Re: [PATCH v2] mm: Add kvfree_sensitive() for freeing sensitive data objects
From: Joe Perches
Date: Mon Apr 06 2020 - 15:40:22 EST
On Mon, 2020-04-06 at 14:58 -0400, Waiman Long wrote:
> For kvmalloc'ed data object that contains sensitive information like
> cryptographic key, we need to make sure that the buffer is always
> cleared before freeing it. Using memset() alone for buffer clearing may
> not provide certainty as the compiler may compile it away. To be sure,
> the special memzero_explicit() has to be used.
[]
> extern void kvfree(const void *addr);
> +extern void kvfree_sensitive(const void *addr, size_t len);
Question: why should this be const?
2.1.44 changed kfree(void *) to kfree(const void *) but
I didn't find a particular reason why.