From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7FBC2C3601E for ; Sun, 13 Apr 2025 23:00:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D3794280032; Sun, 13 Apr 2025 19:00:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CE645280031; Sun, 13 Apr 2025 19:00:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BAE5D280032; Sun, 13 Apr 2025 19:00:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 9C1AF280031 for ; Sun, 13 Apr 2025 19:00:46 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id B3C87BB455 for ; Sun, 13 Apr 2025 23:00:46 +0000 (UTC) X-FDA: 83330542092.08.3B5D032 Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by imf16.hostedemail.com (Postfix) with ESMTP id CB417180004 for ; Sun, 13 Apr 2025 23:00:44 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=aeO1VYB4; spf=pass (imf16.hostedemail.com: domain of rientjes@google.com designates 209.85.214.175 as permitted sender) smtp.mailfrom=rientjes@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1744585244; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZcijKGeNWU44eIj2ygDRvcCute3ez4NOIbDwZ6K3fSM=; b=fz+yA2S5BwF8DNfp7TnF275pr8gTKZHRUVOkOICNWDk7+xnpbRsACRbP5CIbCla1OLYnxG 12Dqiry5DJkwMPwr0bqtRP6E7tHb4d48VAlM3c1HR/jJXxB1D+QrHVw1JW13O1QgiR0yXn rjC/twcpmfrBEKfYNxkLTqHOU0c5NDU= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=aeO1VYB4; spf=pass (imf16.hostedemail.com: domain of rientjes@google.com designates 209.85.214.175 as permitted sender) smtp.mailfrom=rientjes@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1744585244; a=rsa-sha256; cv=none; b=LBC0ASgl0Rt+6otAu2Np80OOgpGfMo2syaofEhqGvDogd57mT/Oc21LaiFI3LINgCOPzVx Tsr7XPDYEIvCQl+tyLq6/6Ced1h3oRgoJ0n1Bp40M9YNf+ErLu3j/VNvXTO/2OJRhn9HVN CrM1rkc8bhnz2iwsejcANE0/UDME/F4= Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-2242ac37caeso234885ad.1 for ; Sun, 13 Apr 2025 16:00:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1744585243; x=1745190043; darn=kvack.org; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:from:to:cc:subject:date:message-id:reply-to; bh=ZcijKGeNWU44eIj2ygDRvcCute3ez4NOIbDwZ6K3fSM=; b=aeO1VYB4RCd/obYqhS2LmrnD1qKVXJoz5qtcAG78BSBCvrGNbJjh1LGlRqS2aQ41Nx SVCc7sKopba/RI0fl+4NqjZv/qXEJ1LJOdY73AmjQ+uUpqjuZ4N5+Vz2oyh1aGFcBqQ9 SJn4idnC7PefaU6D+MwBvPh9qC6cYDZ5FFet8afYORf4u5EjBksH/b6c/OX4kLg7hgWv 1RIKjraGNclbYN0y+rcKU3DEWQekbc1FggEmCzc5t3wPgaM30di/7/r4YiZXF8B23jsX KJq/4Q2WTToKL4mm1gzyMHQ9mNUqrx/Ip5D4Q4xeDy6Dx9sWXOJ9ZHNzsf8zi78+njO3 