Can PAX_MEMORY_SANITIZE replace memory erasure on shutdown?
grsec sanitizes all freed memory.
As explained in #7649-note_40, this breaks the tests that exercise our memory erasure on shutdown, but might actually allow us to drop that feature… which would be good given the lack of robustness it has historically had, that has even gotten worse recently.
So, is there anything that our current kexec-based
implementation
wipes, but that wouldn’t be erased by PAX_MEMORY_SANITIZE
?
Parent Task: #7649 (closed)
Related issues
- Related to #12397 (closed)
- Related to #12398 (closed)
Original created by @intrigeri on 12107 (Redmine)
Edited by intrigeri