openbsd-ports/security/gnupg/patches/patch-util_secmem_c

$OpenBSD: patch-util_secmem_c,v 1.2 2006/04/12 09:55:24 bernd Exp $
--- util/secmem.c.orig	Thu Dec  8 07:58:36 2005
+++ util/secmem.c	Fri Apr  7 18:28:39 2006
@@ -37,6 +37,9 @@
 #include <sys/lock.h>
 #endif
 #endif
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <uvm/uvm_swap_encrypt.h>
 
 #include "types.h"
 #include "memory.h"
@@ -92,11 +95,23 @@ static int suspend_warning;
 static void
 print_warn(void)
 {
-  if (!no_warning)
+  int	 mib[3], swapencrypt = 0;
+  size_t len;
+
+  mib[0] = CTL_VM;
+  mib[1] = VM_SWAPENCRYPT;
+  mib[2] = SWPENC_ENABLE;
+
+  len = sizeof(swapencrypt);
+
+  if (sysctl(mib, 3, &swapencrypt, &len, NULL, 0) == -1)
+    log_info("WARNING: Can't receive vm.swapencrypt.enable sysctl value\n");
+
+  if (!no_warning && !swapencrypt)
     {
-      log_info(_("WARNING: using insecure memory!\n"));
-      log_info(_("please see http://www.gnupg.org/faq.html"
-		 " for more information\n"));
+      log_info("WARNING: Using insecure memory!\n");
+      log_info("Please enable swap encryption via"
+		 " 'sysctl vm.swapencrypt.enable=1'.\n");
     }
 }