Re: [patch 0/8] kzfree()
From: Pekka Enberg
Date: Mon Feb 16 2009 - 15:03:19 EST
Hi Andrew,
Andrew Morton wrote:
On Mon, 16 Feb 2009 15:29:26 +0100 Johannes Weiner <hannes@xxxxxxxxxxx> wrote:
This series introduces kzfree() and converts callsites which do
memset() + kfree() explicitely.
I dunno, this looks like putting lipstick on a pig.
What is the point in zeroing memory just before freeing it? afacit
this is always done as a poor-man's poisoning operation.
I think they do it as security paranoia to make sure other callers don't
accidentally see parts of crypto keys, passwords, and such. So I don't
think we can just get rid of the memsets.
Pekka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/