1 files changed, 650 insertions, 650 deletions
diff --git a/linden/indra/libgcrypt/libgcrypt-1.2.2/src/secmem.c b/linden/indra/libgcrypt/libgcrypt-1.2.2/src/secmem.c
index c70aca0..37b8bdd 100755..100644
--- a/linden/indra/libgcrypt/libgcrypt-1.2.2/src/secmem.c
+++ b/linden/indra/libgcrypt/libgcrypt-1.2.2/src/secmem.c
@@ -1,650 +1,650 @@
-/* secmem.c  -  memory allocation from a secure heap
+/* secmem.c  -  memory allocation from a secure heap
- * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
- *               2003 Free Software Foundation, Inc.
+ *               2003 Free Software Foundation, Inc.
- *
+ *
- * This file is part of Libgcrypt.
+ * This file is part of Libgcrypt.
- *
+ *
- * Libgcrypt is free software; you can redistribute it and/or modify
+ * Libgcrypt is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser general Public License as
+ * it under the terms of the GNU Lesser general Public License as
- * published by the Free Software Foundation; either version 2.1 of
+ * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
+ * the License, or (at your option) any later version.
- *
+ *
- * Libgcrypt is distributed in the hope that it will be useful,
+ * Libgcrypt is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
+ * GNU Lesser General Public License for more details.
- *
+ *
- * You should have received a copy of the GNU Lesser General Public
+ * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
+ * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
+ */
-#include <config.h>
+#include <config.h>
-#include <stdio.h>
+#include <stdio.h>
-#include <stdlib.h>
+#include <stdlib.h>
-#include <string.h>
+#include <string.h>
-#include <errno.h>
+#include <errno.h>
-#include <stdarg.h>
+#include <stdarg.h>
-#include <unistd.h>
+#include <unistd.h>
-#include <stddef.h>
+#include <stddef.h>
-#if defined(HAVE_MLOCK) || defined(HAVE_MMAP)
+#if defined(HAVE_MLOCK) || defined(HAVE_MMAP)
-#include <sys/mman.h>
+#include <sys/mman.h>
-#include <sys/types.h>
+#include <sys/types.h>
-#include <fcntl.h>
+#include <fcntl.h>
-#ifdef USE_CAPABILITIES
+#ifdef USE_CAPABILITIES
-#include <sys/capability.h>
+#include <sys/capability.h>
-#endif
+#endif
-#endif
+#endif
-#include "ath.h"
+#include "ath.h"
-#include "g10lib.h"
+#include "g10lib.h"
-#include "secmem.h"
+#include "secmem.h"
-#if defined (MAP_ANON) && ! defined (MAP_ANONYMOUS)
+#if defined (MAP_ANON) && ! defined (MAP_ANONYMOUS)
-#define MAP_ANONYMOUS MAP_ANON
+#define MAP_ANONYMOUS MAP_ANON
-#endif
+#endif
-#define DEFAULT_POOL_SIZE 16384
+#define DEFAULT_POOL_SIZE 16384
-#define DEFAULT_PAGE_SIZE 4096
+#define DEFAULT_PAGE_SIZE 4096
-typedef struct memblock
+typedef struct memblock
-{
+{
-  unsigned size;                /* Size of the memory available to the
+  unsigned size;                /* Size of the memory available to the
-                                   user.  */
+                                   user.  */
-  int flags;                    /* See below.  */
+  int flags;                    /* See below.  */
-  PROPERLY_ALIGNED_TYPE aligned;
+  PROPERLY_ALIGNED_TYPE aligned;
-} memblock_t;
+} memblock_t;
-/* This flag specifies that the memory block is in use.  */
+/* This flag specifies that the memory block is in use.  */
-#define MB_FLAG_ACTIVE 1 << 0
+#define MB_FLAG_ACTIVE 1 << 0
-/* The pool of secure memory.  */
+/* The pool of secure memory.  */
-static void *pool;
+static void *pool;
-/* Size of POOL in bytes.  */
+/* Size of POOL in bytes.  */
-static size_t pool_size;
+static size_t pool_size;
-/* True, if the memory pool is ready for use.  May be checked in an
+/* True, if the memory pool is ready for use.  May be checked in an
-   atexit function.  */
+   atexit function.  */
-static volatile int pool_okay;
+static volatile int pool_okay;