309A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744585243; x=1745190043; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZcijKGeNWU44eIj2ygDRvcCute3ez4NOIbDwZ6K3fSM=; b=HPB9OmfiH6j+FOCuVuOtRQ8gRfwEtl8HH9qxaRA2efGKtlC4YXzWAK8LscTJRd3yVh cxufMxoDocI2S9E3yOC78qrJw4MgfEeo4qOcs6fhmOk1/WD4cko5MQ1Gh36tkT8wqVP7 bBlb6Xi1C1ztN8mzPYH/hjzzcAiSqJ2gpL5gHT4mg+94uLBEQWeTJJLR4dENac8j8pNj KDg5Fy1j4e9CgnS4Axf6VStI6TrhERjiz0HXXvSfdZhd1uEtl36o1R7KU5tU26Fc+yaX I8YnkEvPb6WH78HHjiArBqsDrPbMxNIqWW3E6RQco9DxwFYZhEBJilTxzt2DlOnRcHUo Pu5g== X-Forwarded-Encrypted: i=1; AJvYcCVwZ577m50ewItXFpiQPfydOTu7u2u3bQpvr16LUHqU0+JaHJkSaSHjI8Kt6CWut+2C9PWfInTt6w==@kvack.org X-Gm-Message-State: AOJu0YzOVGZdCbt0f019LD0VGYESiJ5O4Q+jjhrnFCLtHDWumX9wkTj9 v1yNtGyEv/ESyinCUKs1PY8hlopD189Y4fuFGFmMlbLfCoqroPM460/7AeKbmg== X-Gm-Gg: ASbGncu/ctBKp7se28Yk2OwiknUhRI1FusNwzyMgmYwh7O07S9rTmyvIKx6E5WHhgoF NnHk4WO+ABM8+tBpCcXiCgJAFDq4nTN6PWL5cWh1SZFs4leNwM7sprKYKk2ez8J8gPq9gNDem+q A96kYxkEnwW8bpx0bZNVEple0PF8xxMrQWHxDz2HouDFPxy5JT3XuRKMWPTTkkqQDCmDedFyo5D 46pEyyYr8GUSMpwv9q21UVLt1RPENFMMJ4AhHbxpJef7Oj2/KuI8pgb6zgjamlhAjr6q+3tHWOq t4Tqfs0zXL1oK/K2EhQr1D2+umvGiPqj1EV6+mrzs71FwHewBBSYfLwgGE6DlxHkGevcBPuxrJL w2yPzBAlw9k0crVOtLXi1KhyaU7eq5Iwues0= X-Google-Smtp-Source: AGHT+IFx60v074gs4AMnQgafHZpx5rGmP/N6w9NBkIiYBjItVWW/1kCo6dcv+AZwAtWyGk9dPOEPQw== X-Received: by 2002:a17:903:32c9:b0:223:f479:3860 with SMTP id d9443c01a7336-22bf453906cmr2947865ad.18.1744585243089; Sun, 13 Apr 2025 16:00:43 -0700 (PDT) Received: from [2a00:79e0:2eb0:8:f229:adb7:460c:4b5e] ([2a00:79e0:2eb0:8:f229:adb7:460c:4b5e]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b02a12c8ac4sm8257942a12.46.2025.04.13.16.00.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Apr 2025 16:00:42 -0700 (PDT) Date: Sun, 13 Apr 2025 16:00:41 -0700 (PDT) From: David Rientjes To: Kees Cook cc: Vlastimil Babka , Sergio Perez Gonzalez , Jonathan Corbet , Petr Mladek , Steven Rostedt , Andy Shevchenko , Rasmus Villemoes , Sergey Senozhatsky , Andrew Morton , Christoph Lameter , Pekka Enberg , Joonsoo Kim , Roman Gushchin , Harry Yoo , "Paul E. McKenney" , Randy Dunlap , Tamir Duberstein , Miguel Ojeda , Alice Ryhl , linux-doc@vger.kernel.org, linux-mm@kvack.org, Thomas Huth , "Borislav Petkov (AMD)" , Ard Biesheuvel , Greg Kroah-Hartman , Andreas Hindborg , Stephen Boyd , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] slab: Decouple slab_debug and no_hash_pointers In-Reply-To: <20250410174428.work.488-kees@kernel.org> Message-ID: References: <20250410174428.work.488-kees@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: CB417180004 