[openssh-commits] [openssh] 02/02: private key coredump protection for Linux/FreeBSD
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Aug 20 13:57:14 AEST 2024
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit d922762ca16a7381131b242f49d7376c41fabcb5
Author: Damien Miller <djm at mindrot.org>
AuthorDate: Tue Aug 20 13:55:30 2024 +1000
private key coredump protection for Linux/FreeBSD
platforms not supporting coredump exclusion using mmap/madvise flags
fall back to plain old malloc(3).
---
sshkey.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/sshkey.c b/sshkey.c
index 6207cfc1..384fb59b 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -746,9 +746,23 @@ sshkey_prekey_alloc(u_char **prekeyp, size_t len)
u_char *prekey;
*prekeyp = NULL;
+#if defined(MAP_CONCEAL)
if ((prekey = mmap(NULL, SSHKEY_SHIELD_PREKEY_LEN, PROT_READ|PROT_WRITE,
MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0)) == MAP_FAILED)
return SSH_ERR_SYSTEM_ERROR;
+#elif defined(MAP_NOCORE)
+ if ((prekey = mmap(NULL, SSHKEY_SHIELD_PREKEY_LEN, PROT_READ|PROT_WRITE,
+ MAP_ANON|MAP_PRIVATE|MAP_NOCORE, -1, 0)) == MAP_FAILED)
+ return SSH_ERR_SYSTEM_ERROR;
+#elif defined(MADV_DONTDUMP)
+ if ((prekey = mmap(NULL, SSHKEY_SHIELD_PREKEY_LEN, PROT_READ|PROT_WRITE,
+ MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED)
+ return SSH_ERR_SYSTEM_ERROR;
+ (void)madvise(prekey, len, MADV_DONTDUMP);
+#else
+ if ((prekey = calloc(1, len)) == NULL)
+ return SSH_ERR_ALLOC_FAIL;
+#endif
*prekeyp = prekey;
return 0;
}
@@ -758,7 +772,11 @@ sshkey_prekey_free(void *prekey, size_t len)
{
if (prekey == NULL)
return;
+#if defined(MAP_CONCEAL) || defined(MAP_NOCORE) || defined(MADV_DONTDUMP)
munmap(prekey, len);
+#else
+ freezero(prekey, len);
+#endif
}
static void
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list