-
These options are "aimed at preventing possible information leaks and making the control-flow bugs that depend on uninitialized values more deterministic"¹. All kmalloc()s effectively become kzalloc()s and all kfree()s effectively become kzfree()s². In passing, apart of the defense-in-depth security benefits intended by the authors of this Linux feature, init_on_free=1 may ensure we clean more kernel memory at shutdown time. Benchmarks show: * a negligible performance hit with init_on_alloc=1 * a 7-25% performance hit with init_on_free=1 Let's see if/how this affects our use cases. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6471384af2a6530696fc0203bafe4de41a23c9ef [2] https://outflux.net/blog/archives/2019/11/14/security-things-in-linux-v5-3/
360a8abc