Manolo on Mon, 10 Sep 2012 21:22:23 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Cleaning the pari-stack

2012/9/10 Karim Belabas <>:
> * Manolo [2012-09-10 18:18]:
>> (But the size variable (avma-bot) gives the size of stack in "long"
>> type words, isn't it? It should be multiply by "sizeof(pari_sp)" or
>> "sizeof(long)", I guess.)
> Hum, don't think so.
> avma and bot are absolute adresses (not pointers to SOME_TYPE), so their
> difference is a number of chars, and not to be multiplied by sizeof(SOME_TYPE).
> Anyway, just try and check :-)

Checked as you said. Apparently it works;-) I mean, there is no crash...

2012/9/10 Bill Allombert <>:

> If you look a crypto application like gpg (GNU Privacy Gard), you will see
> that it disable core dump using setrlimit() and that sensitive data are stored
> in a dedicated memory pool which is locked in RAM using the mlock() system call
> (or the MAP_LOCKED mmap flag) which forbid the kernel to write the data to the
> swap device. This prevents the data to be on the hard disk after a power loss
> for example.

Yes, you are right. In fact, this matter of locked memory and so on is
in my list of thinks-to-learn about programming crypto. So, thanks for
the tip!

After a quick oversee, perhaps a good beginning is simply set the
following command after pari initialization:

mlock((void*)bot, avma - bot);

Thanks for your help, Bill, Karim!

Manuel Pancorbo Castro