]> err.no Git - systemd/commitdiff
cryptsetup: lock ourselves into memory as long as we deal with passwords
authorLennart Poettering <lennart@poettering.net>
Tue, 16 Nov 2010 02:23:52 +0000 (03:23 +0100)
committerLennart Poettering <lennart@poettering.net>
Tue, 16 Nov 2010 02:23:52 +0000 (03:23 +0100)
src/cryptsetup.c

index c007b87c7ab0c0c67174c54dd728c79ae01763df..c103aa9e03e329735b7e702f3802276d8dbb3e9c 100644 (file)
@@ -21,6 +21,7 @@
 
 #include <string.h>
 #include <errno.h>
+#include <sys/mman.h>
 
 #include <libcryptsetup.h>
 
@@ -181,6 +182,9 @@ int main(int argc, char *argv[]) {
                 if (argc >= 6 && argv[5][0] && !streq(argv[5], "-"))
                         parse_options(argv[5]);
 
+                /* A delicious drop of snake oil */
+                mlockall(MCL_FUTURE);
+
                 if ((k = crypt_init(&cd, argv[3]))) {
                         log_error("crypt_init() failed: %s", strerror(-k));
                         goto finish;