NAME

Locked::Storage - A locked in RAM memory region

SYNOPSIS

use Locked::Storage;

$a = new Locked::Storage $nPages;

$a->store($data, $length);
print $a->get();

$a->lockall();
$a->unlockall();

$a->dump();

DESCRIPTION

Locked::Storage implements a set of calls to mlock(), munlock() mlockall() and munlockall().; On new() It allocates memory pages specified and will lock them, into RAM (preventing them from going to swap memory.).

This module was written for secure(ish) storage purposes like you would use in cryptographic routines particularly those manipulating private keys.

lockall/unlockall is available to lock the entire process instead of just a memory region however it could easily fail due system constraints so locking the region in the constructor is always enabled. unlockall will unlock the process and immediately relock the memory reserved in the constructor.

METHODS

$a = new Locked::Storage $nPages: Creates and returns a new Locked::Storage object. $nPages specifies the number of pages to be allocated and locked on return.
$a->store($data, $length): Stores the data in the allocated storage of length. $data can be of any type, however it will be truncated at $length if the length is longer. If the storage is insufficient 0 (zero) will be returned, otherwise 1 (one) is returned.
$a->get(): Returns the data as a scalar string.
$a->lockall(): Will lock the entire process in RAM, on error will croak.
$a->unlockall(): Will unlock the process from RAM (if locked) and immediately relock the preallocted memory.
$a->dump(): Will return a hexdump of the memory allocated.

WARNING

unlockall() known nothing of other mlock() calls except those in its own constructor, so if you have multiple instances and you call unlockall() it will unlock the regions in those instances and they will not be relocked. It is recommended that you either rely on lockall()/unlockall() or the internal locked storage but not both.

When using this module for cryptography you should undef everything in the same function if possible and overwrite each scalar immediately to prevent the memory being put back into the pool unwiped and therefore defeating the whole purpose of locking the sensitive data in memory.

BUGS

Various failures in the C libraries are not checked. Particularly ENOMEM where there isn't enough system memory to allow the process or pages to be locked to RAM.

AUTHOR

Michelle Sullivan, cpan@sorbs.net

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)