awnumar
commented
6 months ago It is unfortunate that the implementation currently relies on package-level global variables. It would be better if everything was scoped to individual memguard.Instance things that stored their own state about what Buffers exist, what the Coffer key is, etc. And then perhaps also a single thread-safe global list of these instances for the purposes of cleaning up at program termination.
This would be a breaking change though (which should be okay to make for the time being given we are pre-v1). But for the time being it's probably easier to go with your other suggestion of using a sync.Once on the first usage of a Coffer.
I've seen suggestions in the past of having an environment variable to turn off memory locking, or detecting the ability to lock at runtime, but these are somewhat more complicated routes too.
srebhan
When using memguard in Telegraf we also need to support constraint environments without memory-locking or memory-protection capabilities (e.g. containers, cloud environments or certain architectures). To do so we switch between an implementation using memguard and one without.
However, because memguard initializes some parts in
init()functions (e.g. here) we will require the capabilities mentioned above even without using the functionality as-soon-as we are importing the package. This makes it impossible to switch between a non-protected and protected solution during runtime.Instead we should initialize the required parts either explicitly (requiring a v2 as it is a breaking change) or by using
sync.Onceat the first use of the functionality.I'm willing to contribute a PR if there is an agreement on the way forward.