Message ID | 8bb7718c-1f3b-1882-c081-4b3d31dcda9f@ipfire.org |
---|---|
State | Accepted |
Commit | 26a91db187573b27b8da67121310ac0f7a1e874e |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4LxQPW3d3Rz3x7M for <patchwork@web04.haj.ipfire.org>; Mon, 1 Aug 2022 17:40:15 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4LxQPT61v2z35n; Mon, 1 Aug 2022 17:40:13 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4LxQPT5GKHz2xR7; Mon, 1 Aug 2022 17:40:13 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4LxQPS22Y5z2xPk for <development@lists.ipfire.org>; Mon, 1 Aug 2022 17:40:12 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4LxQPQ7215zxx for <development@lists.ipfire.org>; Mon, 1 Aug 2022 17:40:10 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1659375611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=N1ZiBoqpuuXmctxJY3rDgyEgzIsuh6Sf9YWp6VhGhLE=; b=OOL2a8Pty1qLX/J1ERxFodwcpPhPVa0zg7MNfCG5/8t1EzzpkGFItBOic2edYw6+iZEIGM ySbejex0qmEo5xDA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1659375611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=N1ZiBoqpuuXmctxJY3rDgyEgzIsuh6Sf9YWp6VhGhLE=; b=FCFQwM3xbQJWOwZVQ3rv1KfZT0FEtoBxQe9ENT58FPd2IbDa47E0l62tWMdttroz/oAuSK 2I/ionQTnxUV5wdPQqvPXoQUmPphVw1+eSPSq5tjcY2br9JR/cogf+SX0d5N2VKriFUhUT dteoUiWVzdTJZ5HbU9Rz8kTRZxmzp34oFK7XkP3yKBzmNBqxZevQ3k0+11g6JUafyJ76Re 793m58EOEuqz73uNt0UMpatLDc3yBBxzklclDsyo81+Idl6MQzfTh9vq6bSNHXe4G5yxFH 26iWflnCKpWjBC3mffMmIYVANheMOyoPvOUaIfph6FM8sWfLop9wa7sQALkQRw== Message-ID: <8bb7718c-1f3b-1882-c081-4b3d31dcda9f@ipfire.org> Date: Mon, 1 Aug 2022 17:39:59 +0000 MIME-Version: 1.0 Content-Language: en-US To: "IPFire: Development" <development@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org> Subject: [PATCH] linux: Do not allow slab caches to be merged Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
linux: Do not allow slab caches to be merged
|
|
Commit Message
Peter Müller
Aug. 1, 2022, 5:39 p.m. UTC
From the kernel documentation: > For reduced kernel memory fragmentation, slab caches can be > merged when they share the same size and other characteristics. > This carries a risk of kernel heap overflows being able to > overwrite objects from merged caches (and more easily control > cache layout), which makes such heap attacks easier to exploit > by attackers. By keeping caches unmerged, these kinds of exploits > can usually only damage objects in the same cache. [...] Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS recommend this as well. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> --- config/kernel/kernel.config.aarch64-ipfire | 2 +- config/kernel/kernel.config.armv6l-ipfire | 2 +- config/kernel/kernel.config.riscv64-ipfire | 2 +- config/kernel/kernel.config.x86_64-ipfire | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-)
Comments
And there are no downsides to this whatsoever? > On 1 Aug 2022, at 18:39, Peter Müller <peter.mueller@ipfire.org> wrote: > > From the kernel documentation: > >> For reduced kernel memory fragmentation, slab caches can be >> merged when they share the same size and other characteristics. >> This carries a risk of kernel heap overflows being able to >> overwrite objects from merged caches (and more easily control >> cache layout), which makes such heap attacks easier to exploit >> by attackers. By keeping caches unmerged, these kinds of exploits >> can usually only damage objects in the same cache. [...] > > Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS > recommend this as well. > > Signed-off-by: Peter Müller <peter.mueller@ipfire.org> > --- > config/kernel/kernel.config.aarch64-ipfire | 2 +- > config/kernel/kernel.config.armv6l-ipfire | 2 +- > config/kernel/kernel.config.riscv64-ipfire | 2 +- > config/kernel/kernel.config.x86_64-ipfire | 2 +- > 4 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire > index 9232335ff..023c3d5aa 100644 > --- a/config/kernel/kernel.config.aarch64-ipfire > +++ b/config/kernel/kernel.config.aarch64-ipfire > @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire > index dc0aee51b..b4587826e 100644 > --- a/config/kernel/kernel.config.armv6l-ipfire > +++ b/config/kernel/kernel.config.armv6l-ipfire > @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire > index 0801f4389..fb7cda4dd 100644 > --- a/config/kernel/kernel.config.riscv64-ipfire > +++ b/config/kernel/kernel.config.riscv64-ipfire > @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire > index 40975b5fc..d3792cbb7 100644 > --- a/config/kernel/kernel.config.x86_64-ipfire > +++ b/config/kernel/kernel.config.x86_64-ipfire > @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > -- > 2.35.3
