On Tue, Apr 15, 2025 at 10:02:33AM -0700, Kees Cook wrote: > Some system owners use slab_debug=FPZ (or similar) as a hardening option, > but do not want to be forced into having kernel addresses exposed due > to the implicit "no_hash_pointers" boot param setting.[1]
Is this behavior documented somewhere or it's only in the code? I couldn't find anything other than the code. > Introduce the "hash_pointers" boot param, which defaults to "auto" > (the current behavior), but also includes "always" (forcing on hashing > even when "slab_debug=..." is defined), and "never". The existing > "no_hash_pointers" boot param becomes an alias for "hash_pointers=never". > > This makes it possible to boot with "slab_debug=FPZ hash_pointers=always". > > Link: https://github.com/KSPP/linux/issues/368 [1] > Fixes: 792702911f58 ("slub: force on no_hash_pointers when slub_debug is > enabled") > Co-developed-by: Sergio Perez Gonzalez <[email protected]> > Signed-off-by: Sergio Perez Gonzalez <[email protected]> > Acked-by: Vlastimil Babka <[email protected]> > Acked-by: David Rientjes <[email protected]> > Reviewed-by: Bagas Sanjaya <[email protected]> > Signed-off-by: Kees Cook <[email protected]> > --- Reviewed-by: Harry Yoo <[email protected]> By the way, while this patch does not change existing behavior of slub_debug implying no_hash_pointers, kmem_cache_init() is not the only place that enables slub_debug_enabled static key. Maybe we should update __kmem_cache_create_args() too? (in a separate patch) -- Cheers, Harry / Hyeonggon
