Re: [PATCH v3] mm: Add kvfree_sensitive() for freeing sensitive data objects

[Matthew Wilcox]

On Thu, May 14, 2020 at 09:00:40PM +1000, Balbir Singh wrote:
> I wonder if the right thing to do is also to disable pre-emption, just so that the thread does not linger on with sensitive data.
> 
> void kvfree_sensitive(const void *addr, size_t len)
> {
> 	preempt_disable();
> 	if (likely(!ZERO_OR_NULL_PTR(addr))) {
> 		memzero_explicit((void *)addr, len);
> 		kvfree(addr);
> 	}
> 	preempt_enable();
> }
> EXPORT_SYMBOL(kvfree_sensitive);

If it's _that_ sensitive then the caller should have disabled preemption.
Because preemption could otherwise have occurred immediately before
kvfree_sensitive() was called.