From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B04AC5AE59 for ; Thu, 5 Jun 2025 20:15:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D4BF46B0096; Thu, 5 Jun 2025 16:15:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CD37C6B00A0; Thu, 5 Jun 2025 16:15:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BC41E6B00D1; Thu, 5 Jun 2025 16:15:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 93DF06B0096 for ; Thu, 5 Jun 2025 16:15:36 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 19BDE16123F for ; Thu, 5 Jun 2025 20:15:36 +0000 (UTC) X-FDA: 83522452272.09.630816D Received: from tor.source.kernel.org (tor.source.kernel.org [172.105.4.254]) by imf21.hostedemail.com (Postfix) with ESMTP id 83FA31C0011 for ; Thu, 5 Jun 2025 20:15:34 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="dTKr/Yt2"; spf=pass (imf21.hostedemail.com: domain of kees@kernel.org designates 172.105.4.254 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1749154534; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KnBxcCd+hQzD5bTJRCqpdswEHNzUr8AHyjDmVdxaSMU=; b=maBL55AuXkgulCZzqGrMSjnpr8y9b1OGKn42ZoCrboe4bpszq9M5F3EH8CUcNJX5P9kmyb IhDXgnBUSu+LlQW0qtxjyAfDLHSOIK6L/Vnu4qO/6qBu7Acol/lnJUJFAf4RxtZlC7F1zS vjpAFD1l0uxx5yBmz6wlVc7TFUSd0LY= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="dTKr/Yt2"; spf=pass (imf21.hostedemail.com: domain of kees@kernel.org designates 172.105.4.254 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1749154534; a=rsa-sha256; cv=none; b=ILnq58kVSZADsln9FCUb+UZhZS/XolRpnwXsweWOzApHonZJTBrrUubWTJvzKJJp5CiQwm /rXmWr0S2VAxC6U0uE5wpaGdXwcmLKPJ1d+xGR59HeHPSzBGVavQHhdLhPtklHbSnWPt7M cP8DQYLnoWOlywz1t+aqKYaXrQwPmF8= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by tor.source.kernel.org (Postfix) with ESMTP id 91CA1629D1; Thu, 5 Jun 2025 20:15:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 371BAC4CEE7; Thu, 5 Jun 2025 20:15:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1749154533; bh=IYT1CcO4LBvLg1Erh1PUlzPXoV02ZdFG//4pEvVZEPE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dTKr/Yt2Hy5Ra/GPalkzOkUFA7/xkis8nb3QvcUSx1uSkyip3GUeXJLvaI1Q37XYa gtXxU6j0esbWwO7AK21FwIU08/csOV39EEYuh8Y90tsXAEqXxfJh87ws6ci4CAfU6d QvebhzDT+5dO28YbZA/5RsMLwzJFcCI1wZaScn/qjLteznxorhfE+Abf9sCB/pnZ9p /aAw9KIRqxTSARGXt6FedihZ5FXiNVxhjzdvgnyekN+8B+ijeCaAfAh7/ZqWMvQ5pT zHC5/7LMdIfZm+KDKOSVkeUv88+wMQJ2OMUGLoScaB9oyMoEDv33arK+TILWsn4tYJ dKR1Q9gFExg9Q== Date: Thu, 5 Jun 2025 13:15:32 -0700 From: Kees Cook To: Petr Mladek Cc: Sergio Perez Gonzalez , Vlastimil Babka , David Rientjes , Bagas Sanjaya , Jonathan Corbet , Steven Rostedt , Andy Shevchenko , Rasmus Villemoes , Sergey Senozhatsky , Andrew Morton , Christoph Lameter , Pekka Enberg , Joonsoo Kim , Roman Gushchin , Harry Yoo , "Paul E. McKenney" , Randy Dunlap , Tamir Duberstein , Miguel Ojeda , Alice Ryhl , linux-doc@vger.kernel.org, linux-mm@kvack.org, Thomas Huth , "Borislav Petkov (AMD)" , Ard Biesheuvel , Greg Kroah-Hartman , Andreas Hindborg , Stephen Boyd , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2] slab: Decouple slab_debug and no_hash_pointers Message-ID: <202506051314.D6EDFA91D@keescook> References: <20250415170232.it.467-kees@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Stat-Signature: q1nzydsmciz9ktihrz89k5b785weegij X-Rspamd-Queue-Id: 83FA31C0011 X-Rspam-User: X-Rspamd-Server: rspam02 X-HE-Tag: 1749154534-215539 X-HE-Meta: U2FsdGVkX1+MZCP+9vMezWBU+dTEhOUx+HvV7JW2xaLWjhUcRDj9t1wa80JYxwcjnMZ4XBnDEyFoVGWcnOvgIAsvGFRMq/aVngqEDR5DHZ0OX6aR29uB+19WeBr7MiJz43Oft27EG+42XHLn02yLf5yIP4btiAQvmF0VCEteosgBrKlhTHULKOIDJ2V/z9Iv5vuA1lraD9YuwUteNz8ZFzjOJ8BBXJ4c5cAuL44W7XAHZrMbvMD7AGPBZLBfXRIwNBSDeG36+XxyCzy+ZM2+f/1+nUpcoUqvtWmTbqWjfUMVoQYv8JzyO60puR48fp4Eh0frnKxzAcMyk6OIYmDeW7JqSUngiKvITEAVNOe44eerV+wsAWeafHUr8i98PBFIBcslyFeMJb6k1Qua5nFa1lfeN+QRGM5/C7YZj78//tllLZUxTgYi7QxIle2pA/PglEV0ROT6TqvGdZ6xRNWxe3jRqK9mXtXMYTPAUZI2b+s9hMxdGRiJUD5/F4mWj5AAj7vd/vchBIK2lzTZa0mGYsOf+liBIhIVlNkXKiysypAKMzNozHUnzoJZP7P3bkobTIs/zmyJ3TXP1TLqHVBjq7XUTvKAeKC0nhKkk7LFm2Z7buLHzIAbFP3KlSSyd5ZKFn3Px7z1SCXu9uuaOYHW6wkojOU0fmxK+/x39kDr7bOTUTjqZ943Zp+aXOn0L4n3OWXgJh6CSScUjLmYCRV3jjfx1An9rbILagjKxfybUkJ44W3oLoV3Xsv4W7qdrjMHvq5r5Bir8WWyzyix6i3VsNbWECEFy6G3yt/Xci1cV+XUVB8z46y6hvEWzTFDbcWQwRxQd6jLEU+vEy0BOmkZ3y2+B9p1OyRI26IzeJgt+wGiE7RFsvOb9KwPVJd3fa1g5YYXXq0r7rbrh6w+uBSxEmx5XALmBesbQcyC5TwRo2vKTWO9SxaHeZS+ugSzYKJFn7RoKMxRtOqVojCGIM+ sG3G2XrK 6yeuyIwfaLN3YJCi1CYBkv3sB+CZyyjJaMEa7rM6AvJa9CEjjXKvIKgGuueqvD14PpIWkIsqF5HOqDJF0LpgMJHOkrVvqQtMIMQnefMtW/Z46OK3eESjVKbQuY+n+BYJu0/DuWKtY+YqaJdcTwNGg+qMTdXJ5dILPFCLJwABrapr38CkxbFx3zewWZnlRj5fjlZdA8H5SoHwDkvLCgYyBwvsUODY5EYmPrAdH7jgs0RQZg3lvNovXpcU8SFm2bQSt8RK+FYDzaCAQBnZNFSlpDJKPV90K/3bzn6Gbkk4rV98uK0rK2518nF4xxC3S3nDNZ3+CvQ4KKTrfJxlDIOnbgjeLzKX9eMxsDAkYNxHBEcPAsNPFgosS955zzORLEZr4g+/9vTMCPyzoaevnLwDKFWkTWNyDJSsQOYDq4ktmEsdmpTbBbBzzzihecE5j+0YUC9d4 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Apr 16, 2025 at 02:06:21PM +0200, Petr Mladek wrote: > On Tue 2025-04-15 10:02:33, Kees Cook wrote: > > Some system owners use slab_debug=FPZ (or similar) as a hardening option, > > but do not want to be forced into having kernel addresses exposed due > > to the implicit "no_hash_pointers" boot param setting.[1] > > > > Introduce the "hash_pointers" boot param, which defaults to "auto" > > (the current behavior), but also includes "always" (forcing on hashing > > even when "slab_debug=..." is defined), and "never". The existing > > "no_hash_pointers" boot param becomes an alias for "hash_pointers=never". > > > > This makes it possible to boot with "slab_debug=FPZ hash_pointers=always". > > > > Link: https://github.com/KSPP/linux/issues/368 [1] > > Fixes: 792702911f58 ("slub: force on no_hash_pointers when slub_debug is enabled") > > Co-developed-by: Sergio Perez Gonzalez > > Signed-off-by: Sergio Perez Gonzalez > > Acked-by: Vlastimil Babka > > Acked-by: David Rientjes > > Reviewed-by: Bagas Sanjaya > > Signed-off-by: Kees Cook > > Tested-by: Petr Mladek > Reviewed-by: Petr Mladek > > I am going to wait few more days for a potential feedback. > I'll queue it for 6.16 unless anyone complains. Hi, Is this still planned for 6.16? I just noticed it wasn't in -next, and we're almost to the end of the merge window... -Kees -- Kees Cook