From: Shaobo Huang <huangshaobo6@huawei.com>
To: <elver@google.com>
Cc: <akpm@linux-foundation.org>, <chenzefeng2@huawei.com>,
<dvyukov@google.com>, <glider@google.com>,
<huangshaobo6@huawei.com>, <kasan-dev@googlegroups.com>,
<linux-kernel@vger.kernel.org>, <linux-mm@kvack.org>,
<nixiaoming@huawei.com>, <wangbing6@huawei.com>,
<wangfangpeng1@huawei.com>, <young.liuyang@huawei.com>,
<zengweilin@huawei.com>, <zhongjubin@huawei.com>
Subject: Re: [PATCH v2] kfence: enable check kfence canary in panic via boot param
Date: Mon, 25 Apr 2022 09:23:34 +0800 [thread overview]
Message-ID: <20220425012334.46364-1-huangshaobo6@huawei.com> (raw)
In-Reply-To: <CANpmjNPEErc2mZMSB=QyT3wq08Q4yGyTGiU3BrOBGV3R5rNw-w@mail.gmail.com>
On Sun, 24 Apr 2022 15:31:42 +0200, Marco Elver <elver@google.com> wrote:
> On Sun, 24 Apr 2022 at 13:00, Shaobo Huang <huangshaobo6@huawei.com> wrote:
> >
> > From: huangshaobo <huangshaobo6@huawei.com>
> >
> > when writing out of bounds to the red zone, it can only be
> > detected at kfree. However, the system may have been reset
> > before freeing the memory, which would result in undetected
> > oob. Therefore, it is necessary to detect oob behavior in
> > panic. Since only the allocated mem call stack is available,
> > it may be difficult to find the oob maker. Therefore, this
> > feature is disabled by default and can only be enabled via
> > boot parameter.
>
> This description is still not telling the full story or usecase. The
> story goes something like:
> """
> Out-of-bounds accesses that aren't caught by a guard page will result
> in corruption of canary memory. In pathological cases, where an object
> has certain alignment requirements, an out-of-bounds access might
> never be caught by the guard page. Such corruptions, however, are only
> detected on kfree() normally. If the bug causes the kernel to panic
> before kfree(), KFENCE has no opportunity to report the issue. Such
> corruptions may also indicate failing memory or other faults.
>
> To provide some more information in such cases, add the option to
> check canary bytes on panic. This might help narrow the search for the
> panic cause; but, due to only having the allocation stack trace, such
> reports are difficult to use to diagnose an issue alone. In most
> cases, such reports are inactionable, and is therefore an opt-in
> feature (disabled by default).
> """
>
> Please feel free to copy or take pieces above to complete the commit message.
>
> [...]
> > #include <linux/slab.h>
> > #include <linux/spinlock.h>
> > #include <linux/string.h>
> > +#include <linux/notifier.h>
> > +#include <linux/panic_notifier.h>
>
> Please keep these includes sorted alphabetically.
>
> [...]
> > +/* If true, check kfence canary in panic. */
>
> It should be "on panic". E.g. "If true, check all canary bytes on panic."
>
> [...]
> > +/* === Panic Notifier ====================================================== */
>
> Blank line between /* === ... */ and function.
thank you so much for your suggestion!
thanks,
ShaoBo Huang
next prev parent reply other threads:[~2022-04-25 1:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-24 10:59 [PATCH v2] kfence: enable check kfence canary in panic via boot param Shaobo Huang
2022-04-24 13:31 ` Marco Elver
2022-04-25 1:23 ` Shaobo Huang [this message]
2022-04-25 2:24 ` [PATCH v3] kfence: enable check kfence canary on " Shaobo Huang
2022-04-25 8:15 ` Marco Elver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220425012334.46364-1-huangshaobo6@huawei.com \
--to=huangshaobo6@huawei.com \
--cc=akpm@linux-foundation.org \
--cc=chenzefeng2@huawei.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nixiaoming@huawei.com \
--cc=wangbing6@huawei.com \
--cc=wangfangpeng1@huawei.com \
--cc=young.liuyang@huawei.com \
--cc=zengweilin@huawei.com \
--cc=zhongjubin@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.