[PATCH v2] cred: prevent slab cache merging for cred_jar

Next message: Paller, Kim Seer: "RE: [PATCH 3/3] iio: dac: ad3530r: Add support for AD3532R/AD3532"
Previous message: Haritha S K: "Re: [PATCH v2] arm64: dts: qcom: talos: Add passive polling-delay for gpu-thermal zone"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Mohammed EL Kadiri

Date: Thu Jun 11 2026 - 03:04:52 EST

Add SLAB_NO_MERGE to cred_jar to ensure struct cred objects get
dedicated slab pages, preventing the allocator from merging this
cache with other similarly-sized caches. This is a hardening measure
to provide type isolation for credential objects.

Reviewed-by: Kees Cook <kees@xxxxxxxxxx>
Signed-off-by: Mohammed EL Kadiri <med08elkadiri@xxxxxxxxx>
---

Changes in v2:
- Collected Reviewed-by tag from Kees Cook.
- No code changes from v1.

kernel/cred.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/cred.c b/kernel/cred.c
index 9676965c0981..0e4ee60a5acd 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -557,7 +557,7 @@ void __init cred_init(void)
{
/* allocate a slab in which we can store credentials */
cred_jar = KMEM_CACHE(cred,
- SLAB_HWCACHE_ALIGN | SLAB_PANIC | SLAB_ACCOUNT);
+ SLAB_HWCACHE_ALIGN | SLAB_PANIC | SLAB_ACCOUNT | SLAB_NO_MERGE);
}

/**
--
2.43.0