]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b3c289) | patch
cryptenroll,cryptsetup,shutdown: only call mlockall if we have CAP_IPC_LOCK
authorcyclopentane <cyclopentane@aidoskyneen.eu>
Fri, 16 Jan 2026 23:54:51 +0000 (00:54 +0100)
committerMike Yuan <me@yhndnzj.com>
Sun, 18 Jan 2026 18:15:30 +0000 (19:15 +0100)
commit465f6a62840df58d4cf3fc48c2bbdb2fa0ac99b1
treef67b2e9d59d0e93e31aad00e238db6e8ee825e49tree | snapshot
parent6b3c289406f7580cdd04fc811300b9f7a5c4a9efcommit | diff
cryptenroll,cryptsetup,shutdown: only call mlockall if we have CAP_IPC_LOCK

Calling mlockall in an unprivileged process most notably had the effect
of making systemd-cryptenroll OOM while trying to open a normal-sized
argon2 keyslot due to it hitting RLIMIT_MEMLOCK.
src/basic/process-util.c diff | blob | blame | history
src/basic/process-util.h diff | blob | blame | history
src/cryptenroll/cryptenroll.c diff | blob | blame | history
src/cryptsetup/cryptsetup.c diff | blob | blame | history
src/shutdown/shutdown.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.