From: Kees Cook <kees@kernel.org>
To: Petr Mladek <pmladek@suse.com>
Cc: Sergio Perez Gonzalez <sperezglz@gmail.com>,
Vlastimil Babka <vbabka@suse.cz>,
David Rientjes <rientjes@google.com>,
Bagas Sanjaya <bagasdotme@gmail.com>,
Jonathan Corbet <corbet@lwn.net>,
Steven Rostedt <rostedt@goodmis.org>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Sergey Senozhatsky <senozhatsky@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Christoph Lameter <cl@linux.com>,
Pekka Enberg <penberg@kernel.org>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Harry Yoo <harry.yoo@oracle.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Randy Dunlap <rdunlap@infradead.org>,
Tamir Duberstein <tamird@gmail.com>,
Miguel Ojeda <ojeda@kernel.org>,
Alice Ryhl <aliceryhl@google.com>,
linux-doc@vger.kernel.org, linux-mm@kvack.org,
Thomas Huth <thuth@redhat.com>,
"Borislav Petkov (AMD)" <bp@alien8.de>,
Ard Biesheuvel <ardb@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Andreas Hindborg <a.hindborg@kernel.org>,
Stephen Boyd <swboyd@chromium.org>,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH v2] slab: Decouple slab_debug and no_hash_pointers
Date: Mon, 9 Jun 2025 08:24:47 -0700 [thread overview]
Message-ID: <202506090823.33ED63C@keescook> (raw)
In-Reply-To: <aEbyHeG8qh8GChTh@pathway.suse.cz>
On Mon, Jun 09, 2025 at 04:39:25PM +0200, Petr Mladek wrote:
> On Thu 2025-06-05 13:15:32, Kees Cook wrote:
> > On Wed, Apr 16, 2025 at 02:06:21PM +0200, Petr Mladek wrote:
> > > On Tue 2025-04-15 10:02:33, Kees Cook wrote:
> > > > Some system owners use slab_debug=FPZ (or similar) as a hardening option,
> > > > but do not want to be forced into having kernel addresses exposed due
> > > > to the implicit "no_hash_pointers" boot param setting.[1]
> > > >
> > > > Introduce the "hash_pointers" boot param, which defaults to "auto"
> > > > (the current behavior), but also includes "always" (forcing on hashing
> > > > even when "slab_debug=..." is defined), and "never". The existing
> > > > "no_hash_pointers" boot param becomes an alias for "hash_pointers=never".
> > > >
> > > > This makes it possible to boot with "slab_debug=FPZ hash_pointers=always".
> > > >
> > > > Link: https://github.com/KSPP/linux/issues/368 [1]
> > > > Fixes: 792702911f58 ("slub: force on no_hash_pointers when slub_debug is enabled")
> > > > Co-developed-by: Sergio Perez Gonzalez <sperezglz@gmail.com>
> > > > Signed-off-by: Sergio Perez Gonzalez <sperezglz@gmail.com>
> > > > Acked-by: Vlastimil Babka <vbabka@suse.cz>
> > > > Acked-by: David Rientjes <rientjes@google.com>
> > > > Reviewed-by: Bagas Sanjaya <bagasdotme@gmail.com>
> > > > Signed-off-by: Kees Cook <kees@kernel.org>
> > >
> > > Tested-by: Petr Mladek <pmladek@suse.com>
> > > Reviewed-by: Petr Mladek <pmladek@suse.com>
> > >
> > > I am going to wait few more days for a potential feedback.
> > > I'll queue it for 6.16 unless anyone complains.
> >
> > Hi,
> >
> > Is this still planned for 6.16? I just noticed it wasn't in -next, and
> > we're almost to the end of the merge window...
>
> I am terribly sorry. I have forgot this patch...
>
> I have just pushed it into printk/linux.git, branch
> for-6.17-hash_pointers.
>
> Also I updated the documentation, aka applied the diff
> from https://lore.kernel.org/r/202504181307.254F81843@keescook
> See
> https://web.git.kernel.org/pub/scm/linux/kernel/git/printk/linux.git/commit/?h=for-6.17-hash_pointers&id=de1c831a7898f164c1c2703c6b2b9e4fb4bebefc
>
> As the branch name suggests, I am going to push it for 6.17.
> If it is too late for you then please let me know.
As long as it's in -next and scheduled to land, I'm happy. I'd always
like it earlier, but the less workflow disruption the better! :)
Thanks!
-Kees
--
Kees Cook
next prev parent reply other threads:[~2025-06-09 15:24 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-15 17:02 [PATCH v2] slab: Decouple slab_debug and no_hash_pointers Kees Cook
2025-04-16 12:06 ` Petr Mladek
2025-04-16 17:52 ` Kees Cook
2025-06-05 20:15 ` Kees Cook
2025-06-09 14:39 ` Petr Mladek
2025-06-09 15:24 ` Kees Cook [this message]
2025-06-09 20:12 ` Andy Shevchenko
2025-06-10 8:35 ` Petr Mladek
2025-04-17 12:36 ` Rafael Aquini
2025-04-17 14:15 ` Harry Yoo
2025-04-18 20:13 ` Kees Cook
2025-04-21 9:43 ` Harry Yoo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202506090823.33ED63C@keescook \
--to=kees@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=aliceryhl@google.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=ardb@kernel.org \
--cc=bagasdotme@gmail.com \
--cc=bp@alien8.de \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=gregkh@linuxfoundation.org \
--cc=harry.yoo@oracle.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@rasmusvillemoes.dk \
--cc=ojeda@kernel.org \
--cc=paulmck@kernel.org \
--cc=penberg@kernel.org \
--cc=pmladek@suse.com \
--cc=rdunlap@infradead.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=rostedt@goodmis.org \
--cc=senozhatsky@chromium.org \
--cc=sperezglz@gmail.com \
--cc=swboyd@chromium.org \
--cc=tamird@gmail.com \
--cc=thuth@redhat.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.