[PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization

Lukas Bulwahn posted 1 patch 4 years, 6 months ago
Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
Posted by Lukas Bulwahn 4 years, 6 months ago
The config RANDOMIZE_SLAB does not exist, the authors probably intended to
refer to the config RANDOMIZE_BASE, which provides kernel address-space
randomization. They probably just confused SLAB with BASE (these two
four-letter words coincidentally share three common letters), as they also
point out the config SLAB_FREELIST_RANDOM as further randomization within
the same sentence.

Fix the reference of the config for kernel address-space randomization to
the config that provides that.

Fixes: 6e88559470f5 ("Documentation: Add section about CPU vulnerabilities for Spectre")
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
---
 Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index ab7d402c1677..a2b22d5640ec 100644
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -468,7 +468,7 @@ Spectre variant 2
    before invoking any firmware code to prevent Spectre variant 2 exploits
    using the firmware.
 
-   Using kernel address space randomization (CONFIG_RANDOMIZE_SLAB=y
+   Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
    and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
    attacks on the kernel generally more difficult.
 
-- 
2.17.1

Re: [PATCH] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
Posted by Jonathan Corbet 4 years, 5 months ago
Lukas Bulwahn <lukas.bulwahn@gmail.com> writes:

> The config RANDOMIZE_SLAB does not exist, the authors probably intended to
> refer to the config RANDOMIZE_BASE, which provides kernel address-space
> randomization. They probably just confused SLAB with BASE (these two
> four-letter words coincidentally share three common letters), as they also
> point out the config SLAB_FREELIST_RANDOM as further randomization within
> the same sentence.
>
> Fix the reference of the config for kernel address-space randomization to
> the config that provides that.
>
> Fixes: 6e88559470f5 ("Documentation: Add section about CPU vulnerabilities for Spectre")
> Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
> ---
>  Documentation/admin-guide/hw-vuln/spectre.rst | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
> index ab7d402c1677..a2b22d5640ec 100644
> --- a/Documentation/admin-guide/hw-vuln/spectre.rst
> +++ b/Documentation/admin-guide/hw-vuln/spectre.rst
> @@ -468,7 +468,7 @@ Spectre variant 2
>     before invoking any firmware code to prevent Spectre variant 2 exploits
>     using the firmware.
>  
> -   Using kernel address space randomization (CONFIG_RANDOMIZE_SLAB=y
> +   Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
>     and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
>     attacks on the kernel generally more difficult.

Makes sense to me...applied, thanks.

jon