From 08e578c421de767b4a16403d880597d7aac0a6e5 Mon Sep 17 00:00:00 2001
From: Colm MacCarthaigh <colm@allcosts.net>
Date: Fri, 27 Jun 2014 22:12:25 -0700
Subject: [PATCH] Don't include locked memory in coredumps

Linux 3.4+ supports a DONTDUMP advisory, which prevents memory
from being included in coredumps.
---
 src/libsodium/sodium/utils.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/libsodium/sodium/utils.c b/src/libsodium/sodium/utils.c
index fbccfbb5..2c574c49 100644
--- a/src/libsodium/sodium/utils.c
+++ b/src/libsodium/sodium/utils.c
@@ -169,6 +169,9 @@ sodium_hex2bin(unsigned char * const bin, const size_t bin_maxlen,
 int
 sodium_mlock(void * const addr, const size_t len)
 {
+#ifdef MADV_DONTDUMP
+    (void) madvise(addr, len, MADV_DONTDUMP);
+#endif
 #ifdef HAVE_MLOCK
     return mlock(addr, len);
 #elif defined(HAVE_VIRTUALLOCK)
@@ -183,6 +186,9 @@ int
 sodium_munlock(void * const addr, const size_t len)
 {
     sodium_memzero(addr, len);
+#ifdef MADV_DODUMP
+    (void) madvise(addr, len, MADV_DODUMP);
+#endif
 #ifdef HAVE_MLOCK
     return munlock(addr, len);
 #elif defined(HAVE_VIRTUALLOCK)