From 0cdcd1d1ad8ec4c107cc09850456d44eea9f3d20 Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <dborkman@redhat.com>
Date: Thu, 11 Apr 2013 15:37:33 +0200
Subject: netsniff-ng: mlock: only lock current and future pages when root

When we're still root, we tell the kernel to lock/protect all current
and future pages in memory so that they will not be swapped out in
case the system uses up too much. Now when we do xzmalloc_aligned(),
it calls internally posix_memalign() that can call mmap(2), thus we
will get an EAGAIN as errno, since we're not root anymore and since
we wanted to touch sth. that belongs to root. Nasty. Fix this up by
only protecting these pages when we do not use -u/-g.

Reported-by: Doug Burks <doug.burks@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
 netsniff-ng.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/netsniff-ng.c b/netsniff-ng.c
index 25f59ac..c1e0d26 100644
--- a/netsniff-ng.c
+++ b/netsniff-ng.c
@@ -1384,11 +1384,13 @@ int main(int argc, char **argv)
 	init_geoip(0);
 	if (setsockmem)
 		set_system_socket_memory(vals, array_size(vals));
-	xlockme();
+	if (!ctx.enforce)
+		xlockme();
 
 	main_loop(&ctx);
 
-	xunlockme();
+	if (!ctx.enforce)
+		xunlockme();
 	if (setsockmem)
 		reset_system_socket_memory(vals, array_size(vals));
 	destroy_geoip();
-- 
cgit v1.2.3-54-g00ecf