On Fri, Sep 01, 2023 at 02:55:17PM +0200, Alexander Potapenko wrote: > A draft implementation at > https://github.com/ramosian-glider/linux/commit/00791be14eb1113eae615c74b652f94b5cc3c336 > (which probably does not apply anymore) may give some insight into how > this is supposed to work. > There's plenty of room for bikeshedding here (does the command-line > flag opt-in or opt-out? should we use function names instead of some > "keys"? can we allow overriding every allocation site without the need > for alloc_pages_uninit()?), but if the overall scheme is viable I can > probably proceed with an RFC. This is my preferred direction to go with this idea (though I agree some internals could be partially whitelisted: the "dup" functions need to wipe the trailing rounded-up bucket size bytes still). -- Kees Cook