Hello Michael, aside from increased kernel memory fragmentation, none I am aware of. Thanks, and best regards, Peter Müller > And there are no downsides to this whatsoever? > >> On 1 Aug 2022, at 18:39, Peter Müller <peter.mueller@ipfire.org> wrote: >> >> From the kernel documentation: >> >>> For reduced kernel memory fragmentation, slab caches can be >>> merged when they share the same size and other characteristics. >>> This carries a risk of kernel heap overflows being able to >>> overwrite objects from merged caches (and more easily control >>> cache layout), which makes such heap attacks easier to exploit >>> by attackers. By keeping caches unmerged, these kinds of exploits >>> can usually only damage objects in the same cache. [...] >> >> Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS >> recommend this as well. >> >> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >> --- >> config/kernel/kernel.config.aarch64-ipfire | 2 +- >> config/kernel/kernel.config.armv6l-ipfire | 2 +- >> config/kernel/kernel.config.riscv64-ipfire | 2 +- >> config/kernel/kernel.config.x86_64-ipfire | 2 +- >> 4 files changed, 4 insertions(+), 4 deletions(-) >> >> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire >> index 9232335ff..023c3d5aa 100644 >> --- a/config/kernel/kernel.config.aarch64-ipfire >> +++ b/config/kernel/kernel.config.aarch64-ipfire >> @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire >> index dc0aee51b..b4587826e 100644 >> --- a/config/kernel/kernel.config.armv6l-ipfire >> +++ b/config/kernel/kernel.config.armv6l-ipfire >> @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire >> index 0801f4389..fb7cda4dd 100644 >> --- a/config/kernel/kernel.config.riscv64-ipfire >> +++ b/config/kernel/kernel.config.riscv64-ipfire >> @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire >> index 40975b5fc..d3792cbb7 100644 >> --- a/config/kernel/kernel.config.x86_64-ipfire >> +++ b/config/kernel/kernel.config.x86_64-ipfire >> @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> -- >> 2.35.3 >
Hello *, any vetoes / endorsements of this? :-) Thanks, and best regards, Peter Müller > From the kernel documentation: > >> For reduced kernel memory fragmentation, slab caches can be >> merged when they share the same size and other characteristics. >> This carries a risk of kernel heap overflows being able to >> overwrite objects from merged caches (and more easily control >> cache layout), which makes such heap attacks easier to exploit >> by attackers. By keeping caches unmerged, these kinds of exploits >> can usually only damage objects in the same cache. [...] > > Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS > recommend this as well. > > Signed-off-by: Peter Müller <peter.mueller@ipfire.org> > --- > config/kernel/kernel.config.aarch64-ipfire | 2 +- > config/kernel/kernel.config.armv6l-ipfire | 2 +- > config/kernel/kernel.config.riscv64-ipfire | 2 +- > config/kernel/kernel.config.x86_64-ipfire | 2 +- > 4 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire > index 9232335ff..023c3d5aa 100644 > --- a/config/kernel/kernel.config.aarch64-ipfire > +++ b/config/kernel/kernel.config.aarch64-ipfire > @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire > index dc0aee51b..b4587826e 100644 > --- a/config/kernel/kernel.config.armv6l-ipfire > +++ b/config/kernel/kernel.config.armv6l-ipfire > @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire > index 0801f4389..fb7cda4dd 100644 > --- a/config/kernel/kernel.config.riscv64-ipfire > +++ b/config/kernel/kernel.config.riscv64-ipfire > @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y > diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire > index 40975b5fc..d3792cbb7 100644 > --- a/config/kernel/kernel.config.x86_64-ipfire > +++ b/config/kernel/kernel.config.x86_64-ipfire > @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y > # CONFIG_SLOB is not set > -CONFIG_SLAB_MERGE_DEFAULT=y > +# CONFIG_SLAB_MERGE_DEFAULT is not set > CONFIG_SLAB_FREELIST_RANDOM=y > CONFIG_SLAB_FREELIST_HARDENED=y > CONFIG_SHUFFLE_PAGE_ALLOCATOR=y
On 8/6/22 03:00, Peter Müller wrote: > Hello *, > > any vetoes / endorsements of this? :-) > > Thanks, and best regards, > Peter Müller > >> From the kernel documentation: >> >>> For reduced kernel memory fragmentation, slab caches can be >>> merged when they share the same size and other characteristics. >>> This carries a risk of kernel heap overflows being able to >>> overwrite objects from merged caches (and more easily control >>> cache layout), which makes such heap attacks easier to exploit >>> by attackers. By keeping caches unmerged, these kinds of exploits >>> can usually only damage objects in the same cache. [...] >> Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS >> recommend this as well. >> >> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >> --- >> config/kernel/kernel.config.aarch64-ipfire | 2 +- >> config/kernel/kernel.config.armv6l-ipfire | 2 +- >> config/kernel/kernel.config.riscv64-ipfire | 2 +- >> config/kernel/kernel.config.x86_64-ipfire | 2 +- >> 4 files changed, 4 insertions(+), 4 deletions(-) >> >> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire >> index 9232335ff..023c3d5aa 100644 >> --- a/config/kernel/kernel.config.aarch64-ipfire >> +++ b/config/kernel/kernel.config.aarch64-ipfire >> @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire >> index dc0aee51b..b4587826e 100644 >> --- a/config/kernel/kernel.config.armv6l-ipfire >> +++ b/config/kernel/kernel.config.armv6l-ipfire >> @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire >> index 0801f4389..fb7cda4dd 100644 >> --- a/config/kernel/kernel.config.riscv64-ipfire >> +++ b/config/kernel/kernel.config.riscv64-ipfire >> @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire >> index 40975b5fc..d3792cbb7 100644 >> --- a/config/kernel/kernel.config.x86_64-ipfire >> +++ b/config/kernel/kernel.config.x86_64-ipfire >> @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y I have no expertise. I would defer to the opinion expressed in the documentation.
