Can PAX_MEMORY_SANITIZE replace memory erasure on shutdown?

grsec sanitizes all freed memory.

As explained in #7649-note_40, this breaks the tests that exercise our memory erasure on shutdown, but might actually allow us to drop that feature… which would be good given the lack of robustness it has historically had, that has even gotten worse recently.

So, is there anything that our current kexec-based implementation wipes, but that wouldn’t be erased by PAX_MEMORY_SANITIZE?

Parent Task: #7649 (closed)

Related issues

Related to #12397 (closed)
Related to #12398 (closed)

Original created by @intrigeri on 12107 (Redmine)

Edited Nov 22, 2019 by intrigeri

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information