sec_mem: add note about the minimum size parameter.

author Pauli <paul.dale@oracle.com>

Sat, 22 Feb 2020 00:35:26 +0000 (10:35 +1000)

committer Pauli <paul.dale@oracle.com>

Wed, 26 Feb 2020 05:36:27 +0000 (15:36 +1000)
author Pauli <paul.dale@oracle.com>
Sat, 22 Feb 2020 00:35:26 +0000 (10:35 +1000)
committer Pauli <paul.dale@oracle.com>
Wed, 26 Feb 2020 05:36:27 +0000 (15:36 +1000)
diff --git a/doc/man3/OPENSSL_secure_malloc.pod b/doc/man3/OPENSSL_secure_malloc.pod

index e47dfd673a26e64674d02a671cd566765cad1de8..67a34eb809d095ade4c295d77ebc8f897fd2acb9 100644 (file)
--- a/doc/man3/OPENSSL_secure_malloc.pod
+++ b/doc/man3/OPENSSL_secure_malloc.pod
@@ -53,8 +53,10 @@ put all intermediate values and computations there.
  
  CRYPTO_secure_malloc_init() creates the secure heap, with the specified
  C<size> in bytes. The C<minsize> parameter is the minimum size to
-allocate from the heap. Both C<size> and C<minsize> must be a power
-of two.
+allocate from the heap or zero to use a reasonable default value.
+Both C<size> and, if specified, C<minsize> must be a power of two and
+C<minsize> should generally be small, for example 16 or 32.
+C<minsize> must be less than a quarter of C<size> in any case.
  
  CRYPTO_secure_malloc_initialized() indicates whether or not the secure
  heap as been initialized and is available.
author	Pauli <paul.dale@oracle.com>
	Sat, 22 Feb 2020 00:35:26 +0000 (10:35 +1000)
committer	Pauli <paul.dale@oracle.com>
	Wed, 26 Feb 2020 05:36:27 +0000 (15:36 +1000)