diff options
| author | David Carlier <[email protected]> | 2019-08-28 10:51:15 +0000 |
|---|---|---|
| committer | David Carlier <[email protected]> | 2019-08-28 12:20:27 +0000 |
| commit | 8d6a9e2cfe2a65ccd84adc46c39313662dfd1291 (patch) | |
| tree | e262cb687506f85a06d85dcff5af2bd371ee6ce3 /src | |
| parent | 426fc99fb55317a87641b625ac41ed21d8b429eb (diff) | |
Fixes and tweaks from feedback
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/utils/os_utils.cpp | 50 | ||||
| -rw-r--r-- | src/lib/utils/os_utils.h | 2 |
2 files changed, 25 insertions, 27 deletions
diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp index 85da33382..843e68638 100644 --- a/src/lib/utils/os_utils.cpp +++ b/src/lib/utils/os_utils.cpp @@ -60,6 +60,30 @@ #endif namespace Botan { +namespace { +int get_locked_fd() + { +#if defined(BOTAN_TARGET_OS_IS_IOS) || defined(BOTAN_TARGET_OS_IS_MACOS) +// On Darwin, tagging anonymous pages allows vmmap to track these. +// Allowed from 240 to 255 for userland applications, taken an hardcoded +// value for now even though it can possibly intersect. + static constexpr int default_locked_fd = 255; + int locked_fd = default_locked_fd; + + if (size_t locked_fdl = OS::read_env_variable_sz("BOTAN_LOCKED_FD", default_locked_fd)) + { + if (locked_fdl < 240 || locked_fdl > 255) + { + locked_fdl = default_locked_fd; + } + locked_fd = static_cast<int>(locked_fdl); + } + return VM_MAKE_TAG(locked_fd); +#else + return -1; +#endif + } +} // Not defined in OS namespace for historical reasons void secure_scrub_memory(void* ptr, size_t n) @@ -405,30 +429,6 @@ size_t OS::read_env_variable_sz(const std::string& name, size_t def) return def; } -int OS::get_locked_fd() - { -#if defined(BOTAN_TARGET_OS_IS_IOS) || defined(BOTAN_TARGET_OS_IS_MACOS) -// On Darwin, tagging anonymous pages allows vmmap to track these. -// Allowed from 240 to 255 for userland applications, taken an hardcoded -// value for now even though it can possibly intersect. - static constexpr int default_locked_fd = VM_MAKE_TAG(255); - int locked_fd = default_locked_fd; - - if (const char *locked_env = read_env_variable("BOTAN_LOCKED_FD")) - { - long locked_fdl = std::strtol(locked_env, nullptr, 10); - if (locked_fdl < 100 || locked_fdl > 255) - { - locked_fdl = default_locked_fd; - } - locked_fd = static_cast<int>(locked_fdl); - } - return VM_MAKE_TAG(locked_fd); -#else - return -1; -#endif - } - std::vector<void*> OS::allocate_locked_pages(size_t count) { std::vector<void*> result; @@ -458,7 +458,7 @@ std::vector<void*> OS::allocate_locked_pages(size_t count) #define PROT_MAX(p) 0 #endif const int pflags = PROT_READ | PROT_WRITE; - const int locked_fd = get_locked_fd(); + static const int locked_fd = get_locked_fd(); ptr = ::mmap(nullptr, 2*page_size, pflags | PROT_MAX(pflags), diff --git a/src/lib/utils/os_utils.h b/src/lib/utils/os_utils.h index 9604777fe..5b8c49f99 100644 --- a/src/lib/utils/os_utils.h +++ b/src/lib/utils/os_utils.h @@ -111,8 +111,6 @@ const char* read_env_variable(const std::string& var_name); */ size_t read_env_variable_sz(const std::string& var_name, size_t def_value = 0); -int get_locked_fd(); - /** * Request count pages of RAM which are locked into memory using mlock, * VirtualLock, or some similar OS specific API. Free it with free_locked_pages. |