Hello, Yes, please turn it on. It will protect other processes from being exploited by an attacker who gained access to the system. Acked-by: Michael Tremer <michael.tremer@ipfire.org> -Michael > On 6 Aug 2022, at 09:00, Peter Müller <peter.mueller@ipfire.org> wrote: > > Hello *, > > any vetoes / endorsements of this? :-) > > Thanks, and best regards, > Peter Müller > >> From the kernel documentation: >> >>> For reduced kernel memory fragmentation, slab caches can be >>> merged when they share the same size and other characteristics. >>> This carries a risk of kernel heap overflows being able to >>> overwrite objects from merged caches (and more easily control >>> cache layout), which makes such heap attacks easier to exploit >>> by attackers. By keeping caches unmerged, these kinds of exploits >>> can usually only damage objects in the same cache. [...] >> >> Thus, it is more sane to leave slab merging disabled. KSPP and ClipOS >> recommend this as well. >> >> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >> --- >> config/kernel/kernel.config.aarch64-ipfire | 2 +- >> config/kernel/kernel.config.armv6l-ipfire | 2 +- >> config/kernel/kernel.config.riscv64-ipfire | 2 +- >> config/kernel/kernel.config.x86_64-ipfire | 2 +- >> 4 files changed, 4 insertions(+), 4 deletions(-) >> >> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire >> index 9232335ff..023c3d5aa 100644 >> --- a/config/kernel/kernel.config.aarch64-ipfire >> +++ b/config/kernel/kernel.config.aarch64-ipfire >> @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire >> index dc0aee51b..b4587826e 100644 >> --- a/config/kernel/kernel.config.armv6l-ipfire >> +++ b/config/kernel/kernel.config.armv6l-ipfire >> @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire >> index 0801f4389..fb7cda4dd 100644 >> --- a/config/kernel/kernel.config.riscv64-ipfire >> +++ b/config/kernel/kernel.config.riscv64-ipfire >> @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y >> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire >> index 40975b5fc..d3792cbb7 100644 >> --- a/config/kernel/kernel.config.x86_64-ipfire >> +++ b/config/kernel/kernel.config.x86_64-ipfire >> @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y >> # CONFIG_SLAB is not set >> CONFIG_SLUB=y >> # CONFIG_SLOB is not set >> -CONFIG_SLAB_MERGE_DEFAULT=y >> +# CONFIG_SLAB_MERGE_DEFAULT is not set >> CONFIG_SLAB_FREELIST_RANDOM=y >> CONFIG_SLAB_FREELIST_HARDENED=y >> CONFIG_SHUFFLE_PAGE_ALLOCATOR=y
diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire index 9232335ff..023c3d5aa 100644 --- a/config/kernel/kernel.config.aarch64-ipfire +++ b/config/kernel/kernel.config.aarch64-ipfire @@ -247,7 +247,7 @@ CONFIG_VM_EVENT_COUNTERS=y # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set -CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SHUFFLE_PAGE_ALLOCATOR=y diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire index dc0aee51b..b4587826e 100644 --- a/config/kernel/kernel.config.armv6l-ipfire +++ b/config/kernel/kernel.config.armv6l-ipfire @@ -250,7 +250,7 @@ CONFIG_VM_EVENT_COUNTERS=y # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set -CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SHUFFLE_PAGE_ALLOCATOR=y diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire index 0801f4389..fb7cda4dd 100644 --- a/config/kernel/kernel.config.riscv64-ipfire +++ b/config/kernel/kernel.config.riscv64-ipfire @@ -230,7 +230,7 @@ CONFIG_VM_EVENT_COUNTERS=y # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set -CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SHUFFLE_PAGE_ALLOCATOR=y diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire index 40975b5fc..d3792cbb7 100644 --- a/config/kernel/kernel.config.x86_64-ipfire +++ b/config/kernel/kernel.config.x86_64-ipfire @@ -270,7 +270,7 @@ CONFIG_VM_EVENT_COUNTERS=y # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set -CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SHUFFLE_PAGE_ALLOCATOR=y