torproject · nmathewson · May 29, 2019 · May 29, 2019 · May 29, 2019 · May 29, 2019
diff --git a/changes/ticket30686 b/changes/ticket30686
@@ -0,0 +1,5 @@
+  o Minor features (logging):
+    - Give a more useful assertion failure message if we think we have
+      minherit() but we fail to make a region non-inheritable. Give a
+      compile-time warning if our support for minherit() is
+      incomplete. Closes ticket 30686.
diff --git a/src/lib/crypt_ops/crypto_rand_fast.c b/src/lib/crypt_ops/crypto_rand_fast.c
@@ -181,7 +181,11 @@ crypto_fast_rng_new_from_seed(const uint8_t *seed)
 #else
   /* We decided above that noinherit would always do _something_. Assert here
    * that we were correct. */
-  tor_assert(inherit != INHERIT_RES_KEEP);
+  tor_assertf(inherit != INHERIT_RES_KEEP,
+              "We failed to create a non-inheritable memory region, even "
+              "though we believed such a failure to be impossible! This is "
+              "probably a bug in Tor support for your platform; please report "
+              "it.");
 #endif
   return result;
 }

diff --git a/src/lib/malloc/map_anon.c b/src/lib/malloc/map_anon.c
@@ -70,6 +70,11 @@
 
 #endif
 
+#if defined(HAVE_MINHERIT) && !defined(FLAG_ZERO) && !defined(FLAG_NOINHERIT)
+#warn "minherit() is defined, but we couldn't find the right flag for it."
+#warn "This is probably a bug in Tor's support for this platform."
+#endif
+
 /**
  * Helper: try to prevent the <b>sz</b> bytes at <b>mem</b> from being swapped
  * to disk.  Return 0 on success or if the facility is not available on this