[PATCH] mm, kasan: don't poison boot memory
Andrey Konovalov
andreyknvl at google.com
Thu Feb 18 15:26:36 EST 2021
On Thu, Feb 18, 2021 at 8:46 PM David Hildenbrand <david at redhat.com> wrote:
>
> > 1. For KASAN_GENERIC: leave everything as is to be able to detect
> > these boot-time bugs.
> >
> > 2. For KASAN_SW_TAGS: remove boot-time poisoning via
> > kasan_free_pages(), but use the "invalid" tag as the default shadow
> > value. The end result should be the same: bad accesses will be
> > detected. For unallocated memory as it has the default "invalid" tag,
> > and for allocated memory as it's poisoned properly when
> > allocated/freed.
> >
> > 3. For KASAN_HW_TAGS: just remove boot-time poisoning via
> > kasan_free_pages(). As the memory tags have a random unspecified
> > value, we'll still have a 15/16 chance to detect a memory corruption.
> >
> > This also makes sense from the performance perspective: KASAN_GENERIC
> > isn't meant to be running in production, so having a larger perf
> > impact is acceptable. The other two modes will be faster.
>
> Sounds in principle sane to me.
I'll post a v2 soon, thanks!
> Side note: I am not sure if anybody runs KASAN in production. Memory is
> expensive. Feel free to prove me wrong, I'd be very interest in actual
> users.
We run KASAN_SW_TAGS on some dogfood testing devices, and
KASAN_HW_TAGS is being developed with the goal to be running in
production.
More information about the linux-arm-kernel
mailing list