bridge: use mlockall(2) to prevent pages from being swapped out
The extra capability is harmless and is, at worst, a DoS risk.
ghstack-source-id: d30b50dbca
Pull Request resolved: https://github.com/certusone/wormhole/pull/55
This commit is contained in:
parent
f872d0be44
commit
509d9c3d73
|
@ -7,10 +7,12 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
_ "net/http/pprof"
|
_ "net/http/pprof"
|
||||||
"os"
|
"os"
|
||||||
|
"syscall"
|
||||||
|
|
||||||
eth_common "github.com/ethereum/go-ethereum/common"
|
eth_common "github.com/ethereum/go-ethereum/common"
|
||||||
"github.com/libp2p/go-libp2p-core/peer"
|
"github.com/libp2p/go-libp2p-core/peer"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
"golang.org/x/sys/unix"
|
||||||
|
|
||||||
"github.com/certusone/wormhole/bridge/pkg/common"
|
"github.com/certusone/wormhole/bridge/pkg/common"
|
||||||
"github.com/certusone/wormhole/bridge/pkg/devnet"
|
"github.com/certusone/wormhole/bridge/pkg/devnet"
|
||||||
|
@ -87,6 +89,15 @@ func main() {
|
||||||
fmt.Print(devwarning)
|
fmt.Print(devwarning)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Lock current and future pages in memory to protect secret keys from being swapped out to disk.
|
||||||
|
// It's possible (and strongly recommended) to deploy Wormhole such that keys are only ever
|
||||||
|
// stored in memory and never touch the disk. This is a privileged operation and requires CAP_IPC_LOCK.
|
||||||
|
err := unix.Mlockall(syscall.MCL_CURRENT | syscall.MCL_FUTURE)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("Failed to lock memory: %v (CAP_IPC_LOCK missing?)\n", err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
// Set up logging. The go-log zap wrapper that libp2p uses is compatible with our
|
// Set up logging. The go-log zap wrapper that libp2p uses is compatible with our
|
||||||
// usage of zap in supervisor, which is nice.
|
// usage of zap in supervisor, which is nice.
|
||||||
lvl, err := ipfslog.LevelFromString(*logLevel)
|
lvl, err := ipfslog.LevelFromString(*logLevel)
|
||||||
|
|
|
@ -63,6 +63,11 @@ spec:
|
||||||
- -unsafeDevMode
|
- -unsafeDevMode
|
||||||
# - -logLevel
|
# - -logLevel
|
||||||
# - debug
|
# - debug
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
# required for syscall.Mlockall
|
||||||
|
- IPC_LOCK
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8999
|
- containerPort: 8999
|
||||||
name: p2p
|
name: p2p
|
||||||
|
|
Loading…
Reference in New Issue