I don't think GCC has figured out how to optimize the memset() away, but they might eventually so let's future proof this code a bit. Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index d7a4969b2dd3..4fb315cddf5b 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -985,7 +985,7 @@ static void encrypted_destroy(struct key *key) if (!epayload) return; - memset(epayload->decrypted_data, 0, epayload->decrypted_datalen); + memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen); kfree(key->payload.data[0]); } -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
