Re: [PATCH v3] mm: Add kvfree_sensitive() for freeing sensitive data objects

From: Matthew Wilcox
Date: Thu May 14 2020 - 08:00:31 EST


On Thu, May 14, 2020 at 09:00:40PM +1000, Balbir Singh wrote:
> I wonder if the right thing to do is also to disable pre-emption, just so that the thread does not linger on with sensitive data.
>
> void kvfree_sensitive(const void *addr, size_t len)
> {
> preempt_disable();
> if (likely(!ZERO_OR_NULL_PTR(addr))) {
> memzero_explicit((void *)addr, len);
> kvfree(addr);
> }
> preempt_enable();
> }
> EXPORT_SYMBOL(kvfree_sensitive);

If it's _that_ sensitive then the caller should have disabled preemption.
Because preemption could otherwise have occurred immediately before
kvfree_sensitive() was called.