Linux of equivalent CryptProtectMemory

Question

I am trying to secure my in-memory data against swap file reads when my process memory will be paged out.

I know CryptProtectMemory() in Windows SDK which can be used to encrypt memory buffers.

I couldn't find any such function on Linux, please let me know if anyone knows.

We can use mlock() so that memory is not paged out, but does that imply my secretes are secure?

Answer 1

The closest equivalent in Linux to CryptProtectMemory() is gcry_malloc_secure() in libgcrypt. The secure memory allocated will be locked in memory; gcry_free() will zeroize and deallocate it. Other crypto libraries have similar calls, for instance the template secure_vector in Botan.

Another approach is indeed to use the lower-level POSIX call mlock() on the whole buffer. The burden of zeroizing the buffer is with you though. You must manually call memset()) when the buffer is not used anymore or when your program terminates.

CryptProtectMemory() seems to do something slightly different than any of the two approaches above: it creates a small, random session key and uses it to encrypt the buffer. The benefit is that you only need to lock and finally zeroize only the very small page where the key resides, and not the whole buffer. That may make a difference if the buffer is very big. However, we will not be able to operate or process data in the buffer. There is also a small time window when secret data is swappable.