diff --git a/src/tpm1x.hpp b/src/tpm1x.hpp
index bfbd43c..fb26110 100644
--- a/src/tpm1x.hpp
+++ b/src/tpm1x.hpp
@@ -9,6 +9,7 @@
 #include "main.hpp"
 
 #include <stdlib.h>
+#include <sys/mman.h>
 
 #include <tss/platform.h>
 #include <tss/tspi.h>
@@ -29,6 +30,9 @@ static const constexpr uint8_t parent_key_secret[TPM_SHA1_160_HASH_LEN]{0xCE, 0x
 
 template <class F>
 int with_tpm1x_session(F && func) {
+	mlockall(MCL_CURRENT | MCL_FUTURE);
+
+
 	TSS_HCONTEXT ctx{};  // All memory lives as long as this does
 	TRY_TPM1X("create TPM context", Tspi_Context_Create(&ctx));
 
diff --git a/src/tpm2.hpp b/src/tpm2.hpp
index 331bd64..0923097 100644
--- a/src/tpm2.hpp
+++ b/src/tpm2.hpp
@@ -9,6 +9,7 @@
 #include <tss2/tss2_common.h>
 #include <tss2/tss2_esys.h>
 #include <tss2/tss2_rc.h>
+#include <sys/mman.h>
 
 
 #define TRY_TPM2(what, ...) TRY_GENERIC(what, , != TPM2_RC_SUCCESS, _try_ret, __LINE__, Tss2_RC_Decode, __VA_ARGS__)
@@ -20,6 +21,8 @@ static const constexpr TPMT_SYM_DEF tpm2_session_key{.algorithm = TPM2_ALG_AES,
 
 template <class F>
 int with_tpm2_session(F && func) {
+	mlockall(MCL_CURRENT | MCL_FUTURE);
+
 	// https://trustedcomputinggroup.org/wp-content/uploads/TSS_ESAPI_v1p00_r05_pubrev.pdf
 	// mainly "3.4. The ESAPI Session" and "3.5. ESAPI Use Model"
 	// https://tpm2-tss.readthedocs.io/en/latest/group___e_s_y_s___c_o_n_t_e_x_t.html