aboutsummaryrefslogtreecommitdiff
path: root/src/support
Commit message (Collapse)AuthorAgeFilesLines
* Move Win32 defines to configure.ac to ensure they are globally definedLuke Dashjr2020-08-201-1/+0
| | | | common.vcxproj used for MSVC builds
* Limit scope of all global std::once_flagMarcoFalke2020-05-292-3/+2
|
* Merge #18443: lockedpool: avoid sensitive data in core files (FreeBSD)Wladimir J. van der Laan2020-05-041-1/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | f85203097f78d9daa1d35c4097a80beab31da2a4 lockedpool: avoid sensitive data in core files (FreeBSD) (Vasil Dimov) Pull request description: This is a followup to 23991ee53 / https://github.com/bitcoin/bitcoin/pull/15600 to also use madvise(2) on FreeBSD to avoid sensitive data allocated with secure_allocator ending up in core files in addition to preventing it from going to the swap. ACKs for top commit: sipa: ACK f85203097f78d9daa1d35c4097a80beab31da2a4 if someone verifies this works as intended on *BSD. laanwj: ACK f85203097f78d9daa1d35c4097a80beab31da2a4 practicalswift: Code-review ACK f85203097f78d9daa1d35c4097a80beab31da2a4 assuming a reviewer with FreeBSD access verifies that the PR goal is achieved :) Tree-SHA512: 2e6d4ab6a9fbe18732c8ba530eacc17f58128c97140758b80c905b5b838922a2bcaa5f9abc45ab69d5a1a2baa0cba322f006048b60a877228e089c7e64dadd2a
| * lockedpool: avoid sensitive data in core files (FreeBSD)Vasil Dimov2020-03-261-1/+3
| | | | | | | | | | | | | | | | This is a followup to 23991ee53 / https://github.com/bitcoin/bitcoin/pull/15600 to also use madvise(2) on FreeBSD to avoid sensitive data allocated with secure_allocator ending up in core files in addition to preventing it from going to the swap.
* | scripted-diff: Bump copyright headersMarcoFalke2020-04-161-1/+1
|/ | | | | | -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
* Merge #15600: lockedpool: When possible, use madvise to avoid including ↵Wladimir J. van der Laan2020-03-261-0/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | sensitive information in core dumps d831831822885717e9841f1ff67c19add566fa45 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr) Pull request description: If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~. The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure). ACKs for top commit: practicalswift: Code review ACK d831831822885717e9841f1ff67c19add566fa45 -- patch looks correct laanwj: ACK d831831822885717e9841f1ff67c19add566fa45 jonatack: ACK d831831822885717e9841f1ff67c19add566fa45 vasild: ACK d831831822885717e9841f1ff67c19add566fa45 Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
| * lockedpool: When possible, use madvise to avoid including sensitive ↵Luke Dashjr2020-03-041-0/+3
| | | | | | | | information in core dumps
* | scripted-diff: Bump copyright of files changed in 2019MarcoFalke2019-12-305-5/+5
| | | | | | | | | | | | -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
* | Fix segfault in allocator_tests/arena_testsJeffrey Czyz2019-11-161-1/+1
| | | | | | | | | | | | The test uses reinterpret_cast<void*> on unallocated memory. Using this memory in printchunk as char* causes a segfault, so have printchunk take void* instead.
* | Fix compilation errors in support/lockedpool.cppJeffrey Czyz2019-11-161-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | Changes in #12048 cause a compilation error in Arena::walk() when ARENA_DEBUG is defined. Specifically, Arena's chunks_free map was changed to have a different value type. Additionally, missing includes cause other compilation errors when ARENA_DEBUG is defined. Reproduced with: make CPPFLAGS=-DARENA_DEBUG
* | Improve documentation of memory_cleanse()Tim Ruffing2019-07-012-21/+14
| | | | | | | | | | | | | | | | | | | | | | | | So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments.
* | Clean up logic in memory_cleanse() for MSVCTim Ruffing2019-06-061-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Commit fbf327b13868861c2877c5754caf5a9816f2603c ("Minimal code changes to allow msvc compilation.") was indeed minimal in terms of lines touched. But as a result of that minimalism it changed the logic in memory_cleanse() to first call std::memset() and then additionally the MSVC-specific SecureZeroMemory() function, and it also moved a comment to the wrong location. This commit removes the superfluous call to std::memset() on MSVC and ensures that the comment is in the right position again.
* | windows: Set _WIN32_WINNT to 0x0601 (Windows 7)Chun Kuan Lee2019-01-231-4/+0
| | | | | | | | Also remove all defines in many places and define it in configure stage to keep consistency.
* | Fix out-of-bounds write in case of failing mmap(...) in ↵practicalswift2019-01-063-2/+9
| | | | | | | | PosixLockedPageAllocator::AllocateLocked
* | Fix typos reported by codespellpracticalswift2018-09-041-2/+2
|/
* Update copyright headers to 2018DrahtBot2018-07-277-7/+7
|
* Make it clear which functions that are intended to be translation unit localpracticalswift2018-05-031-1/+1
| | | | | Do not share functions that are meant to be translation unit local with other translation units. Use internal linkage for those consistently.
