Locked::Storage - A locked in RAM memory region
use Locked::Storage; $a = new Locked::Storage $nPages; $a->store($data, $length); print $a->get(); $a->lockall(); $a->unlockall(); $a->dump();
Locked::Storage implements a set of calls to mlock(), munlock() mlockall() and munlockall().; On new() It allocates memory pages specified and will lock them, into RAM (preventing them from going to swap memory.).
Locked::Storage
This module was written for secure(ish) storage purposes like you would use in cryptographic routines particularly those manipulating private keys.
lockall/unlockall is available to lock the entire process instead of just a memory region however it could easily fail due system constraints so locking the region in the constructor is always enabled. unlockall will unlock the process and immediately relock the memory reserved in the constructor.
new
Creates and returns a new Locked::Storage object. $nPages specifies the number of pages to be allocated and locked on return.
store
Stores the data in the allocated storage of length. $data can be of any type, however it will be truncated at $length if the length is longer. If the storage is insufficient 0 (zero) will be returned, otherwise 1 (one) is returned.
get
Returns the data as a scalar string.
lockall
Will lock the entire process in RAM, on error will croak.
unlockall
Will unlock the process from RAM (if locked) and immediately relock the preallocted memory.
dump
Will return a hexdump of the memory allocated.
unlockall() known nothing of other mlock() calls except those in its own constructor, so if you have multiple instances and you call unlockall() it will unlock the regions in those instances and they will not be relocked. It is recommended that you either rely on lockall()/unlockall() or the internal locked storage but not both.
When using this module for cryptography you should undef everything in the same function if possible and overwrite each scalar immediately to prevent the memory being put back into the pool unwiped and therefore defeating the whole purpose of locking the sensitive data in memory.
Various failures in the C libraries are not checked. Particularly ENOMEM where there isn't enough system memory to allow the process or pages to be locked to RAM.
ENOMEM
Michelle Sullivan, cpan@sorbs.net
perl(1), mlock(2), munlock(2), munlockall(2), mlockall(2)
To install Locked::Storage, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Locked::Storage
CPAN shell
perl -MCPAN -e shell install Locked::Storage
For more information on module installation, please visit the detailed CPAN module installation guide.