On Fri, Oct 23, 2020 at 08:56:04AM -0700, Eric Biggers wrote: > > When clearing memory because "it may be sensitive" rather than "it's needed for > the code to behave correctly", I think it's best to use memzero_explicit() to > make the intent clear, even if it seems that memset() is sufficient. Also keep > in mind that support for compiling the kernel with LTO (link-time optimization) > is being worked on (and some people already do it), which results in more code > being optimized out. The rule up until now has been that we only use memzero_explicit for stack variables. At this point please don't convert anything else as it will cause too much churn. If LTO did arrive we should do a global conversion. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