* Remove duplicate includespracticalswift2018-04-091-1/+0
|
* Merge #12859: Bugfix: Include <memory> for std::unique_ptrWladimir J. van der Laan2018-04-051-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | a5bca13 Bugfix: Include <memory> for std::unique_ptr (Luke Dashjr) Pull request description: Not sure why all these includes were missing, but it's breaking builds for some users: https://bugs.gentoo.org/show_bug.cgi?id=652142 (Added to all files with a reference to `std::unique_ptr`) Tree-SHA512: 8a2c67513ca07b9bb52c34e8a20b15e56f8af2530310d9ee9b0a69694dd05e02e7a3683f14101a2685d457672b56addec591a0bb83900a0eb8e2a43d43200509
| * Bugfix: Include <memory> for std::unique_ptrLuke Dashjr2018-04-021-0/+1
| |
* | Merge #12048: Use best-fit strategy in Arena, now O(log(n)) instead O(n)Wladimir J. van der Laan2018-03-222-30/+59
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5fbf7c4 fix nits: variable naming, typos (Martin Ankerl) 1e0ee90 Use best-fit strategy in Arena, now O(log(n)) instead O(n) (Martin Ankerl) Pull request description: This replaces the first-fit algorithm used in the Arena with a best-fit. According to "Dynamic Storage Allocation: A Survey and Critical Review", Wilson et. al. 1995, http://www.scs.stanford.edu/14wi-cs140/sched/readings/wilson.pdf, both startegies work well in practice. The advantage of using best-fit is that we can switch the O(n) allocation to O(log(n)). Additionally, some previously O(log(n)) operations are now O(1) operations by using hash maps. The end effect is that the benchmark runs about 2.5 times faster on my machine: # Benchmark, evals, iterations, total, min, max, median old: BenchLockedPool, 5, 530, 5.25749, 0.00196938, 0.00199755, 0.00198172 new: BenchLockedPool, 5, 1300, 5.11313, 0.000781493, 0.000793314, 0.00078606 I've run all unit tests and benchmarks, and increased the number of iterations so that BenchLockedPool takes about 5 seconds again. Tree-SHA512: 6551e384671f93f10c60df530a29a1954bd265cc305411f665a8756525e5afe2873a8032c797d00b6e8c07e16d9827465d0b662875433147381474a44119ccce
| * | fix nits: variable naming, typosMartin Ankerl2018-01-061-13/+13
| | |
| * | Use best-fit strategy in Arena, now O(log(n)) instead O(n)Martin Ankerl2017-12-292-30/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This replaces the first-fit algorithm used in the Arena with a best-fit. According to "Dynamic Storage Allocation: A Survey and Critical Review", Wilson et. al. 1995, http://www.scs.stanford.edu/14wi-cs140/sched/readings/wilson.pdf, both startegies work well in practice. The advantage of using best-fit is that we can switch the slow O(n) algorithm to O(log(n)) operations. Additionally, some previously O(log(n)) operations are now replaced with O(1) operations by using a hash map. The end effect is that the benchmark runs about 2.5 times faster on my machine: old: BenchLockedPool, 5, 530, 5.25749, 0.00196938, 0.00199755, 0.00198172 new: BenchLockedPool, 5, 1300, 5.11313, 0.000781493, 0.000793314, 0.00078606 I've run all unit tests and benchmarks.
* | | Fix typosDimitris Apostolou2018-03-211-1/+1
| |/ |/|
* | Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa2018-01-037-7/+7
|/
* Merge #11558: Minimal code changes to allow msvc compilationWladimir J. van der Laan2017-12-131-1/+5
|\ | | | | | | | | | | | | | | | | | | | | | | fbf327b Minimal code changes to allow msvc compilation. (Aaron Clauson) Pull request description: These changes are required to allow the Bitcoin source to build with Microsoft's C++ compiler (#11562 is also required). I looked around for a better place for the typedef of ssize_t which is in random.h. The best candidate looks like src/compat.h but I figured including that header in random.h is a bigger change than the typedef. Note that the same typedef is in at least two other places including the OpenSSL and Berkeley DB headers so some of the Bitcoin code already picks it up. Tree-SHA512: aa6cc6283015e08ab074641f9abdc116c4dc58574dc90f75e7a5af4cc82946d3052370e5cbe855fb6180c00f8dc66997d3724ff0412e4b7417e51b6602154825
| * Minimal code changes to allow msvc compilation.Aaron Clauson2017-11-101-1/+5
| |
* | scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider2017-11-164-7/+7
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
* Refactor: Modernize disallowed copy constructors/assignmentDan Raviv2017-09-161-6/+6
| | | | Use C++11's better capability of expressing an interface of a non-copyable class by publicly deleting its copy ctor and assignment operator instead of just declaring them private.
* Switch memory_cleanse implementation to BoringSSL's to ensure memory ↵Adam Langley2017-09-061-2/+28
| | | | | | | | | | clearing even with link-time optimization. The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency. Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible. BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f
* Declare single-argument (non-converting) constructors "explicit"practicalswift2017-08-161-2/+2
| | | | In order to avoid unintended implicit conversions.
