[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Oct 22 02:12:53 UTC 2020


The branch master has been updated
       via  f31ac320012c9aa1540034288ea94f6c80924aa3 (commit)
      from  0934cf4834059cf2d6e3b7e4106d5e04f50ed7f5 (commit)


- Log -----------------------------------------------------------------
commit f31ac320012c9aa1540034288ea94f6c80924aa3
Author: Jeremiah Gowdy <jeremiah at gowdy.me>
Date:   Sun Oct 18 14:12:35 2020 -0700

    Implement OpenSSL secure memory for Windows
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/13172)

-----------------------------------------------------------------------

Summary of changes:
 crypto/mem_sec.c | 50 +++++++++++++++++++++++++++++++++++++++++++++-----
 e_os.h           |  9 +++++----
 2 files changed, 50 insertions(+), 9 deletions(-)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index ddc0a370e6..ee3750725c 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -21,11 +21,18 @@
 #include <string.h>
 
 #ifndef OPENSSL_NO_SECURE_MEMORY
+# if defined(_WIN32)
+#  include <windows.h>
+# endif
 # include <stdlib.h>
 # include <assert.h>
-# include <unistd.h>
+# if defined(OPENSSL_SYS_UNIX)
+#  include <unistd.h>
+# endif
 # include <sys/types.h>
-# include <sys/mman.h>
+# if defined(OPENSSL_SYS_UNIX)
+#  include <sys/mman.h>
+# endif
 # if defined(OPENSSL_SYS_LINUX)
 #  include <sys/syscall.h>
 #  if defined(SYS_mlock2)
@@ -375,6 +382,10 @@ static int sh_init(size_t size, size_t minsize)
     size_t i;
     size_t pgsize;
     size_t aligned;
+#if defined(_WIN32)
+    DWORD flOldProtect;
+    SYSTEM_INFO systemInfo;
+#endif
 
     memset(&sh, 0, sizeof(sh));
 
@@ -446,15 +457,19 @@ static int sh_init(size_t size, size_t minsize)
         else
             pgsize = (size_t)tmppgsize;
     }
+#elif defined(_WIN32)
+    GetSystemInfo(&systemInfo);
+    pgsize = (size_t)systemInfo.dwPageSize;
 #else
     pgsize = PAGE_SIZE;
 #endif
     sh.map_size = pgsize + sh.arena_size + pgsize;
 
-#ifdef MAP_ANON
+#if !defined(_WIN32)
+# ifdef MAP_ANON
     sh.map_result = mmap(NULL, sh.map_size,
                          PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0);
-#else
+# else
     {
         int fd;
 
@@ -465,9 +480,16 @@ static int sh_init(size_t size, size_t minsize)
             close(fd);
         }
     }
-#endif
+# endif
     if (sh.map_result == MAP_FAILED)
         goto err;
+#else
+    sh.map_result = VirtualAlloc(NULL, sh.map_size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
+
+    if (sh.map_result == NULL)
+            goto err;
+#endif
+
     sh.arena = (char *)(sh.map_result + pgsize);
     sh_setbit(sh.arena, 0, sh.bittable);
     sh_add_to_list(&sh.freelist[0], sh.arena);
@@ -475,14 +497,24 @@ static int sh_init(size_t size, size_t minsize)
     /* Now try to add guard pages and lock into memory. */
     ret = 1;
 
+#if !defined(_WIN32)
     /* Starting guard is already aligned from mmap. */
     if (mprotect(sh.map_result, pgsize, PROT_NONE) < 0)
         ret = 2;
+#else
+    if (VirtualProtect(sh.map_result, pgsize, PAGE_NOACCESS, &flOldProtect) == FALSE)
+        ret = 2;
+#endif
 
     /* Ending guard page - need to round up to page boundary */
     aligned = (pgsize + sh.arena_size + (pgsize - 1)) & ~(pgsize - 1);
+#if !defined(_WIN32)
     if (mprotect(sh.map_result + aligned, pgsize, PROT_NONE) < 0)
         ret = 2;
+#else
+    if (VirtualProtect(sh.map_result + aligned, pgsize, PAGE_NOACCESS, &flOldProtect) == FALSE)
+        ret = 2;
+#endif
 
 #if defined(OPENSSL_SYS_LINUX) && defined(MLOCK_ONFAULT) && defined(SYS_mlock2)
     if (syscall(SYS_mlock2, sh.arena, sh.arena_size, MLOCK_ONFAULT) < 0) {
@@ -493,6 +525,9 @@ static int sh_init(size_t size, size_t minsize)
             ret = 2;
         }
     }
+#elif defined(_WIN32)
+    if (VirtualLock(sh.arena, sh.arena_size) == FALSE)
+        ret = 2;
 #else
     if (mlock(sh.arena, sh.arena_size) < 0)
         ret = 2;
@@ -514,8 +549,13 @@ static void sh_done(void)
     OPENSSL_free(sh.freelist);
     OPENSSL_free(sh.bittable);
     OPENSSL_free(sh.bitmalloc);
+#if !defined(_WIN32)
     if (sh.map_result != MAP_FAILED && sh.map_size)
         munmap(sh.map_result, sh.map_size);
+#else
+    if (sh.map_result != NULL && sh.map_size)
+        VirtualFree(sh.map_result, 0, MEM_RELEASE);
+#endif
     memset(&sh, 0, sizeof(sh));
 }
 
diff --git a/e_os.h b/e_os.h
index 979be9b2b1..3e7a13f94d 100644
--- a/e_os.h
+++ b/e_os.h
@@ -359,10 +359,11 @@ inline int nssgetpid();
 
 # ifndef OPENSSL_NO_SECURE_MEMORY
    /* unistd.h defines _POSIX_VERSION */
-#  if defined(OPENSSL_SYS_UNIX) \
-      && ( (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L)      \
-           || defined(__sun) || defined(__hpux) || defined(__sgi)      \
-           || defined(__osf__) )
+#  if (defined(OPENSSL_SYS_UNIX) \
+        && ( (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L)      \
+             || defined(__sun) || defined(__hpux) || defined(__sgi)      \
+             || defined(__osf__) )) \
+      || defined(_WIN32)
       /* secure memory is implemented */
 #   else
 #     define OPENSSL_NO_SECURE_MEMORY


More information about the openssl-commits mailing list