mlockall的这种用法正确吗? [英] Is this usage of mlockall correct?
问题描述
下面的程序对两个文件进行XOR运算,以使用一个时间片加密来创建输出文件.我试图使用 mlockall 以避免从外部存储器获取密钥文件时在硬盘驱动器上留下任何密钥文件痕迹.
The program below XORs 2 files to create an output file using one time pad encryption. I have attempted to use mlockall in order to avoid any traces of the keyfile being left on the hard drive when getting the keyfile from external memory sources.
在mlockall手册页中:
From the mlockall man page:
mlock()和mlockall()分别锁定部分或全部调用进程的虚拟地址空间到RAM中,以防止将该内存分页到内存中交换区域.
如何检查其是否正常工作以及我是否正确使用了 mlockall ?
How I do check if it is working and have I used mlockall correctly?
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/mman.h>
int main(int argc, char **argv)
{
struct stat statbuf;
struct stat keybuf;
char buffer [20];
int key;
int data;
int output;
int count;
char ans;
int * buf;
FILE * keyfile;
FILE * sourcefile;
FILE * destfile;
if(geteuid() !=0)
{
printf("Root access is required to run this program\n\n");
exit(0);
}
if(argc<4)
{
printf("OTP-Bunny 1.0\n");
printf("USAGE: OTP <source file> <output file> <keyfile>\n");
return (0);
}
/* Check number of arguments. */
if(argc>4)
{
printf("Too many arguments.\n");
printf("USAGE: OTP <source file> <output file> <keyfile>\n");
exit(1);
}
/* Allocate memory required by processes */
buf = (int*) malloc (sizeof(int));
if (buf == NULL)
{
perror("Error");
exit(1);
}
/* Lock down pages mapped to processes */
printf("Locking down processes\n");
if(mlockall (MCL_CURRENT | MCL_FUTURE) < 0)
{
perror("mlockall");
exit (1);
}
/* Check if sourcefile can be opened. */
if((sourcefile = fopen(argv[1], "rb"))== NULL)
{
printf("Can't open source file\n");
perror("Error");
printf("USAGE: OTP <source file> <output file> <keyfile>\n");
exit (1);
}
/* Get size of sourcefile */
fstat(fileno(sourcefile), &statbuf);
/* Check if keyfile can be opened. */
if((keyfile = fopen(argv[3], "rb"))== NULL)
{
printf("Can't open keyfile.\n");
perror("Error");
printf("USAGE: OTP <source file> <output file> <keyfile>\n");
exit(1);
}
/* Get size of keyfile */
fstat(fileno(keyfile), &keybuf);
/* Check if keyfile is the same size as, or bigger than the sourcefile */
if((keybuf.st_size) < (statbuf.st_size))
{
printf("Source file is larger than keyfile.\n");
printf("This significantly reduces cryptographic strength.\n");
printf("Do you wish to continue? (Y/N)\n");
fgets(buffer, 20, stdin);
sscanf(buffer, "%c", &ans);
if(ans == 'n' || ans == 'N')
{
exit (1);
}
if(ans == 'y' || ans == 'Y')
{
printf("Proceeding with Encryption/Decryption.\n");
}
else
{
printf("No option selected. Exiting...\n");
exit (1);
}
}
/* Check if destfile can be opened. */
if((destfile = fopen(argv[2], "wb"))== NULL)
{
printf("Can't open output file.\n");
perror("Error");
exit(1);
}
/* Encrypt/Decrypt and write to output file. */
while(count < (statbuf.st_size))
{
key=fgetc(keyfile);
data=fgetc(sourcefile);
output=(key^data);
fputc(output,destfile);
count++;
}
/* Close files. */
fclose(keyfile);
fclose(sourcefile);
fclose(destfile);
printf("Encryption/Decryption Complete.\n\n");
/* delete keyfile option. */
printf("Do you wish to delete the keyfile? (Y/N)\n");
fgets(buffer, 20, stdin);
sscanf(buffer, "%c", &ans);
if(ans == 'y' || ans == 'Y')
{
if ( remove(argv[3]) == 0)
{
printf("File deleted successfully.\n");
}
else
{
printf("Unable to delete the file.\n");
perror("Error");
exit(1);
}
}
/* cleanup */
printf("Releasing memory\n");
free (buf);
return(0);
}
推荐答案
您对 mlockall 的用法可能是正确的.由于您为 MCL_FUTURE 提供了任何间接的 malloc (例如,通过 fopen ),因此也会涉及-但是这些 malloc -s可能需要 mmap (并且这些 mmap 系统调用可能会失败,例如由于缺少RAM).
Your usage of mlockall is probably correct. Since you gave MCL_FUTURE any indirect malloc (e.g. by fopen) would also be concerned - but these malloc-s might need to mmap (and these mmap syscalls might fail, e.g. because of lack of RAM).
但是为什么不将您的 buf 设置为本地 int 变量?
But why don't you make your buf a local int variable?
而且我不明白为什么使用 mlockall 会避免在硬盘驱动器上留下任何密钥文件痕迹";密钥文件肯定在文件系统中(并且可能在某些内核文件缓存中),该文件系统会在磁盘上留下痕迹(除非您使用例如 mlopckall(2)处理过程'(地址空间,但是文件与文件系统相关,在Linux上,文件系统通常具有
And I don't understand why using mlockall would "avoid any traces of the keyfile being left on the hard drive"; the keyfile is surely in a filesystem (and probably in some kernel file cache), which leave traces on some disk (unless you use e.g. a tmpfs filesystem for it). mlopckall(2) deals with the process' (virtual memory) address space, but files are related to the file systems, which on Linux usually have kernel buffers and cache.
由于缺乏缩进,我趋向于发现您的程序难以阅读,而且我不完全了解它的功能以及 mlockall 的意义.最好编辑您的问题以解释程序的预期目的.
Because of lack of indentation, I tend to find your program hard to read, and I don't understand exactly what it does and what is the relevance of mlockall. It would be nice to edit your question to explain the intended purpose of your program.
您确实应该读一本好书,例如高级Linux编程和高级Unix编程.似乎您缺少一些基本概念;我不明白您为什么要使用 mlockall .
You really should read a good book like e.g. Advanced Linux Programming and Advanced Unix Programming. It seems that you are missing some basic concepts; I don't understand why you are using mlockall.
也许您可以使用较低级别的系统调用,例如 mmap(2)来访问您的敏感数据(以及 munmap(2)尽快将其删除,也许要先清除它).您不完全知道 fopen 或 fgetc 在做什么,它们正在添加另一个缓冲区,即使在 fclose .
Perhaps you might use lower-level syscalls like mmap(2) to access your sensitive data (and munmap(2) it as soon as possible, perhaps clearing it before). You don't know exactly what fopen or fgetc are doing, they are adding another buffer, which will keep your secret data, perhaps even after fclose.
此外,您可能希望(至少在您的头脑中和在明确的注释中)定义您的受信任的内容计算基础.
Also, you might want to define (at least in your head and in explicit comments) what is your trusted computing base.
此外,密码学是一门非常困难的科学.请使用现有的密码库,而不要发明自己的加密技术(这实际上是孩子们的游戏).如果您想成为密码学家,请获得该域名的博士学位.(我建议您将一个密码库与一个时间垫一起使用,而不仅仅是xor).
Also, cryptography is a very difficult science. Please use existing cryptographic library instead of inventing your own encryption (which is really a child's play). If you want to become a cryptographer, please get a PhD on that domain. (I do recommend using some cryptographic library with your one time pad, not just an xor).
这篇关于mlockall的这种用法正确吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
