Hi,

Can you perform any performance benchmarks to see how much this impacts IPsec and IPS throughput?

-Michael

> On 14 Apr 2020, at 15:32, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> This is already active on i586 and prevents information leaks from freed
> data.
> 
> Cc: Arne Fitzenreiter <arne.fitzenreiter(a)ipfire.org>
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> config/kernel/kernel.config.x86_64-ipfire | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
> index b16d13504..f6819859d 100644
> --- a/config/kernel/kernel.config.x86_64-ipfire
> +++ b/config/kernel/kernel.config.x86_64-ipfire
> @@ -6387,7 +6387,9 @@ CONFIG_DEBUG_KERNEL=y
> #
> # CONFIG_PAGE_EXTENSION is not set
> # CONFIG_DEBUG_PAGEALLOC is not set
> -# CONFIG_PAGE_POISONING is not set
> +CONFIG_PAGE_POISONING=y
> +# CONFIG_PAGE_POISONING_NO_SANITY is not set
> +CONFIG_PAGE_POISONING_ZERO=y
> # CONFIG_DEBUG_PAGE_REF is not set
> # CONFIG_DEBUG_RODATA_TEST is not set
> # CONFIG_DEBUG_OBJECTS is not set
> -- 
> 2.16.4