From 73db68dbf9a1f9ded95a593db36a4960ce06a173 Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Fri, 9 Aug 2024 14:27:30 +1000
Subject: [PATCH] Add details on KFENCE

---
 etc/default/grub.d/40_kernel_hardening.cfg | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/etc/default/grub.d/40_kernel_hardening.cfg b/etc/default/grub.d/40_kernel_hardening.cfg
index 8a90108..aa55e94 100644
--- a/etc/default/grub.d/40_kernel_hardening.cfg
+++ b/etc/default/grub.d/40_kernel_hardening.cfg
@@ -127,10 +127,13 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX debugfs=off"
 
 ## Enable the kernel "Electric-Fence" sampling-based memory safety error detector.
 ## KFENCE detects heap out-of-bounds access, use-after-free, and invalid-free errors.
-## Aims to have very low processing overhead at each sampling interval
+## Aims to have very low processing overhead at each sampling interval.
 ## Sampling interval is set to occur every 100 milliseconds as per KSPP recommendation.
 ##
 ## https://www.kernel.org/doc/html/latest/dev-tools/kfence.html
+## https://google.github.io/kernel-sanitizers/KFENCE.html
+## https://blogs.oracle.com/linux/post/linux-slub-allocator-internals-and-debugging-4
+## https://lwn.net/Articles/835542/
 ##
 GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX kfence.sample_interval=100"