From 795f2a55585313ce8b35b5373ffacf33ee8092dd Mon Sep 17 00:00:00 2001 From: Rob Bradford Date: Thu, 15 Dec 2022 15:42:19 +0000 Subject: [PATCH] vmm: memory_manager: Mark guest memory mappings as non-dumpable Including the guest RAM (or other mapped memory) in a coredump is not useful. See: #5014 Signed-off-by: Rob Bradford --- vmm/src/memory_manager.rs | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/vmm/src/memory_manager.rs b/vmm/src/memory_manager.rs index da42bbf97..c954f800c 100644 --- a/vmm/src/memory_manager.rs +++ b/vmm/src/memory_manager.rs @@ -1580,6 +1580,20 @@ impl MemoryManager { .create_user_memory_region(mem_region) .map_err(Error::CreateUserMemoryRegion)?; + // SAFETY: the address and size are valid since the + // mmap succeeded. + let ret = unsafe { + libc::madvise( + userspace_addr as *mut libc::c_void, + memory_size as libc::size_t, + libc::MADV_DONTDUMP, + ) + }; + if ret != 0 { + let e = io::Error::last_os_error(); + warn!("Failed to mark mappin as MADV_DONTDUMP: {}", e); + } + // Mark the pages as mergeable if explicitly asked for. if mergeable { // SAFETY: the address and size are valid since the