path: root/security/apparmor/domain.c
diff options
authorWaiman Long <>2020-08-06 23:18:13 -0700
committerLinus Torvalds <>2020-08-07 11:33:22 -0700
commit453431a54934d917153c65211b2dabf45562ca88 (patch)
treee9672e7fb28f59331ff00fe6197360d703cbd9c3 /security/apparmor/domain.c
parent57c720d4144a9c2b88105c3e8f7b0e97e4b5cc93 (diff)
mm, treewide: rename kzfree() to kfree_sensitive()
As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [ fs/crypto/inline_crypt.c needs linux/slab.h] [ fix fs/crypto/inline_crypt.c some more] Suggested-by: Joe Perches <> Signed-off-by: Waiman Long <> Signed-off-by: Andrew Morton <> Acked-by: David Howells <> Acked-by: Michal Hocko <> Acked-by: Johannes Weiner <> Cc: Jarkko Sakkinen <> Cc: James Morris <> Cc: "Serge E. Hallyn" <> Cc: Joe Perches <> Cc: Matthew Wilcox <> Cc: David Rientjes <> Cc: Dan Carpenter <> Cc: "Jason A . Donenfeld" <> Link: Signed-off-by: Linus Torvalds <>
Diffstat (limited to 'security/apparmor/domain.c')
1 files changed, 2 insertions, 2 deletions
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 1c898055a476..7b0e13ce7dc7 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -40,8 +40,8 @@ void aa_free_domain_entries(struct aa_domain *domain)
for (i = 0; i < domain->size; i++)
- kzfree(domain->table[i]);
- kzfree(domain->table);
+ kfree_sensitive(domain->table[i]);
+ kfree_sensitive(domain->table);
domain->table = NULL;