* [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
@ 2021-12-30 17:19 Lukas Bulwahn
2022-01-03 22:57 ` Jonathan Corbet
0 siblings, 1 reply; 2+ messages in thread
From: Lukas Bulwahn @ 2021-12-30 17:19 UTC (permalink / raw)
To: Andi Kleen, Randy Dunlap, Thomas Gleixner, Tim Chen,
Jonathan Corbet, linux-doc
Cc: kernel-janitors, linux-kernel, Lukas Bulwahn
The config RANDOMIZE_SLAB does not exist, the authors probably intended to
refer to the config RANDOMIZE_BASE, which provides kernel address-space
randomization. They probably just confused SLAB with BASE (these two
four-letter words coincidentally share three common letters), as they also
point out the config SLAB_FREELIST_RANDOM as further randomization within
the same sentence.
Fix the reference of the config for kernel address-space randomization to
the config that provides that.
Fixes: 6e88559470f5 ("Documentation: Add section about CPU vulnerabilities for Spectre")
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
---
Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index ab7d402c1677..a2b22d5640ec 100644
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -468,7 +468,7 @@ Spectre variant 2
before invoking any firmware code to prevent Spectre variant 2 exploits
using the firmware.
- Using kernel address space randomization (CONFIG_RANDOMIZE_SLAB=y
+ Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
attacks on the kernel generally more difficult.
--
2.17.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
2021-12-30 17:19 [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization Lukas Bulwahn
@ 2022-01-03 22:57 ` Jonathan Corbet
0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Corbet @ 2022-01-03 22:57 UTC (permalink / raw)
To: Lukas Bulwahn, Andi Kleen, Randy Dunlap, Thomas Gleixner,
Tim Chen, linux-doc
Cc: kernel-janitors, linux-kernel, Lukas Bulwahn
Lukas Bulwahn <lukas.bulwahn@gmail.com> writes:
> The config RANDOMIZE_SLAB does not exist, the authors probably intended to
> refer to the config RANDOMIZE_BASE, which provides kernel address-space
> randomization. They probably just confused SLAB with BASE (these two
> four-letter words coincidentally share three common letters), as they also
> point out the config SLAB_FREELIST_RANDOM as further randomization within
> the same sentence.
>
> Fix the reference of the config for kernel address-space randomization to
> the config that provides that.
>
> Fixes: 6e88559470f5 ("Documentation: Add section about CPU vulnerabilities for Spectre")
> Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
> ---
> Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
> index ab7d402c1677..a2b22d5640ec 100644
> --- a/Documentation/admin-guide/hw-vuln/spectre.rst
> +++ b/Documentation/admin-guide/hw-vuln/spectre.rst
> @@ -468,7 +468,7 @@ Spectre variant 2
> before invoking any firmware code to prevent Spectre variant 2 exploits
> using the firmware.
>
> - Using kernel address space randomization (CONFIG_RANDOMIZE_SLAB=y
> + Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
> and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
> attacks on the kernel generally more difficult.
Makes sense to me...applied, thanks.
jon
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-01-03 22:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-30 17:19 [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization Lukas Bulwahn
2022-01-03 22:57 ` Jonathan Corbet
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).