]> git.ipfire.org Git - thirdparty/openssh-portable.git/commit
upstream: place shielded keys (i.e. keys at rest in RAM) into memory
authordjm@openbsd.org <djm@openbsd.org>
Tue, 20 Aug 2024 03:48:30 +0000 (03:48 +0000)
committerDamien Miller <djm@mindrot.org>
Tue, 20 Aug 2024 03:50:15 +0000 (13:50 +1000)
commitcc048ca536d6bed6f2285b07040b0d57cd559ba5
tree1952c39029e2a27cf74545380852dd033fd60d8e
parenta0b35c791cad1f85481b23ba46373060292e1c80
upstream: place shielded keys (i.e. keys at rest in RAM) into memory

allocated using mmap(3) with MAP_CONCEAL set. This prevents exposure of the
key material in coredumps, etc (this is in addition to other measures we take
in this area).

ok deraadt@

OpenBSD-Commit-ID: cbbae59f337a00c9858d6358bc65f74e62261369
sshkey.c