On Wed, Jun 05, 2019 at 11:26:03AM -0700, Matthew Garrett wrote: > Any further feedback on this? Does it seem conceptually useful? Hi! I love this patch, and I think it can nicely combine with Alexander's init_on_alloc/free series[1]. One thing I'd like to see changed is that the DONTWIPE call should wipe the memory. That way, there is no need to "trust" child behavior. The only way out of the WIPE flag is that the memory gets wiped. [1] https://patchwork.kernel.org/patch/10967023/ -- Kees Cook
