Would it make sense to implement a kernel option that would clear kernel memory before freeing it (by kfree or free_page(s))?
Unless I'm missing something, uncleared memory previously used for
kernel allocations could later be recycled for user allocations, making
it possible for a user program to access sensitive driver data if it's
Tough clearing memory should be efficient (thanks to the use of
memset(), optimized for each platform), there would of course be a
significant performance hit. However, this could be acceptable for
systems with strong security requirements...
What do you think? If this idea makes sense, I'll be glad to help in
implementing it.
