Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects

From: Linus Torvalds
Date: Mon Apr 06 2020 - 13:26:59 EST

Next message: AurÃlien Aptel: "Re: [PATCH] cifs: Allocate crypto structures on the fly for calculating signatures of incoming packets"
Previous message: Matthew Wilcox: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
In reply to: Matthew Wilcox: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Next in thread: David Howells: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 6, 2020 at 10:12 AM Joe Perches <joe@xxxxxxxxxxx> wrote:
>
> Add yet another alloc flag like __GFP_SENSITIVE
> and have kfree operate on that and not have a
> kfree_sensitive at all.

That sounds potentially sensible. Maybe even a SLAB_SENSITIVE to mark
a whole slab cache sensitive for kmem_cache_create().

I'm not sure how controlled the allocations are, though. The
allocations that get used for keys etc might come from outside the
crypto layer.

Linus

Next message: AurÃlien Aptel: "Re: [PATCH] cifs: Allocate crypto structures on the fly for calculating signatures of incoming packets"
Previous message: Matthew Wilcox: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
In reply to: Matthew Wilcox: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Next in thread: David Howells: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]