Re: [PATCH v2] mm: Add kvfree_sensitive() for freeing sensitive data objects
From: Waiman Long
Date: Mon Apr 06 2020 - 22:16:19 EST
On 4/6/20 3:38 PM, Joe Perches wrote:
> On Mon, 2020-04-06 at 14:58 -0400, Waiman Long wrote:
>> For kvmalloc'ed data object that contains sensitive information like
>> cryptographic key, we need to make sure that the buffer is always
>> cleared before freeing it. Using memset() alone for buffer clearing may
>> not provide certainty as the compiler may compile it away. To be sure,
>> the special memzero_explicit() has to be used.
> []
>> extern void kvfree(const void *addr);
>> +extern void kvfree_sensitive(const void *addr, size_t len);
> Question: why should this be const?
>
> 2.1.44 changed kfree(void *) to kfree(const void *) but
> I didn't find a particular reason why.
I am just following the function prototype used by kvfree(). Even
kzfree(const void *) use const. I can remove "const" if others agree.
Cheers,
Longman