-/* True, if the memory pool is mmapped.  */
+/* True, if the memory pool is mmapped.  */
-static volatile int pool_is_mmapped;
+static volatile int pool_is_mmapped;
-/* FIXME?  */
+/* FIXME?  */
-static int disable_secmem;
+static int disable_secmem;
-static int show_warning;
+static int show_warning;
-static int no_warning;
+static int no_warning;
-static int suspend_warning;
+static int suspend_warning;
-/* Stats.  */
+/* Stats.  */
-static unsigned int cur_alloced, cur_blocks;
+static unsigned int cur_alloced, cur_blocks;
-/* Lock protecting accesses to the memory pool.  */
+/* Lock protecting accesses to the memory pool.  */
-static ath_mutex_t secmem_lock;
+static ath_mutex_t secmem_lock;
-/* Convenient macros.  */
+/* Convenient macros.  */
-#define SECMEM_LOCK   ath_mutex_lock   (&secmem_lock)
+#define SECMEM_LOCK   ath_mutex_lock   (&secmem_lock)
-#define SECMEM_UNLOCK ath_mutex_unlock (&secmem_lock)
+#define SECMEM_UNLOCK ath_mutex_unlock (&secmem_lock)
-/* The size of the memblock structure; this does not include the
+/* The size of the memblock structure; this does not include the
-   memory that is available to the user.  */
+   memory that is available to the user.  */
-#define BLOCK_HEAD_SIZE \
+#define BLOCK_HEAD_SIZE \
-  offsetof (memblock_t, aligned)
+  offsetof (memblock_t, aligned)
-/* Convert an address into the according memory block structure.  */
+/* Convert an address into the according memory block structure.  */
-#define ADDR_TO_BLOCK(addr) \
+#define ADDR_TO_BLOCK(addr) \
-  (memblock_t *) ((char *) addr - BLOCK_HEAD_SIZE)
+  (memblock_t *) ((char *) addr - BLOCK_HEAD_SIZE)
-/* Check wether MB is a valid block.  */
+/* Check wether MB is a valid block.  */
-#define BLOCK_VALID(mb) \
+#define BLOCK_VALID(mb) \
-  (((char *) mb - (char *) pool) < pool_size)
+  (((char *) mb - (char *) pool) < pool_size)
-/* Update the stats.  */
+/* Update the stats.  */
-static void
+static void
-stats_update (size_t add, size_t sub)
+stats_update (size_t add, size_t sub)
-{
+{
-  if (add)
+  if (add)
-    {
+    {
-      cur_alloced += add;
+      cur_alloced += add;
-      cur_blocks++;
+      cur_blocks++;
-    }
+    }
-  if (sub)
+  if (sub)
-    {
+    {
-      cur_alloced -= sub;
+      cur_alloced -= sub;
-      cur_blocks--;
+      cur_blocks--;
-    }
+    }
-}
+}
-/* Return the block following MB or NULL, if MB is the last block.  */
+/* Return the block following MB or NULL, if MB is the last block.  */
-static memblock_t *
+static memblock_t *
-mb_get_next (memblock_t *mb)
+mb_get_next (memblock_t *mb)
-{
+{
-  memblock_t *mb_next;
+  memblock_t *mb_next;
-  mb_next = (memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size);
+  mb_next = (memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size);
-  
+  
-  if (! BLOCK_VALID (mb_next))
+  if (! BLOCK_VALID (mb_next))
-    mb_next = NULL;
+    mb_next = NULL;
-  return mb_next;
+  return mb_next;
-}
+}
-/* Return the block preceeding MB or NULL, if MB is the first
+/* Return the block preceeding MB or NULL, if MB is the first
-   block.  */
+   block.  */
-static memblock_t *
+static memblock_t *
-mb_get_prev (memblock_t *mb)
+mb_get_prev (memblock_t *mb)
-{
+{
-  memblock_t *mb_prev, *mb_next;
+  memblock_t *mb_prev, *mb_next;
-  if (mb == pool)
+  if (mb == pool)
-    mb_prev = NULL;
+    mb_prev = NULL;
-  else
+  else
-    {
+    {
-      mb_prev = (memblock_t *) pool;
+      mb_prev = (memblock_t *) pool;
-      while (1)
+      while (1)
-        {
+        {
-          mb_next = mb_get_next (mb_prev);
+          mb_next = mb_get_next (mb_prev);
-          if (mb_next == mb)
+          if (mb_next == mb)
-            break;
+            break;
-          else
+          else
-            mb_prev = mb_next;
+            mb_prev = mb_next;
-        }
+        }
-    }
+    }
-  return mb_prev;
