Lib.rs

โ€บ Memory management
#memory #security #intrinsics #drop #featuring #allocation #secbits

secbits

A library for secure memory handling featuring

Owned by zhanjh.

4 releases

Uses new Rust 2024

new 0.1.3 May 5, 2025
0.1.2 May 5, 2025
0.1.1 May 5, 2025
0.1.0 May 5, 2025

#162 in Memory management

Download history

61 downloads per month

MIT license

18KB
324 lines

SecBits

A Rust library for secure memory handling featuring:

  • ๐Ÿ”’ Memory locking (mlock/madvise)
  • ๐Ÿ›ก๏ธ Configurable protection modes (RW/RO/NOACCESS)
  • ๐Ÿงผ Secure zeroing with platform-specific intrinsics
  • ๐Ÿ—‘๏ธ Automatic memory wiping on drop
  • ๐Ÿ“ Page-aligned allocations

Use Case: Sensitive data handling (cryptographic keys, passwords, PII)

Quick Start

use secbits::SecBytes;

fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Create secure storage
    let mut secret = SecBytes::new("my_secret".as_bytes().to_vec())?;

    // Store sensitive data (source gets zeroed)
    secret.append(b"extra data".to_vec())?;

    // Read access
    {
        let view = secret.read()?;
        assert_eq!(view.as_slice(), b"my_secretextra data");
    } // drop view

    // Write access (exclusive)
    {
        let mut edit = secret.write()?;
        edit.as_slice()[..3].copy_from_slice(b"NEW");
    } // drop edit

    println!("{:?}", std::str::from_utf8(secret.read()?.as_slice()));
    assert_eq!(secret.read()?.as_slice(), b"NEWsecretextra data");

    Ok(())
} // Memory automatically unlocked and zeroed here

Major Components

1. SecMem Core

struct SecMem {
    ptr: NonNull<u8>,
    cap: usize,      
    layout: Layout,  
}

Key Features:

  • ๐Ÿ“ Page-Aligned Allocations: Always uses system page size multiples
  • ๐Ÿ” Memory Locking:
    • mlock() prevents swapping to disk
    • madvise(MADV_DONTDUMP) excludes from core dumps
  • ๐Ÿ›ก๏ธ Protection Modes:
    • ProtectionMode::None - No access (default)
    • ProtectionMode::Read - Read-only
    • ProtectionMode::ReadWrite - Read-write
  • โ˜ ๏ธ Secure Drop:
    • Set memory to RW mode
    • Zero using platform-secure methods
    • Unlock and deallocate

2. SecBytes Buffer

struct SecBytes {
    mem: SecMem,         
    len: usize,          
    reader_count: AtomicUsize,
}

Key Features:

  • ๐Ÿ“ˆ Dynamic Resizing: Maintains 2x growth factor
  • ๐Ÿ‘€ Access Views:
    • SecReadBytes: Shared read access (RO mode)
    • SecWriteBytes: Exclusive write access (RW mode)
  • ๐Ÿงต Concurrency Safety:
    • Multiple readers allowed
    • Writers get exclusive access via &mut

Key Tricks

1. Safe Memory Management

// Always use RAII guards
{
    let view = secret.read()?;  // Auto sets RO
    // use view...
} // Auto resets to NOACCESS

2. Secure Data Handling

// Source data gets zeroed automatically
secret.append(&mut sensitive_data)?;

๐Ÿ”’ Security Considerations

Guarantees

  • ๐Ÿ›ก๏ธ Memory never swapped to disk (mlock)
  • ๐Ÿšซ Sensitive data excluded from core dumps
  • ๐Ÿ•ต๏ธโ™‚๏ธ Defeats heap inspection attacks
  • ๐Ÿง  Prevents compiler optimizations from skipping zeroing

Limitations

  • โš ๏ธ Requires CAP_IPC_LOCK on Linux (or root)
  • ๐Ÿ’พ Physical memory still potentially recoverable
  • ๐Ÿ”Œ Doesn't protect against hardware attacks

Dependencies

~3โ€“5MB
~86K SLoC