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: g45zjmp1na15wgghbynd6j6iypkhtgkb X-HE-Tag: 1744585244-510801 X-HE-Meta: U2FsdGVkX18ff4sNh4+Cv8PrBCpo2XM93yv+3D07AoAnriLGQTpN+oCyDn2sRCD6oVC0x1MhXW+yC1taWZfUsMT5iYNHV8/0E41EWCgADNazIAtySmsg8lEhZVE2nyCKFlXg86EO7dzq90kURJm9QDQhzhDG2fqpS6piJbe+gmar0hTgLkZzwT5GRmSLZecK2jNTY4YCjN3wAE/jfuiwqz1wgl9g/kQehKs10GKsi+BGWw3jIuX4nZtBRAjmD/xXAQsjERkECmdCrWBSOafNpkr0vv4FSLRbHm99iIbJ+p+NM+BaiIsbx2+cEno1aCOS2+mWEMVCEHHBGeyRqccfNP+o/aDY8nEhcwjkD5mRo/K1w+/d2g4QjhrvL/HybFm2LAo/5eX0at/BLmwx8H4Awp2A6weTiYDDyOOgBdrqHYKp0hVVryY6EP4gIG/H2r6MudkPYn6E4WVSFgbOI5kSFXN7fQyn2evAFict2MdrkMS88fN3yolJMuXGP8fRkeNkKljuXSxVXlzcTu6lxxFvjzr/gQa5abY7UiTBHK38c70lmTZ7ViZ5u/DUe7mMBfnvNSAQnHyVB+zlyEQxmN0ZffmQZ+n/h3NzHwz9tojZQUKQpjRknzzWtT9uQ5IQKZ2mlIVA5d07IrLmbHQDIF6BOpj0Uc9X5YNA6R+buMcQJU2tBIzGqKhJzKaRqg1CwRR8d5RAWjV9vWU24MfosTH38zcwAqY0WZEAXGT97uK6wTNkjoz+4BjfN2H5f9cy6k0ejHokQcqbswiredIjbXqGYVoqXN8m6a/DEjX0F+e5HwtYdq1jwq1RnpIphOHNd/ll4/+YXrfbNrgUtbCxcBpUgBltmwYyleObFUdh/jMFURB7tCrcGw4AYLVe/5UH2v1AJH6Cs7r2Y45jYi4P/au7bUB5H142XspyKvwXlYZICiiPSadL4ea2cf7u3PWFSSs+Fw0YxoIy4e460FndZZf KDd6vhQK PkQJqMobqRnHM99D2LL7rYvw+gGbDC5DMojkzSIq85PuHQ4PiuP4RupTbNM1kenrWRS7DKLkXy/u9BwwP8QuQ1NhACdyeorBtrki6nGfzTHbE20mSvKTPAbw2Jrdtx9bTJ4ifNPqSQjNI5lY3AWonXdzN8p0AZTIj4Hse80LlVYGZAFbBZ725f1IZ+PIC2bAII2rG3empLJT0SmZIgZv0Vi+g7GJqdKKNMv3Ei2PKCD/nvSrdeSa0KTk7h2SCXQWO/jz+g4gZ903p1Ox+Fv5fRbELOX+7ui7Iemy2axIi3St5uPXF92Acfc3u5xkl0jJ/mlu7em+qukof2AL2ahWDxMtIw6/PSOQ+rfezawWWYbkyquIO71bbr2HGMclgSxiuX161Q4gDg4MNey2dX4ZSgPECkraAaHeDuoOekbvMg1BJyMuy1eXgAsVoD8UPDuTwJlAARHwE6ywd24tFaE5a5LWxn28Vg+QUclT1 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, 10 Apr 2025, Kees Cook wrote: > Some system owners use slab_debug=FPZ (or similar) as a hardening option, > but do not want to be forced into having kernel addresses exposed due > to the implicit "no_hash_pointers" boot param setting.[1] > > Introduce the "hash_pointers" boot param, which defaults to "auto" > (the current behavior), but also includes "always" (forcing on hashing > even when "slab_debug=..." is defined), and "never". The existing > "no_hash_pointers" boot param becomes an alias for "hash_pointers=never". > > This makes it possible to boot with "slab_debug=FPZ hash_pointers=always". > > Link: https://github.com/KSPP/linux/issues/368 [1] > Fixes: 792702911f58 ("slub: force on no_hash_pointers when slub_debug is enabled") > Co-developed-by: Sergio Perez Gonzalez > Signed-off-by: Sergio Perez Gonzalez > Signed-off-by: Kees Cook Acked-by: David Rientjes