+  return mb_prev;
-}
+}
-/* If the preceeding block of MB and/or the following block of MB
+/* If the preceeding block of MB and/or the following block of MB
-   exist and are not active, merge them to form a bigger block.  */
+   exist and are not active, merge them to form a bigger block.  */
-static void
+static void
-mb_merge (memblock_t *mb)
+mb_merge (memblock_t *mb)
-{
+{
-  memblock_t *mb_prev, *mb_next;
+  memblock_t *mb_prev, *mb_next;
-  mb_prev = mb_get_prev (mb);
+  mb_prev = mb_get_prev (mb);
-  mb_next = mb_get_next (mb);
+  mb_next = mb_get_next (mb);
-  if (mb_prev && (! (mb_prev->flags & MB_FLAG_ACTIVE)))
+  if (mb_prev && (! (mb_prev->flags & MB_FLAG_ACTIVE)))
-    {
+    {
-      mb_prev->size += BLOCK_HEAD_SIZE + mb->size;
+      mb_prev->size += BLOCK_HEAD_SIZE + mb->size;
-      mb = mb_prev;
+      mb = mb_prev;
-    }
+    }
-  if (mb_next && (! (mb_next->flags & MB_FLAG_ACTIVE)))
+  if (mb_next && (! (mb_next->flags & MB_FLAG_ACTIVE)))
-    mb->size += BLOCK_HEAD_SIZE + mb_next->size;
+    mb->size += BLOCK_HEAD_SIZE + mb_next->size;
-}
+}
-/* Return a new block, which can hold SIZE bytes.  */
+/* Return a new block, which can hold SIZE bytes.  */
-static memblock_t *
+static memblock_t *
-mb_get_new (memblock_t *block, size_t size)
+mb_get_new (memblock_t *block, size_t size)
-{
+{
-  memblock_t *mb, *mb_split;
+  memblock_t *mb, *mb_split;
-  
+  
-  for (mb = block; BLOCK_VALID (mb); mb = mb_get_next (mb))
+  for (mb = block; BLOCK_VALID (mb); mb = mb_get_next (mb))
-    if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size)
+    if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size)
-      {
+      {
-        /* Found a free block.  */
+        /* Found a free block.  */
-        mb->flags |= MB_FLAG_ACTIVE;
+        mb->flags |= MB_FLAG_ACTIVE;
-        if (mb->size - size > BLOCK_HEAD_SIZE)
+        if (mb->size - size > BLOCK_HEAD_SIZE)
-          {
+          {
-            /* Split block.  */
+            /* Split block.  */
-          
+          
-            mb_split = (memblock_t *) (((char *) mb) + BLOCK_HEAD_SIZE + size);
+            mb_split = (memblock_t *) (((char *) mb) + BLOCK_HEAD_SIZE + size);
-            mb_split->size = mb->size - size - BLOCK_HEAD_SIZE;
+            mb_split->size = mb->size - size - BLOCK_HEAD_SIZE;
-            mb_split->flags = 0;
+            mb_split->flags = 0;
-            mb->size = size;
+            mb->size = size;
-            mb_merge (mb_split);
+            mb_merge (mb_split);
-          }
+          }
-        break;
+        break;
-      }
+      }
-  if (! BLOCK_VALID (mb))
+  if (! BLOCK_VALID (mb))
-    mb = NULL;
+    mb = NULL;
-  return mb;
+  return mb;
-}
+}
-/* Print a warning message.  */
+/* Print a warning message.  */
-static void
+static void
-print_warn (void)
+print_warn (void)
-{
+{
-  if (!no_warning)
+  if (!no_warning)
-    log_info (_("Warning: using insecure memory!\n"));
+    log_info (_("Warning: using insecure memory!\n"));
-}
+}
-/* Lock the memory pages into core and drop privileges.  */
+/* Lock the memory pages into core and drop privileges.  */
-static void
+static void
-lock_pool (void *p, size_t n)
+lock_pool (void *p, size_t n)
-{
+{
-#if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
+#if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
-  int err;
+  int err;
-  cap_set_proc (cap_from_text ("cap_ipc_lock+ep"));
+  cap_set_proc (cap_from_text ("cap_ipc_lock+ep"));
-  err = mlock (p, n);
+  err = mlock (p, n);
-  if (err && errno)
+  if (err && errno)
-    err = errno;
+    err = errno;
-  cap_set_proc (cap_from_text ("cap_ipc_lock+p"));
+  cap_set_proc (cap_from_text ("cap_ipc_lock+p"));
-  if (err)
+  if (err)
-    {
+    {
-      if (errno != EPERM
+      if (errno != EPERM
-#ifdef EAGAIN   /* OpenBSD returns this */
