[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1117568: marked as done (Backport hash_pointers boot parameter from kernel 6.17)

Your message dated Mon, 13 Oct 2025 16:52:34 +0200
with message-id <20251013145234.wynrdxnyvw63ne74@shell.thinkmo.de>
and subject line Re: Bug#1117568: Backport hash_pointers boot parameter from kernel 6.17
has caused the Debian Bug report #1117568,
regarding Backport hash_pointers boot parameter from kernel 6.17
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1117568: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117568
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Source: linux
Version: 6.12.48-1
Severity: important
X-Debbugs-Cc: adrelanos@whonix.org, arraybolt3@gmail.com

One of the debugging options the kernel provide, `slab_debug`, is used
as a hardening mechanism by multiple security-conscious Linux
distributions, namely Tails and Kicksecure, as it makes some forms of
memory management bugs more difficult to exploit. It is recommended by
the Kernel Self Protection Project for users who want to set up a
"particularly paranoid" system. (See
https://kspp.github.io/Recommended_Settings) Unfortunately, due to
upstream apparently previously considering this feature as only a
debugging feature, setting the kernel parameter `slab_debug=FZ` (or
similar) results in unhashed kernel addresses being exposed in areas
such as the kernel logs, making it easier to bypass KASLR when this
option is enabled. Users with high security requirements are therefore
left with a bit of a catch-22 - either enable `slab_debug` and hope
that making KASLR easy to bypass isn't going to ultimately be a
problem, or leave `slab_debug` disabled and live without the additional
memory safety benefits it provides.

Linux 6.17 introduced a new boot option, `hash_pointers`, which allows
one to configure whether pointer values exposed to userspace are hashed
or unhashed independently of the `slab_debug` setting. Users who are
interested in using `slab_debug` for hardening but don't need the
debugging capabilities it provides can thus boot with something like
`slab_debug=FZ hash_pointers=always`, giving the best of both worlds.
The patch that introduces this option can be seen at
https://github.com/torvalds/linux/commit/de1c831a7898f164c1c2703c6b2b9e4fb4bebefc
This patch indicates that the use of `slab_debug` as a hardening option
and not just a debugging option is explicitly supported by Linux, this
is not an abuse of the feature.

The additional boot option does virtually nothing functionally, it
simply allows setting this new combination of options that the kernel
didn't previously expose. At least to me, the patch appears small, safe,
and it arguably is a kind of bugfix even though technically it is
presented as a new feature.

I would like if the kernel team could consider backporting this patch
into Debian Trixie's stable kernel. Thank you.

Attachment: pgppbq9gIBqBq.pgp
Description: OpenPGP digital signature


--- End Message ---
--- Begin Message --- 
On Tue, Oct 07, 2025 at 10:17:20PM -0500, Aaron Rainbolt wrote:
> I would like if the kernel team could consider backporting this patch
> into Debian Trixie's stable kernel. Thank you.

We decided that this is not suitable to backport to stable.

Regards,
Bastian

-- 
It is a human characteristic to love little animals, especially if
they're attractive in some way.
		-- McCoy, "The Trouble with Tribbles", stardate 4525.6

--- End Message ---
Reply to: