Hi,
I think it would make sense to mlock the variables dealing with the
user's input in readpw(), to ensure secrets are not written to disk
(sans hibernating).
That may include buf[32], passwd[256], ksym and ev. In which case the
easiest way to do it would be to put them all in a struct and call:
mlock(&secrets, sizeof(secrets)) /* in linux */
Apparently according to POSIX mlock(2) may fail if addr is not a
multiple of PAGESIZE, so that would need to be handled as well:
addr = (char *)((uintptr_t)&secrets & -sysconf(_SC_PAGESIZE));
len = (char *)(&secrets + 1) - addr;
mlock(addr, len);
--
Listeria
Received on Sat Jun 27 2026 - 22:19:11 CEST