+#ifdef EAGAIN   /* OpenBSD returns this */
-          && errno != EAGAIN
+          && errno != EAGAIN
-#endif
+#endif
-#ifdef ENOSYS   /* Some SCOs return this (function not implemented) */
+#ifdef ENOSYS   /* Some SCOs return this (function not implemented) */
-          && errno != ENOSYS
+          && errno != ENOSYS
-#endif
+#endif
-#ifdef ENOMEM  /* Linux might return this. */
+#ifdef ENOMEM  /* Linux might return this. */
-            && errno != ENOMEM
+            && errno != ENOMEM
-#endif
+#endif
-          )
+          )
-        log_error ("can't lock memory: %s\n", strerror (err));
+        log_error ("can't lock memory: %s\n", strerror (err));
-      show_warning = 1;
+      show_warning = 1;
-    }
+    }
-#elif defined(HAVE_MLOCK)
+#elif defined(HAVE_MLOCK)
-  uid_t uid;
+  uid_t uid;
-  int err;
+  int err;
-  uid = getuid ();
+  uid = getuid ();
-#ifdef HAVE_BROKEN_MLOCK
+#ifdef HAVE_BROKEN_MLOCK
-  /* Under HP/UX mlock segfaults if called by non-root.  Note, we have
+  /* Under HP/UX mlock segfaults if called by non-root.  Note, we have
-     noch checked whether mlock does really work under AIX where we
+     noch checked whether mlock does really work under AIX where we
-     also detected a broken nlock.  Note further, that using plock ()
+     also detected a broken nlock.  Note further, that using plock ()
-     is not a good idea under AIX. */ 
+     is not a good idea under AIX. */ 
-  if (uid)
+  if (uid)
-    {
+    {
-      errno = EPERM;
+      errno = EPERM;
-      err = errno;
+      err = errno;
-    }
+    }
-  else
+  else
-    {
+    {
-      err = mlock (p, n);
+      err = mlock (p, n);
-      if (err && errno)
+      if (err && errno)
-        err = errno;
+        err = errno;
-    }
+    }
-#else /* !HAVE_BROKEN_MLOCK */
+#else /* !HAVE_BROKEN_MLOCK */
-  err = mlock (p, n);
+  err = mlock (p, n);
-  if (err && errno)
+  if (err && errno)
-    err = errno;
+    err = errno;
-#endif /* !HAVE_BROKEN_MLOCK */
+#endif /* !HAVE_BROKEN_MLOCK */
-  if (uid && ! geteuid ())
+  if (uid && ! geteuid ())
-    {
+    {
-      /* check that we really dropped the privs.
+      /* check that we really dropped the privs.
-       * Note: setuid(0) should always fail */
+       * Note: setuid(0) should always fail */
-      if (setuid (uid) || getuid () != geteuid () || !setuid (0))
+      if (setuid (uid) || getuid () != geteuid () || !setuid (0))
-        log_fatal ("failed to reset uid: %s\n", strerror (errno));
+        log_fatal ("failed to reset uid: %s\n", strerror (errno));
-    }
+    }
-  if (err)
+  if (err)
-    {
+    {
-      if (errno != EPERM
+      if (errno != EPERM
-#ifdef EAGAIN   /* OpenBSD returns this. */
+#ifdef EAGAIN   /* OpenBSD returns this. */
-          && errno != EAGAIN
+          && errno != EAGAIN
-#endif
+#endif
-#ifdef ENOSYS   /* Some SCOs return this (function not implemented). */
+#ifdef ENOSYS   /* Some SCOs return this (function not implemented). */
-          && errno != ENOSYS
+          && errno != ENOSYS
-#endif
+#endif
-#ifdef ENOMEM  /* Linux might return this. */
+#ifdef ENOMEM  /* Linux might return this. */
-            && errno != ENOMEM
+            && errno != ENOMEM
-#endif
+#endif
-          )
+          )
-        log_error ("can't lock memory: %s\n", strerror (err));
+        log_error ("can't lock memory: %s\n", strerror (err));
-      show_warning = 1;
+      show_warning = 1;
-    }
+    }
-#elif defined ( __QNX__ )
+#elif defined ( __QNX__ )
-  /* QNX does not page at all, so the whole secure memory stuff does
+  /* QNX does not page at all, so the whole secure memory stuff does
-   * not make much sense.  However it is still of use because it
+   * not make much sense.  However it is still of use because it
-   * wipes out the memory on a free().
