simplify sshkey_prekey_alloc(); always use mmap

diff --git a/sshkey.c b/sshkey.c
index 7d85674040601332503e6f0ca56ac2d238c76917..c6798e83445c018351123061e65abe66ccc818e7 100644 (file)
--- a/sshkey.c
+++ b/sshkey.c
@@ -740,28 +740,25 @@ sshkey_sk_cleanup(struct sshkey *k)
        k->sk_key_handle = k->sk_reserved = NULL;
 }
 
+#if defined(MAP_CONCEAL)
+# define PREKEY_MMAP_FLAG      MAP_CONCEAL
+#elif defined(MAP_NOCORE)
+# define PREKEY_MMAP_FLAG      MAP_NOCORE
+#else
+# define PREKEY_MMAP_FLAG      0
+#endif
+
 static int
 sshkey_prekey_alloc(u_char **prekeyp, size_t len)
 {
        u_char *prekey;
 
        *prekeyp = NULL;
-#if defined(MAP_CONCEAL)
        if ((prekey = mmap(NULL, len, PROT_READ|PROT_WRITE,
-           MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0)) == MAP_FAILED)
-               return SSH_ERR_SYSTEM_ERROR;
-#elif defined(MAP_NOCORE)
-       if ((prekey = mmap(NULL, len, PROT_READ|PROT_WRITE,
-           MAP_ANON|MAP_PRIVATE|MAP_NOCORE, -1, 0)) == MAP_FAILED)
-               return SSH_ERR_SYSTEM_ERROR;
-#elif defined(MADV_DONTDUMP)
-       if ((prekey = mmap(NULL, len, PROT_READ|PROT_WRITE,
-           MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED)
+           MAP_ANON|MAP_PRIVATE|PREKEY_MMAP_FLAG, -1, 0)) == MAP_FAILED)
                return SSH_ERR_SYSTEM_ERROR;
+#if defined(MADV_DONTDUMP) && !defined(MAP_CONCEAL) && !defined(MAP_NOCORE)
        (void)madvise(prekey, len, MADV_DONTDUMP);
-#else
-       if ((prekey = calloc(1, len)) == NULL)
-               return SSH_ERR_ALLOC_FAIL;
 #endif
        *prekeyp = prekey;
        return 0;
@@ -772,11 +769,7 @@ sshkey_prekey_free(void *prekey, size_t len)
 {
        if (prekey == NULL)
                return;
-#if defined(MAP_CONCEAL) || defined(MAP_NOCORE) || defined(MADV_DONTDUMP)
        munmap(prekey, len);
-#else
-       freezero(prekey, len);
-#endif
 }
 
 static void