From: Jonathan Corbet <corbet@lwn.net>
To: Lukas Bulwahn <lukas.bulwahn@gmail.com>,
Andi Kleen <ak@linux.intel.com>,
Randy Dunlap <rdunlap@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Tim Chen <tim.c.chen@linux.intel.com>,
linux-doc@vger.kernel.org
Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org,
Lukas Bulwahn <lukas.bulwahn@gmail.com>
Subject: Re: [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
Date: Mon, 03 Jan 2022 15:57:15 -0700 [thread overview]
Message-ID: <875yr0xwac.fsf@meer.lwn.net> (raw)
In-Reply-To: <20211230171940.27558-1-lukas.bulwahn@gmail.com>
Lukas Bulwahn <lukas.bulwahn@gmail.com> writes:
> The config RANDOMIZE_SLAB does not exist, the authors probably intended to
> refer to the config RANDOMIZE_BASE, which provides kernel address-space
> randomization. They probably just confused SLAB with BASE (these two
> four-letter words coincidentally share three common letters), as they also
> point out the config SLAB_FREELIST_RANDOM as further randomization within
> the same sentence.
>
> Fix the reference of the config for kernel address-space randomization to
> the config that provides that.
>
> Fixes: 6e88559470f5 ("Documentation: Add section about CPU vulnerabilities for Spectre")
> Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
> ---
> Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
> index ab7d402c1677..a2b22d5640ec 100644
> --- a/Documentation/admin-guide/hw-vuln/spectre.rst
> +++ b/Documentation/admin-guide/hw-vuln/spectre.rst
> @@ -468,7 +468,7 @@ Spectre variant 2
> before invoking any firmware code to prevent Spectre variant 2 exploits
> using the firmware.
>
> - Using kernel address space randomization (CONFIG_RANDOMIZE_SLAB=y
> + Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
> and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
> attacks on the kernel generally more difficult.
Makes sense to me...applied, thanks.
jon
prev parent reply other threads:[~2022-01-03 22:57 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-30 17:19 [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization Lukas Bulwahn
2022-01-03 22:57 ` Jonathan Corbet [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875yr0xwac.fsf@meer.lwn.net \
--to=corbet@lwn.net \
--cc=ak@linux.intel.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lukas.bulwahn@gmail.com \
--cc=rdunlap@infradead.org \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).