+   * wipes out the memory on a free().
-   * Therefore it is sufficient to suppress the warning
+   * Therefore it is sufficient to suppress the warning
-   */
+   */
-#elif defined (HAVE_DOSISH_SYSTEM) || defined (__CYGWIN__)
+#elif defined (HAVE_DOSISH_SYSTEM) || defined (__CYGWIN__)
-    /* It does not make sense to print such a warning, given the fact that 
+    /* It does not make sense to print such a warning, given the fact that 
-     * this whole Windows !@#$% and their user base are inherently insecure
+     * this whole Windows !@#$% and their user base are inherently insecure
-     */
+     */
-#elif defined (__riscos__)
+#elif defined (__riscos__)
-    /* no virtual memory on RISC OS, so no pages are swapped to disc,
+    /* no virtual memory on RISC OS, so no pages are swapped to disc,
-     * besides we don't have mmap, so we don't use it! ;-)
+     * besides we don't have mmap, so we don't use it! ;-)
-     * But don't complain, as explained above.
+     * But don't complain, as explained above.
-     */
+     */
-#else
+#else
-  log_info ("Please note that you don't have secure memory on this system\n");
+  log_info ("Please note that you don't have secure memory on this system\n");
-#endif
+#endif
-}
+}
-/* Initialize POOL.  */
+/* Initialize POOL.  */
-static void
+static void
-init_pool (size_t n)
+init_pool (size_t n)
-{
+{
-  size_t pgsize;
+  size_t pgsize;
-  memblock_t *mb;
+  memblock_t *mb;
-  pool_size = n;
+  pool_size = n;
-  if (disable_secmem)
+  if (disable_secmem)
-    log_bug ("secure memory is disabled");
+    log_bug ("secure memory is disabled");
-#ifdef HAVE_GETPAGESIZE
+#ifdef HAVE_GETPAGESIZE
-  pgsize = getpagesize ();
+  pgsize = getpagesize ();
-#else
+#else
-  pgsize = DEFAULT_PAGE_SIZE;
+  pgsize = DEFAULT_PAGE_SIZE;
-#endif
+#endif
-#if HAVE_MMAP
+#if HAVE_MMAP
-  pool_size = (pool_size + pgsize - 1) & ~(pgsize - 1);
+  pool_size = (pool_size + pgsize - 1) & ~(pgsize - 1);
-#ifdef MAP_ANONYMOUS
+#ifdef MAP_ANONYMOUS
-  pool = mmap (0, pool_size, PROT_READ | PROT_WRITE,
+  pool = mmap (0, pool_size, PROT_READ | PROT_WRITE,
-               MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+               MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
-#else /* map /dev/zero instead */
+#else /* map /dev/zero instead */
-  {
+  {
-    int fd;
+    int fd;
-    fd = open ("/dev/zero", O_RDWR);
+    fd = open ("/dev/zero", O_RDWR);
-    if (fd == -1)
+    if (fd == -1)
-      {
+      {
-        log_error ("can't open /dev/zero: %s\n", strerror (errno));
+        log_error ("can't open /dev/zero: %s\n", strerror (errno));
-        pool = (void *) -1;
+        pool = (void *) -1;
-      }
+      }
-    else
+    else
-      {
+      {
-        pool = mmap (0, pool_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
+        pool = mmap (0, pool_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
-      }
+      }
-  }
+  }
-#endif
+#endif
-  if (pool == (void *) -1)
+  if (pool == (void *) -1)
-    log_info ("can't mmap pool of %u bytes: %s - using malloc\n",
+    log_info ("can't mmap pool of %u bytes: %s - using malloc\n",
-              (unsigned) pool_size, strerror (errno));
+              (unsigned) pool_size, strerror (errno));
-  else
+  else
-    {
+    {
-      pool_is_mmapped = 1;
+      pool_is_mmapped = 1;
-      pool_okay = 1;
+      pool_okay = 1;
-    }
+    }
-#endif
+#endif
-  if (!pool_okay)
+  if (!pool_okay)
-    {
+    {
-      pool = malloc (pool_size);
+      pool = malloc (pool_size);
-      if (!pool)
+      if (!pool)
-        log_fatal ("can't allocate memory pool of %u bytes\n",
+        log_fatal ("can't allocate memory pool of %u bytes\n",
-                   (unsigned) pool_size);
