From 13dc8eb90067f3aae45269214978e552400d5e28 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Tue, 4 Mar 2025 13:01:56 -0800 Subject: [PATCH] fscrypt: mention init_on_free instead of page poisoning Page poisoning is an older debug option. The modern way to initialize memory on free for security reasons is to set init_on_free=1. Link: https://lore.kernel.org/r/20250304210156.14912-1-ebiggers@kernel.org Signed-off-by: Eric Biggers --- Documentation/filesystems/fscrypt.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 004f7fa48a46..e80329908549 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -137,9 +137,8 @@ However, these ioctls have some limitations: - In general, decrypted contents and filenames in the kernel VFS caches are freed but not wiped. Therefore, portions thereof may be recoverable from freed memory, even after the corresponding key(s) - were wiped. To partially solve this, you can set - CONFIG_PAGE_POISONING=y in your kernel config and add page_poison=1 - to your kernel command line. However, this has a performance cost. + were wiped. To partially solve this, you can add init_on_free=1 to + your kernel command line. However, this has a performance cost. - Secret keys might still exist in CPU registers, in crypto accelerator hardware (if used by the crypto API to implement any of -- 2.50.1