From c1aacf0be347b10a6ab9bbce841e8127412bce41 Mon Sep 17 00:00:00 2001 From: Dylan Noblesmith Date: Fri, 24 Jun 2011 03:03:17 +0000 Subject: [PATCH] mlock() all private keys in memory Inline comment and idea come from the encprivkeys branch by Matt Corallo . --- src/serialize.h | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/src/serialize.h b/src/serialize.h index 31862a71..6952004e 100644 --- a/src/serialize.h +++ b/src/serialize.h @@ -28,6 +28,18 @@ typedef unsigned long long uint64; #if defined(_MSC_VER) && _MSC_VER < 1300 #define for if (false) ; else for #endif + +#ifdef __WXMSW__ +// This is used to attempt to keep keying material out of swap +// Note that VirtualLock does not provide this as a guarantee on Windows, +// but, in practice, memory that has been VirtualLock'd almost never gets written to +// the pagefile except in rare circumstances where memory is extremely low. +#define mlock(p, n) VirtualLock((p), (n)); +#define munlock(p, n) VirtualUnlock((p), (n)); +#else +#include +#endif + class CScript; class CDataStream; class CAutoFile; @@ -755,7 +767,8 @@ struct ser_streamplaceholder // -// Allocator that clears its contents before deletion +// Allocator that locks its contents from being paged +// out of memory and clears its contents before deletion. // template struct secure_allocator : public std::allocator @@ -777,10 +790,22 @@ struct secure_allocator : public std::allocator template struct rebind { typedef secure_allocator<_Other> other; }; + T* allocate(std::size_t n, const void *hint = 0) + { + T *p; + p = std::allocator::allocate(n, hint); + if (p != NULL) + mlock(p, sizeof(T) * n); + return p; + } + void deallocate(T* p, std::size_t n) { if (p != NULL) + { memset(p, 0, sizeof(T) * n); + munlock(p, sizeof(T) * n); + } std::allocator::deallocate(p, n); } };