From: Vlastimil Babka <vbabka@suse.cz>
To: Georgi Djakov <georgi.djakov@linaro.org>,
linux-mm@kvack.org, akpm@linux-foundation.org, cl@linux.com,
penberg@kernel.org, rientjes@google.com, iamjoonsoo.kim@lge.com
Cc: corbet@lwn.net, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mm/slub: Add slub_debug option to panic on memory corruption
Date: Tue, 9 Mar 2021 16:09:45 +0100 [thread overview]
Message-ID: <390d8a2f-ead9-48a9-99eb-65c73bd18422@suse.cz> (raw)
In-Reply-To: <20210309134720.29052-1-georgi.djakov@linaro.org>
On 3/9/21 2:47 PM, Georgi Djakov wrote:
> Being able to stop the system immediately when a memory corruption
> is detected is crucial to finding the source of it. This is very
> useful when the memory can be inspected with kdump or other tools.
Is this in some testing scenarios where you would also use e.g. panic_on_warn?
We could hook to that. If not, we could introduce a new
panic_on_memory_corruption that would apply also for debug_pagealloc and whatnot?
> Let's add an option panic the kernel when slab debug catches an
> object or list corruption.
>
> This new option is not enabled by default (yet), so it needs to be
> enabled explicitly (for example by adding "slub_debug=FZPUC" to
> the kernel command line).
>
> Signed-off-by: Georgi Djakov <georgi.djakov@linaro.org>
> ---
> Documentation/vm/slub.rst | 1 +
> include/linux/slab.h | 3 +++
> mm/slab.h | 2 +-
> mm/slub.c | 9 +++++++++
> 4 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/vm/slub.rst b/Documentation/vm/slub.rst
> index 03f294a638bd..32878c44f3de 100644
> --- a/Documentation/vm/slub.rst
> +++ b/Documentation/vm/slub.rst
> @@ -53,6 +53,7 @@ Possible debug options are::
> Z Red zoning
> P Poisoning (object and padding)
> U User tracking (free and alloc)
> + C Panic on object corruption (enables SLAB_CORRUPTION_PANIC)
> T Trace (please only use on single slabs)
> A Enable failslab filter mark for the cache
> O Switch debugging off for caches that would have
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 0c97d788762c..ebff5e704d08 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -39,6 +39,9 @@
> #define SLAB_STORE_USER ((slab_flags_t __force)0x00010000U)
> /* Panic if kmem_cache_create() fails */
> #define SLAB_PANIC ((slab_flags_t __force)0x00040000U)
> +/* Panic if memory corruption is detected */
> +#define SLAB_CORRUPTION_PANIC ((slab_flags_t __force)0x00080000U)
> +
> /*
> * SLAB_TYPESAFE_BY_RCU - **WARNING** READ THIS!
> *
> diff --git a/mm/slab.h b/mm/slab.h
> index 120b1d0dfb6d..ae0079017fc6 100644
> --- a/mm/slab.h
> +++ b/mm/slab.h
> @@ -134,7 +134,7 @@ static inline slab_flags_t kmem_cache_flags(unsigned int object_size,
> #define SLAB_DEBUG_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER)
> #elif defined(CONFIG_SLUB_DEBUG)
> #define SLAB_DEBUG_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \
> - SLAB_TRACE | SLAB_CONSISTENCY_CHECKS)
> + SLAB_TRACE | SLAB_CONSISTENCY_CHECKS | SLAB_CORRUPTION_PANIC)
> #else
> #define SLAB_DEBUG_FLAGS (0)
> #endif
> diff --git a/mm/slub.c b/mm/slub.c
> index 077a019e4d7a..49351427f701 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -741,6 +741,8 @@ void object_err(struct kmem_cache *s, struct page *page,
> {
> slab_bug(s, "%s", reason);
> print_trailer(s, page, object);
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic(reason);
> }
>
> static __printf(3, 4) void slab_err(struct kmem_cache *s, struct page *page,
> @@ -755,6 +757,8 @@ static __printf(3, 4) void slab_err(struct kmem_cache *s, struct page *page,
> slab_bug(s, "%s", buf);
> print_page_info(page);
> dump_stack();
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic("slab: slab error\n");
> }
>
> static void init_object(struct kmem_cache *s, void *object, u8 val)
> @@ -776,6 +780,8 @@ static void init_object(struct kmem_cache *s, void *object, u8 val)
> static void restore_bytes(struct kmem_cache *s, char *message, u8 data,
> void *from, void *to)
> {
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic("slab: object overwritten\n");
> slab_fix(s, "Restoring 0x%p-0x%p=0x%x\n", from, to - 1, data);
> memset(from, data, to - from);
> }
> @@ -1319,6 +1325,9 @@ parse_slub_debug_flags(char *str, slab_flags_t *flags, char **slabs, bool init)
> case 'a':
> *flags |= SLAB_FAILSLAB;
> break;
> + case 'c':
> + *flags |= SLAB_CORRUPTION_PANIC;
> + break;
> case 'o':
> /*
> * Avoid enabling debugging on caches if its minimum
>
next prev parent reply other threads:[~2021-03-09 15:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-09 13:47 [PATCH] mm/slub: Add slub_debug option to panic on memory corruption Georgi Djakov
2021-03-09 14:56 ` Christoph Lameter
2021-03-09 14:56 ` Christoph Lameter
2021-03-09 18:12 ` Georgi Djakov
2021-03-09 15:09 ` Vlastimil Babka [this message]
2021-03-09 18:14 ` Georgi Djakov
2021-03-09 18:18 ` Vlastimil Babka
2021-03-18 5:48 ` Kees Cook
2021-03-18 12:56 ` Vlastimil Babka
2021-03-18 17:08 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=390d8a2f-ead9-48a9-99eb-65c73bd18422@suse.cz \
--to=vbabka@suse.cz \
--cc=akpm@linux-foundation.org \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=georgi.djakov@linaro.org \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.