Browse Source 
This is what systemd-cryptsetup does. We will be unlocking the device,
working with sensitive cryptographic material as well.
This commit is contained in:
Gabríel Arthúr Pétursson 2024-01-04 08:34:40 +00:00
parent 4a67075007
commit 97fb1fc4b1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/cryptenroll/cryptenroll.c
View File

@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <getopt.h> #include <getopt.h>
#include <sys/mman.h>
#include "ask-password-api.h" #include "ask-password-api.h"
#include "build.h" #include "build.h"
@ -706,6 +707,9 @@ static int run(int argc, char *argv[]) {
if (r <= 0) if (r <= 0)
return r; return r;
/* A delicious drop of snake oil */
(void) mlockall(MCL_FUTURE);
cryptsetup_enable_logging(NULL); cryptsetup_enable_logging(NULL);
if (arg_enroll_type < 0) if (arg_enroll_type < 0)