From: Andrey Konovalov <andreyknvl@gmail.com>
To: Kuan-Ying Lee <kylee0686026@gmail.com>
Cc: Marco Elver <elver@google.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
Alexander Potapenko <glider@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
kasan-dev <kasan-dev@googlegroups.com>,
LKML <linux-kernel@vger.kernel.org>,
Linux Memory Management List <linux-mm@kvack.org>,
Walter Wu <walter-zh.wu@mediatek.com>
Subject: Re: [PATCH 1/1] kasan: add memory corruption identification for hardware tag-based mode
Date: Wed, 2 Jun 2021 15:29:12 +0300 [thread overview]
Message-ID: <CA+fCnZeXEiTi-k4_XkYTvE2mQcXvP0Ct1N5VDEFfPufFqz15+Q@mail.gmail.com> (raw)
In-Reply-To: <20210531155912.GC622@DESKTOP-PJLD54P.localdomain>
On Mon, May 31, 2021 at 6:59 PM Kuan-Ying Lee <kylee0686026@gmail.com> wrote:
>
> > >
> > > +config KASAN_HW_TAGS_IDENTIFY
> > > + bool "Enable memory corruption identification"
> > > + depends on KASAN_HW_TAGS
> > > + help
> > > + This option enables best-effort identification of bug type
> > > + (use-after-free or out-of-bounds) at the cost of increased
> > > + memory consumption.
> >
> > Can we rename KASAN_SW_TAGS_IDENTIFY -> KASAN_TAGS_IDENTIFY in a
> > separate patch and then use that?
> >
> > Or do we have a problem renaming this options if there are existing
> > users of it?
Using the single KASAN_TAGS_IDENTIFY config option is what I would like to see.
Since this is a purely debugging feature for a less popular KASAN
mode, I think renaming the config name is OK.
> I tend to keep KASAN_SW_TAGS_IDENTIFY and KASAN_HW_TAGS_IDENTIFY
> separately.
>
> We need these two configs to decide how many stacks we will store.
You can define KASAN_NR_FREE_STACKS to different values depending on
whether HW_TAGS or SW_TAGS is in use. I don't see a problem here.
> If we store as many stacks as SW tag-based kasan does(5 stacks), we might
> mistake out-of-bound issues for use-after-free sometime. Becuase HW
> tag-based kasan only has 16 kinds of tags. When Out-of-bound issues happened, it might
> find the same tag in the stack we just stored and mistake happened.
> There is high probability that this mistake will happen.
next prev parent reply other threads:[~2021-06-02 12:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-30 4:47 [PATCH 0/1] kasan: add memory corruption identification for hardware tag-based Kuan-Ying Lee
2021-05-30 4:47 ` [PATCH 1/1] kasan: add memory corruption identification for hardware tag-based mode Kuan-Ying Lee
2021-05-31 8:50 ` Marco Elver
2021-05-31 15:59 ` Kuan-Ying Lee
2021-06-02 12:29 ` Andrey Konovalov [this message]
2021-06-02 12:29 ` Andrey Konovalov
2021-06-02 12:24 ` Andrey Konovalov
2021-06-02 12:24 ` Andrey Konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+fCnZeXEiTi-k4_XkYTvE2mQcXvP0Ct1N5VDEFfPufFqz15+Q@mail.gmail.com \
--to=andreyknvl@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kylee0686026@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=ryabinin.a.a@gmail.com \
--cc=walter-zh.wu@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.