Add details about slub_debug

README.md

@@ -118,8 +118,8 @@ configuration file.
 - Disable merging of slabs with similar size, which reduces the risk of
   triggering heap overflows and limits influencing slab cache layout.
 
-- Provides option to enable sanity checks and red zoning via slab debugging.
-  Not reccommened due to implicit disabling of kernel pointer hashing.
+- Provide the option to enable sanity checks and red zoning via slab debugging.
+  Enabling this feature will implicitly disable kernel pointer hashing.
 
 - Enable memory zeroing at both allocation and free time, which mitigates some
   use-after-free vulnerabilities by erasing sensitive information in memory.

etc/default/grub.d/40_kernel_hardening.cfg

@@ -28,12 +28,17 @@ kver="$(dpkg-query --show --showformat='${Version}' "$kpkg")" 2>/dev/null || tru
 ##
 GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX slab_nomerge"
 
-## Enable sanity checks and red zoning of slabs.
+## Enable sanity checks and red zoning of slabs via debugging options to detect corruption.
+## As a by product of debugging, this will implicitly disabling kernel pointer hashing.
+## Enabling will therefore leak exact and all kernel memory addresses to root.
+## Has the potential to cause a noticeable performance decrease.
 ##
 ## https://www.kernel.org/doc/html/latest/mm/slub.html
 ## https://lore.kernel.org/all/20210601182202.3011020-5-swboyd@chromium.org/T/#u
+## https://gitlab.tails.boum.org/tails/tails/-/issues/19613
 ##
-## Disabled as enabling this implicitly disables kernel pointer hashing.
+## The default kernel setting will be utilized until provided sufficient evidence to modify.
+## https://github.com/Kicksecure/security-misc/issues/253
 ##
 #GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX slub_debug=FZ"