| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- $OpenBSD: patch-src_secmem_c,v 1.3 2016/12/10 07:24:45 ajacoutot Exp $
- Patch copied from gnupg/patches/patch-util_secmem_c
- --- src/secmem.c.orig Fri Dec 9 15:25:37 2016
- +++ src/secmem.c Sat Dec 10 08:20:22 2016
- @@ -36,6 +36,9 @@
- #include <sys/capability.h>
- #endif
- #endif
- +#include <sys/param.h>
- +#include <sys/sysctl.h>
- +#include <uvm/uvm_swap_encrypt.h>
-
- #include "g10lib.h"
- #include "secmem.h"
- @@ -247,8 +250,24 @@ mb_get_new (pooldesc_t *pool, memblock_t *block, size_
- static void
- print_warn (void)
- {
- - if (!no_warning)
- - log_info (_("Warning: using insecure memory!\n"));
- + int mib[3], swapencrypt = 0;
- + size_t len;
- +
- + mib[0] = CTL_VM;
- + mib[1] = VM_SWAPENCRYPT;
- + mib[2] = SWPENC_ENABLE;
- +
- + len = sizeof(swapencrypt);
- +
- + if (sysctl(mib, 3, &swapencrypt, &len, NULL, 0) == -1)
- + log_info("WARNING: Can't receive vm.swapencrypt.enable sysctl value\n");
- +
- + if (!no_warning && !swapencrypt)
- + {
- + log_info("WARNING: Using insecure memory!\n");
- + log_info("Please enable swap encryption via"
- + " 'sysctl vm.swapencrypt.enable=1'.\n");
- + }
- }
-
-
|
