From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-11.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL
	autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 82F9CC55ABD
	for <linux-kernel@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:59 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 22B082220B
	for <linux-kernel@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:59 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qyNRVH7u"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728308AbgKLLy5 (ORCPT
        <rfc822;linux-kernel@archiver.kernel.org>);
        Thu, 12 Nov 2020 06:54:57 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35052 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728258AbgKLLyK (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 12 Nov 2020 06:54:10 -0500
Received: from mail-oi1-x244.google.com (mail-oi1-x244.google.com [IPv6:2607:f8b0:4864:20::244])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB609C0613D4
        for <linux-kernel@vger.kernel.org>; Thu, 12 Nov 2020 03:54:10 -0800 (PST)
Received: by mail-oi1-x244.google.com with SMTP id k26so6096574oiw.0
        for <linux-kernel@vger.kernel.org>; Thu, 12 Nov 2020 03:54:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
        b=qyNRVH7uRoGzThfKw483bERogXvPswmjZdEz5MJBQOAA8C1JUzh65WV1lhObwodn73
         suo5Yk0UnhRryemiUBMfN6y6/HUGHEHda0SV/CsOo5SR5XONFZ1F5GNNqL5jm4BcKL1B
         8gYZAG9ef4GSkHW4Co/gIBaBefKRGAJpesJ2IH4rX7EQ76gaclcRcNFMOp/zEcZkv3Kq
         yppNW/4xzLclkPK7JYaeDxEtKHHslLCdoJMgyxbuPOAPQr/sDdYtgOQHFcKPBkV8W6LM
         ozxpOka/pOr7VY0UBS3tl5PGcqaJhljMlLL0Okb5srW7n9Xs7ygh024NH1UCzeNuiNnD
         PpMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
        b=QNOeyqjx7CrZ+2IrPQ9YBK3XOpzdd0G5D9KxavMCy2rO4/S8HQUJmxEcryHPoV5KYo
         YsNCHa49CRwj9YqckauK7J7kM3gKVCJMm02r7MsFIl5NLG+SYZyaZbT5YOn2YOBHLu2F
         Zz/N2gLCxhRW0+ATsxPXHP9xCy04wbgrsm9YPrZGR/GwZSX+DHurU6mmN1mVx2ZTv9iz
         uunaWtL7M2yZp0p4FkQSBFc8euofyMaaWTKVJb++YlyWWz0oT5YkzwpgPGEru1lNu3Jd
         vp1nEpylSGGie6+VCSfLYek1WnooZDME++YwBh4FROO0orbwnHcUJK/mEE81SQIoqV9F
         ZpBg==
X-Gm-Message-State: AOAM531fwIzEj0ISusyg4D9bs5a73989J9KEit9zoD1POg+QMms+c6ne
        xlcHMdmJBuwraGOuNpNXAMJUv73MHH1v2SvF+J9Z7w==
X-Google-Smtp-Source: ABdhPJzw0WWPF3x4VWyvJ/ZtTENi7KPBKfvDdxy5eksYbb8mHqBCAuDM5Y0bFcDPklnH9Xhdo7Aj5DJw9dg6jSrxzrc=
X-Received: by 2002:aca:a988:: with SMTP id s130mr5397138oie.172.1605182049579;
 Thu, 12 Nov 2020 03:54:09 -0800 (PST)
MIME-Version: 1.0
References: <cover.1605046662.git.andreyknvl@google.com> <fdf9e3aec8f57ebb2795710195f8aaf79e3b45bd.1605046662.git.andreyknvl@google.com>
 <20201112113541.GK29613@gaia>
In-Reply-To: <20201112113541.GK29613@gaia>
From:   Marco Elver <elver@google.com>
Date:   Thu, 12 Nov 2020 12:53:58 +0100
Message-ID: <CANpmjNMsxME==wFhk=aSaz19iX4Dj8HBXqjhDg5aG_iR-uk7Cg@mail.gmail.com>
Subject: Re: [PATCH v2 11/20] kasan: add and integrate kasan boot parameters
To:     Catalin Marinas <catalin.marinas@arm.com>
Cc:     Andrey Konovalov <andreyknvl@google.com>,
        Dmitry Vyukov <dvyukov@google.com>,
        Alexander Potapenko <glider@google.com>,
        Will Deacon <will.deacon@arm.com>,
        Vincenzo Frascino <vincenzo.frascino@arm.com>,
        Evgenii Stepanov <eugenis@google.com>,
        Andrey Ryabinin <aryabinin@virtuozzo.com>,
        Branislav Rankov <Branislav.Rankov@arm.com>,
        Kevin Brodsky <kevin.brodsky@arm.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        kasan-dev <kasan-dev@googlegroups.com>,
        Linux ARM <linux-arm-kernel@lists.infradead.org>,
        Linux Memory Management List <linux-mm@kvack.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 12 Nov 2020 at 12:35, Catalin Marinas <catalin.marinas@arm.com> wrote:
>
> On Tue, Nov 10, 2020 at 11:20:15PM +0100, Andrey Konovalov wrote:
> > Hardware tag-based KASAN mode is intended to eventually be used in
> > production as a security mitigation. Therefore there's a need for finer
> > control over KASAN features and for an existence of a kill switch.
> >
> > This change adds a few boot parameters for hardware tag-based KASAN that
> > allow to disable or otherwise control particular KASAN features.
> >
> > The features that can be controlled are:
> >
> > 1. Whether KASAN is enabled at all.
> > 2. Whether KASAN collects and saves alloc/free stacks.
> > 3. Whether KASAN panics on a detected bug or not.
> >
> > With this change a new boot parameter kasan.mode allows to choose one of
> > three main modes:
> >
> > - kasan.mode=off - KASAN is disabled, no tag checks are performed
> > - kasan.mode=prod - only essential production features are enabled
> > - kasan.mode=full - all KASAN features are enabled
>
> Alternative naming if we want to avoid "production" (in case someone
> considers MTE to be expensive in a production system):
>
> - kasan.mode=off
> - kasan.mode=on
> - kasan.mode=debug

I believe this was what it was in RFC, and we had a long discussion on
what might be the most intuitive options. Since KASAN is still a
debugging tool for the most part, an "on" mode might imply we get all
the debugging facilities of regular KASAN. However, this is not the
case and misleading. Hence, we decided to be more explicit and avoid
"on".

> Anyway, whatever you prefer is fine by me:
>
> Acked-by: Catalin Marinas <catalin.marinas@arm.com>

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Ki9e=ES=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-11.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL
	autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6D6C5C2D0A3
	for <linux-mm@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:13 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id C79EB2220B
	for <linux-mm@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:12 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qyNRVH7u"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C79EB2220B
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 9EBC56B005D; Thu, 12 Nov 2020 06:54:11 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 99C496B006C; Thu, 12 Nov 2020 06:54:11 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 864486B006E; Thu, 12 Nov 2020 06:54:11 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0063.hostedemail.com [216.40.44.63])
	by kanga.kvack.org (Postfix) with ESMTP id 5A0D86B005D
	for <linux-mm@kvack.org>; Thu, 12 Nov 2020 06:54:11 -0500 (EST)
Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id 061843625
	for <linux-mm@kvack.org>; Thu, 12 Nov 2020 11:54:11 +0000 (UTC)
X-FDA: 77475607902.26.rub00_3f0871027306
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin26.hostedemail.com (Postfix) with ESMTP id D7CFE1804B65A
	for <linux-mm@kvack.org>; