From 4ea2d674c88d908435ecc6f2004d9d326365ccbb Mon Sep 17 00:00:00 2001 From: Mitchell Hashimoto Date: Mon, 27 Apr 2015 16:40:14 -0700 Subject: [PATCH] vault: ability to toggle mlock on core --- vault/core.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/vault/core.go b/vault/core.go index bad3bccac1..a86dcc3a0c 100644 --- a/vault/core.go +++ b/vault/core.go @@ -198,6 +198,7 @@ type CoreConfig struct { Physical physical.Backend Logger *log.Logger DisableCache bool // Disables the LRU cache on the physical backend + DisableMlock bool // Disables mlock syscall CacheSize int // Custom cache size of zero for default AdvertiseAddr string // Set as the leader address for HA } @@ -223,9 +224,11 @@ func NewCore(conf *CoreConfig) (*Core, error) { } } - // Ensure our memory usage is locked into physical RAM - if err := LockMemory(); err != nil { - return nil, fmt.Errorf("failed to lock memory: %v", err) + if !conf.DisableMlock { + // Ensure our memory usage is locked into physical RAM + if err := LockMemory(); err != nil { + return nil, fmt.Errorf("failed to lock memory: %v", err) + } } // Construct a new AES-GCM barrier