/* Initialize the secure memory system. If running with the necessary
privileges, the secure memory pool will be locked into the core in
order to prevent page-outs of the data. Furthermore allocated
secure memory will be wiped out when released. */
void
_gcry_secmem_init (size_t n)
{
SECMEM_LOCK;
secmem_init (n);
SECMEM_UNLOCK;
}
/* Initialize the secure memory subsystem, drop privileges and return.
Must be called early. */
void
pinentry_init (const char *pgmname)
{
/* Store away our name. */
if (strlen (pgmname) > sizeof this_pgmname - 2)
abort ();
strcpy (this_pgmname, pgmname);
/* Initialize secure memory. 1 is too small, so the default size
will be used. */
secmem_init (1);
secmem_set_flags (SECMEM_WARN);
drop_privs ();
if (atexit (secmem_term))
/* FIXME: Could not register at-exit function, bail out. */
;
assuan_set_malloc_hooks (secmem_malloc, secmem_realloc, secmem_free);
}
static void *
_gcry_secmem_malloc_internal (size_t size)
{
memblock_t *mb;
if (!pool_okay)
{
/* Try to initialize the pool if the user forgot about it. */
secmem_init (STANDARD_POOL_SIZE);
if (!pool_okay)
{
log_info (_("operation is not possible without "
"initialized secure memory\n"));
gpg_err_set_errno (ENOMEM);
return NULL;
}
}
if (not_locked && fips_mode ())
{
log_info (_("secure memory pool is not locked while in FIPS mode\n"));
gpg_err_set_errno (ENOMEM);
return NULL;
}
if (show_warning && !suspend_warning)
{
show_warning = 0;
print_warn ();
}
/* Blocks are always a multiple of 32. */
size = ((size + 31) / 32) * 32;
mb = mb_get_new ((memblock_t *) pool, size);
if (mb)
stats_update (size, 0);
return mb ? &mb->aligned.c : NULL;
}