+                   (unsigned) pool_size);
-      else
+      else
-        pool_okay = 1;
+        pool_okay = 1;
-    }
+    }
-  /* Initialize first memory block.  */
+  /* Initialize first memory block.  */
-  mb = (memblock_t *) pool;
+  mb = (memblock_t *) pool;
-  mb->size = pool_size;
+  mb->size = pool_size;
-  mb->flags = 0;
+  mb->flags = 0;
-}
+}
-void
+void
-_gcry_secmem_set_flags (unsigned flags)
+_gcry_secmem_set_flags (unsigned flags)
-{
+{
-  int was_susp;
+  int was_susp;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  was_susp = suspend_warning;
+  was_susp = suspend_warning;
-  no_warning = flags & GCRY_SECMEM_FLAG_NO_WARNING;
+  no_warning = flags & GCRY_SECMEM_FLAG_NO_WARNING;
-  suspend_warning = flags & GCRY_SECMEM_FLAG_SUSPEND_WARNING;
+  suspend_warning = flags & GCRY_SECMEM_FLAG_SUSPEND_WARNING;
-  /* and now issue the warning if it is not longer suspended */
+  /* and now issue the warning if it is not longer suspended */
-  if (was_susp && !suspend_warning && show_warning)
+  if (was_susp && !suspend_warning && show_warning)
-    {
+    {
-      show_warning = 0;
+      show_warning = 0;
-      print_warn ();
+      print_warn ();
-    }
+    }
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-}
+}
-unsigned
+unsigned
-_gcry_secmem_get_flags (void)
+_gcry_secmem_get_flags (void)
-{
+{
-  unsigned flags;
+  unsigned flags;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  flags = no_warning ? GCRY_SECMEM_FLAG_NO_WARNING : 0;
+  flags = no_warning ? GCRY_SECMEM_FLAG_NO_WARNING : 0;
-  flags |= suspend_warning ? GCRY_SECMEM_FLAG_SUSPEND_WARNING : 0;
+  flags |= suspend_warning ? GCRY_SECMEM_FLAG_SUSPEND_WARNING : 0;
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-  return flags;
+  return flags;
-}
+}
-/* Initialize the secure memory system.  If running with the necessary
+/* Initialize the secure memory system.  If running with the necessary
-   privileges, the secure memory pool will be locked into the core in
+   privileges, the secure memory pool will be locked into the core in
-   order to prevent page-outs of the data.  Furthermore allocated
+   order to prevent page-outs of the data.  Furthermore allocated
-   secure memory will be wiped out when released.  */
+   secure memory will be wiped out when released.  */
-void
+void
-_gcry_secmem_init (size_t n)
+_gcry_secmem_init (size_t n)
-{
+{
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  if (!n)
+  if (!n)
-    {
+    {
-#ifdef USE_CAPABILITIES
+#ifdef USE_CAPABILITIES
-      /* drop all capabilities */
+      /* drop all capabilities */
-      cap_set_proc (cap_from_text ("all-eip"));
+      cap_set_proc (cap_from_text ("all-eip"));
-#elif !defined(HAVE_DOSISH_SYSTEM)
+#elif !defined(HAVE_DOSISH_SYSTEM)
-      uid_t uid;
+      uid_t uid;
-      disable_secmem = 1;
+      disable_secmem = 1;
-      uid = getuid ();
+      uid = getuid ();
-      if (uid != geteuid ())
+      if (uid != geteuid ())
-        {
+        {
-          if (setuid (uid) || getuid () != geteuid () || !setuid (0))
+          if (setuid (uid) || getuid () != geteuid () || !setuid (0))
-            log_fatal ("failed to drop setuid\n");
+            log_fatal ("failed to drop setuid\n");
-        }
+        }
-#endif
+#endif
-    }
+    }
-  else
+  else
-    {
+    {
-      if (n < DEFAULT_POOL_SIZE)
+      if (n < DEFAULT_POOL_SIZE)
-        n = DEFAULT_POOL_SIZE;
+        n = DEFAULT_POOL_SIZE;
-      if (! pool_okay)
+      if (! pool_okay)
-        {
+        {
-          init_pool (n);
+          init_pool (n);
-          lock_pool (pool, n);
+          lock_pool (pool, n);
-        }
+        }
-      else
+      else
-        log_error ("Oops, secure memory pool already initialized\n");