* Use nullptr instead of zero (0) as the null pointer constantpracticalswift2017-08-161-1/+1
|
* Merge #10965: Replace deprecated throw() with noexcept specifier (C++11)MarcoFalke2017-08-162-8/+8
|\ | | | | | | | | | | | | | | | | | | 986255026 Use the noexcept specifier (C++11) instead of deprecated throw() (practicalswift) Pull request description: Use the `noexcept` specifier (C++11) instead of deprecated `throw()`. Tree-SHA512: cf9b6b18f61f2f59bbeceb2e43b5cd07a60f5e569c8def05c410cb72326d597c80cb731059969ef89fa5fddaae1242225886e6109fcb535c4ad62d56ebcdf1ea
| * Use the noexcept specifier (C++11) instead of deprecated throw()practicalswift2017-07-312-8/+8
| |
* | scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift2017-08-074-5/+5
|/ | | | | | | | | | | | | instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
* Use the override specifier (C++11) where we expect to be overriding the ↵practicalswift2017-06-281-6/+6
| | | | virtual function of a base class
* Merge #9517: [refactor] Switched httpserver.cpp to use RAII wrapped libevents.Wladimir J. van der Laan2017-06-221-5/+5
|\ | | | | | | | | | | | | 1ae86ec Changed event RAII helper functions to inline to deal with duplicate symbol linker errors. (Karl-Johan Alm) fd369d2 Switched httpserver.cpp to use RAII wrapped libevents. (Kalle Alm) Tree-SHA512: 877e431f211024d42a3b0800e860e02833398611433e8393f8d5d4970f47f4bd670b900443678c067fec110c087aaab7dc1981ccbf17f6057676fdbbda89aed9
| * Changed event RAII helper functions to inline to deal with duplicate symbol ↵Karl-Johan Alm2017-04-141-5/+5
| | | | | | | | linker errors.
* | [wallet] Securely erase potentially sensitive keys/valuesThomas Snider2017-05-031-0/+1
|/
* Merge #8808: Do not shadow variables (gcc set)Wladimir J. van der Laan2017-03-031-2/+2
|\ | | | | | | | | | | | | ad1ae7a Check and enable -Wshadow by default. (Pavel Janík) 9de90bb Do not shadow variables (gcc set) (Pavel Janík) Tree-SHA512: 9517feb423dc8ddd63896016b25324673bfbe0bffa97f22996f59d7a3fcbdc2ebf2e43ac02bc067546f54e293e9b2f2514be145f867321e9031f895c063d9fb8
| * Do not shadow variables (gcc set)Pavel Janík2016-12-051-2/+2
| |
* | Merge #9387: [Refactor] RAII of libevent stuff using unique ptrs with deletersWladimir J. van der Laan2017-01-051-0/+56
|\ \ | | | | | | | | | | | | | | | | | | 05a55a6 Added EVENT_CFLAGS to test makefile to explicitly include libevent headers. (Karl-Johan Alm) 280a559 Added some simple tests for the RAII-style events. (Karl-Johan Alm) 7f7f102 Switched bitcoin-cli.cpp to use RAII unique pointers with deleters. (Karl-Johan Alm) e5534d2 Added std::unique_ptr<> wrappers with deleters for libevent modules. (Karl-Johan Alm)
| * | Added some simple tests for the RAII-style events.Karl-Johan Alm2016-12-211-0/+1
| | |
| * | Added std::unique_ptr<> wrappers with deleters for libevent modules.Karl-Johan Alm2016-12-201-0/+55
| |/
* / Increment MIT Licence copyright header year on files modified in 2016isle29832016-12-311-1/+1
|/ | | | | | Edited via: $ contrib/devtools/copyright_header.py update .
* Fix some typosfsb40002016-11-281-1/+1
|
* LockedPool: avoid quadratic-time allocationKaz Wesley2016-11-022-88/+58
| | | | | Use separate maps for used/free chunks to avoid linear scan through alloced chunks for each alloc.
* LockedPool: fix explosion for illegal-sized allocKaz Wesley2016-11-021-0/+5
| | | | | | Check for unreasonable alloc size in LockedPool rather than lancing through new Arenas until we improbably find one worthy of the quixotic request or the system can support no more Arenas.
* Do not shadow variable, use deprecated MAP_ANON if MAP_ANONYMOUS is not defined.Pavel Janík2016-11-021-3/+10
|
* support: Add LockedPoolWladimir J. van der Laan2016-10-275-238/+638
| | | | | | | | | | | | | | Add a pool for locked memory chunks, replacing LockedPageManager. This is something I've been wanting to do for a long time. The current approach of locking objects where they happen to be on the stack or heap in-place causes a lot of mlock/munlock system call overhead, slowing down any handling of keys. Also locked memory is a limited resource on many operating systems (and using a lot of it bogs down the system), so the previous approach of locking every page that may contain any key information (but also other information) is wasteful.
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-31 05:05:55 +0000