On Wed, 20 Sep 2017, Kees Cook wrote: > --- a/mm/slab.c > +++ b/mm/slab.c > @@ -1291,7 +1291,8 @@ void __init kmem_cache_init(void) > */ > kmalloc_caches[INDEX_NODE] = create_kmalloc_cache( > kmalloc_info[INDEX_NODE].name, > - kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS); > + kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS, > + 0, kmalloc_size(INDEX_NODE)); > slab_state = PARTIAL_NODE; > setup_kmalloc_cache_index_table(); Ok this presumes that at some point we will be able to restrict the number of bytes writeable and thus set the offset and size field to different values. Is that realistic? We already whitelist all kmalloc caches (see first patch). So what is the point of this patch?