+        log_error ("Oops, secure memory pool already initialized\n");
-    }
+    }
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-}
+}
-static void *
+static void *
-_gcry_secmem_malloc_internal (size_t size)
+_gcry_secmem_malloc_internal (size_t size)
-{
+{
-  memblock_t *mb;
+  memblock_t *mb;
-  if (!pool_okay)
+  if (!pool_okay)
-    {
+    {
-      log_info (_
+      log_info (_
-        ("operation is not possible without initialized secure memory\n"));
+        ("operation is not possible without initialized secure memory\n"));
-      exit (2);
+      exit (2);
-    }
+    }
-  if (show_warning && !suspend_warning)
+  if (show_warning && !suspend_warning)
-    {
+    {
-      show_warning = 0;
+      show_warning = 0;
-      print_warn ();
+      print_warn ();
-    }
+    }
-  /* Blocks are always a multiple of 32. */
+  /* Blocks are always a multiple of 32. */
-  size = ((size + 31) / 32) * 32;
+  size = ((size + 31) / 32) * 32;
-  mb = mb_get_new ((memblock_t *) pool, size);
+  mb = mb_get_new ((memblock_t *) pool, size);
-  if (mb)
+  if (mb)
-    stats_update (size, 0);
+    stats_update (size, 0);
-  return mb ? &mb->aligned.c : NULL;
+  return mb ? &mb->aligned.c : NULL;
-}
+}
-void *
+void *
-_gcry_secmem_malloc (size_t size)
+_gcry_secmem_malloc (size_t size)
-{
+{
-  void *p;
+  void *p;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  p = _gcry_secmem_malloc_internal (size);
+  p = _gcry_secmem_malloc_internal (size);
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-  
+  
-  return p;
+  return p;
-}
+}
-static void
+static void
-_gcry_secmem_free_internal (void *a)
+_gcry_secmem_free_internal (void *a)
-{
+{
-  memblock_t *mb;
+  memblock_t *mb;
-  int size;
+  int size;
-  if (!a)
+  if (!a)
-    return;
+    return;
-  mb = ADDR_TO_BLOCK (a);
+  mb = ADDR_TO_BLOCK (a);
-  size = mb->size;
+  size = mb->size;
-  /* This does not make much sense: probably this memory is held in the
+  /* This does not make much sense: probably this memory is held in the
-   * cache. We do it anyway: */
+   * cache. We do it anyway: */
-#define MB_WIPE_OUT(byte) \
+#define MB_WIPE_OUT(byte) \
-  memset ((memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE), (byte), size);
+  memset ((memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE), (byte), size);
-  MB_WIPE_OUT (0xff);
+  MB_WIPE_OUT (0xff);
-  MB_WIPE_OUT (0xaa);
+  MB_WIPE_OUT (0xaa);
-  MB_WIPE_OUT (0x55);
+  MB_WIPE_OUT (0x55);
-  MB_WIPE_OUT (0x00);
+  MB_WIPE_OUT (0x00);
-  stats_update (0, size);
+  stats_update (0, size);
-  mb->flags &= ~MB_FLAG_ACTIVE;
+  mb->flags &= ~MB_FLAG_ACTIVE;
-  /* Update stats.  */
+  /* Update stats.  */
-  mb_merge (mb);
+  mb_merge (mb);
-}
+}
-/* Wipe out and release memory.  */
+/* Wipe out and release memory.  */
-void
+void
-_gcry_secmem_free (void *a)
+_gcry_secmem_free (void *a)
-{
+{
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  _gcry_secmem_free_internal (a);
+  _gcry_secmem_free_internal (a);
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-}
+}
-/* Realloc memory.  */
+/* Realloc memory.  */
-void *
+void *
-_gcry_secmem_realloc (void *p, size_t newsize)
+_gcry_secmem_realloc (void *p, size_t newsize)
-{
+{
-  memblock_t *mb;
+  memblock_t *mb;
-  size_t size;
+  size_t size;
-  void *a;
+  void *a;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  mb = (memblock_t *) ((char *) p - ((size_t) &((memblock_t *) 0)->aligned.c));
+  mb = (memblock_t *) ((char *) p - ((size_t) &((memblock_t *) 0)->aligned.c));
-  size = mb->size;
+  size = mb->size;
-  if (newsize < size)
+  if (newsize < size)
-    {
+    {
-      /* It is easier to not shrink the memory.  */
+      /* It is easier to not shrink the memory.  */
-      a = p;
+      a = p;
-    }
+    }
-  else
+  else
-    {
+    {
-      a = _gcry_secmem_malloc_internal (newsize);
+      a = _gcry_secmem_malloc_internal (newsize);
-      if (a)
+      if (a)
-        {
+        {
-          memcpy (a, p, size);
+          memcpy (a, p, size);
-          memset ((char *) a + size, 0, newsize - size);
+          memset ((char *) a + size, 0, newsize - size);
-          _gcry_secmem_free_internal (p);
+          _gcry_secmem_free_internal (p);
-        }
+        }
-    }
+    }
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-  return a;
+  return a;
-}
+}
-int
+int
-_gcry_private_is_secure (const void *p)
+_gcry_private_is_secure (const void *p)
-{
+{
-  int ret = 0;
+  int ret = 0;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  if (pool_okay && BLOCK_VALID (ADDR_TO_BLOCK (p)))
+  if (pool_okay && BLOCK_VALID (ADDR_TO_BLOCK (p)))
-    ret = 1;
+    ret = 1;
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-  return ret;
+  return ret;
-}
+}
-/****************
+/****************
- * Warning:  This code might be called by an interrupt handler
+ * Warning:  This code might be called by an interrupt handler
- *           and frankly, there should really be such a handler,
+ *           and frankly, there should really be such a handler,
- *           to make sure that the memory is wiped out.
+ *           to make sure that the memory is wiped out.
- *           We hope that the OS wipes out mlocked memory after
+ *           We hope that the OS wipes out mlocked memory after
- *           receiving a SIGKILL - it really should do so, otherwise
+ *           receiving a SIGKILL - it really should do so, otherwise
- *           there is no chance to get the secure memory cleaned.
+ *           there is no chance to get the secure memory cleaned.
- */
+ */
-void
+void
-_gcry_secmem_term ()
+_gcry_secmem_term ()
-{
+{
-  if (!pool_okay)
+  if (!pool_okay)
-    return;
+    return;
-  wipememory2 (pool, 0xff, pool_size);
+  wipememory2 (pool, 0xff, pool_size);
-  wipememory2 (pool, 0xaa, pool_size);
+  wipememory2 (pool, 0xaa, pool_size);
-  wipememory2 (pool, 0x55, pool_size);
+  wipememory2 (pool, 0x55, pool_size);
-  wipememory2 (pool, 0x00, pool_size);
+  wipememory2 (pool, 0x00, pool_size);
-#if HAVE_MMAP
+#if HAVE_MMAP
-  if (pool_is_mmapped)
+  if (pool_is_mmapped)
-    munmap (pool, pool_size);
+    munmap (pool, pool_size);
-#endif
+#endif
-  pool = NULL;
+  pool = NULL;
-  pool_okay = 0;
+  pool_okay = 0;
-  pool_size = 0;
+  pool_size = 0;
-}
+}
-void
+void
-_gcry_secmem_dump_stats ()
+_gcry_secmem_dump_stats ()
-{
+{
-#if 1 
+#if 1 
-  SECMEM_LOCK;
+  SECMEM_LOCK;
- if (pool_okay)
+ if (pool_okay)
-    log_info ("secmem usage: %u/%lu bytes in %u blocks\n",
+    log_info ("secmem usage: %u/%lu bytes in %u blocks\n",
-              cur_alloced, (unsigned long)pool_size, cur_blocks);
+              cur_alloced, (unsigned long)pool_size, cur_blocks);
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-#else
+#else
-  memblock_t *mb;
+  memblock_t *mb;
-  int i;
+  int i;
-  SECMEM_LOCK;
+  SECMEM_LOCK;
-  for (i = 0, mb = (memblock_t *) pool;
+  for (i = 0, mb = (memblock_t *) pool;
-       BLOCK_VALID (mb);
+       BLOCK_VALID (mb);
-       mb = mb_get_next (mb), i++)
+       mb = mb_get_next (mb), i++)
-    log_info ("SECMEM: [%s] block: %i; size: %i\n",
+    log_info ("SECMEM: [%s] block: %i; size: %i\n",
-              (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free",
+              (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free",
-              i,
+              i,
-              mb->size);
+              mb->size);
-  SECMEM_UNLOCK;
+  SECMEM_UNLOCK;
-#endif
+#endif
-}
+}