Can PAX_MEMORY_SANITIZE replace memory erasure on shutdown?
Originally created by @intrigeri on #12107 (Redmine)
grsec sanitizes all freed memory.
As explained in #7649 (comment 100453), this breaks the tests that exercise our memory erasure on shutdown, but might actually allow us to drop that feature… which would be good given the lack of robustness it has historically had, that has even gotten worse recently.
So, is there anything that our current kexec-based
implementation
wipes, but that wouldn’t be erased by PAX_MEMORY_SANITIZE
?
Parent Task: #7649 (closed)
Related issues
- Related to #12397 (closed)
- Related to #12398 (closed)
Edited by intrigeri