[PATCH 1/3] mm: security: introduce the init_allocations=1 boot option
Dave Hansen
dave.hansen at intel.com
Thu Apr 18 16:35:32 UTC 2019
On 4/18/19 8:42 AM, Alexander Potapenko wrote:
> This option adds the possibility to initialize newly allocated pages and
> heap objects with zeroes. This is needed to prevent possible information
> leaks and make the control-flow bugs that depend on uninitialized values
> more deterministic.
Isn't it better to do this at free time rather than allocation time? If
doing it at free, you can't even have information leaks for pages that
are in the allocator.
More information about the Linux-security-module-archive
mailing list