[PATCH RFC 00/10] KFENCE: A low-overhead sampling-based memory safety error detector
Dave Hansen
dave.hansen at intel.com
Tue Sep 8 10:52:21 EDT 2020
On 9/7/20 6:40 AM, Marco Elver wrote:
> KFENCE is designed to be enabled in production kernels, and has near
> zero performance overhead. Compared to KASAN, KFENCE trades performance
> for precision.
Could you talk a little bit about where you expect folks to continue to
use KASAN? How would a developer or a tester choose which one to use?
> KFENCE objects each reside on a dedicated page, at either the left or
> right page boundaries. The pages to the left and right of the object
> page are "guard pages", whose attributes are changed to a protected
> state, and cause page faults on any attempted access to them. Such page
> faults are then intercepted by KFENCE, which handles the fault
> gracefully by reporting a memory access error.
How much memory overhead does this end up having? I know it depends on
the object size and so forth. But, could you give some real-world
examples of memory consumption? Also, what's the worst case? Say I
have a ton of worst-case-sized (32b) slab objects. Will I notice?
More information about the linux-arm-kernel
mailing list