Hi, I think it would make sense to mlock the variables dealing with the user's input in readpw(), to ensure secrets are not written to disk (sans hibernating).
That may include buf[32], passwd[256], ksym and ev. In which case the easiest way to do it would be to put them all in a struct and call: mlock(&secrets, sizeof(secrets)) /* in linux */ Apparently according to POSIX mlock(2) may fail if addr is not a multiple of PAGESIZE, so that would need to be handled as well: addr = (char *)((uintptr_t)&secrets & -sysconf(_SC_PAGESIZE)); len = (char *)(&secrets + 1) - addr; mlock(addr, len); -- Listeria
