shithub: riscv

Download patch

ref: 60b1a2f82dc96b254d6dec1bfd1c14ca056c21dd
parent: bd43bd6f1ae1b1ec7ee6873d9fd6766b049802e9
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sat Apr 8 16:30:47 EDT 2023

kernel: Clear secrets on reboot

The idea is that when we reboot, we zero out
memory written by processes that have the private
flag set (such as factotum and keyfs), and also
clear the secrmem pool, which contains TLS keys
and the state of the random number generator.

This is so the newly booted kernel or firmware
will not find these secret keys in memory.