相当于CryptProtectMemory的Linux [英] Linux of equivalent CryptProtectMemory

问题描述

当进程内存将被调出时，我试图保护我的内存数据不被交换文件读取.

I am trying to secure my in-memory data against swap file reads when my process memory will be paged out.

我知道Windows SDK中的CryptProtectMemory()可用于加密内存缓冲区.

I know CryptProtectMemory() in Windows SDK which can be used to encrypt memory buffers.

我在Linux上找不到任何这样的功能，如果有人知道，请告诉我.

I couldn't find any such function on Linux, please let me know if anyone knows.

我们可以使用mlock()来使内存不被调出，但这是否意味着我的秘密是安全的?

We can use mlock() so that memory is not paged out, but does that imply my secretes are secure?

推荐答案

在Linux中与CryptProtectMemory()最接近的等效项是 secure_vector .

The closest equivalent in Linux to CryptProtectMemory() is gcry_malloc_secure() in libgcrypt. The secure memory allocated will be locked in memory; gcry_free() will zeroize and deallocate it. Other crypto libraries have similar calls, for instance the template secure_vector in Botan.

另一种方法确实是使用较低级别的POSIX调用 mlock()在整个缓冲区上.但是，将缓冲区归零的负担却在您身上.当不再使用缓冲区时，您必须手动调用 memset())或程序终止时.

Another approach is indeed to use the lower-level POSIX call mlock() on the whole buffer. The burden of zeroizing the buffer is with you though. You must manually call memset()) when the buffer is not used anymore or when your program terminates.

CryptProtectMemory()似乎与上述两种方法中的任何一种稍有不同:它创建了一个小的随机会话密钥，并使用它来加密缓冲区.好处是您只需要锁定并最终仅将密钥所在的非常小的页面(而不是整个缓冲区)清零.如果缓冲区很大，那可能会有所不同.但是，我们将无法操作或处理缓冲区中的数据.可交换机密数据的时间窗口也很小.

CryptProtectMemory() seems to do something slightly different than any of the two approaches above: it creates a small, random session key and uses it to encrypt the buffer. The benefit is that you only need to lock and finally zeroize only the very small page where the key resides, and not the whole buffer. That may make a difference if the buffer is very big. However, we will not be able to operate or process data in the buffer. There is also a small time window when secret data is swappable.

这篇关于相当于CryptProtectMemory的Linux的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！