Implements:
- An additional allocator to use memfd_secret(2) and guard pages using mmap(2), implemented in quininer/memsec#16
- An allocator that abstracts away underlying allocators, and uses specified allocator set by rosenpass_secret_memory::policy functions (or a function that sets rosenpass_secret_memory::alloc::ALLOC_INIT
- Updates to tests- integration, fuzz, bench: some tests use procspawn to spawn multiple processes with different allocator policies
Dynamically dispatch WireguardBrokerMio trait in AppServer. Also allows for mio event registration and poll processing, logic from dev/broker-architecture branch
Co-authored-by: Prabhpreet Dua <615318+prabhpreet@users.noreply.github.com>
Co-authored-by: Karolin Varner <karo@cupdev.net>
When creating secret keys or use the out file feature, the material
shouldn't be readble to everyone by default.
Fix: #260
Signed-off-by: Paul Spooren <mail@aparcar.org>
The new secret memory pool was causing CI failures in the fuzzing code,
due to the fuzzer compiling its binaries with memory sanitizer support.
https://doc.rust-lang.org/beta/unstable-book/compiler-flags/sanitizer.html
Using lazy_static was – intentionally – introducing a memory leak, but the
LeakSanitizer detected this and raised an error.
Now by using thread_local we are calling the destructors and so – while still being a
memory leak in practice – the LeakSanitizer no longer detects this behaviour as an error.
Alternatively we could have used a known-leaks list with the leak-sanitizer, but this would have increased the complexity of the build setup.
Finally, this was likely triggered with the migration to memsec, because libsodium circumvents the malloc/free calls,
relying on direct calls to MMAP.
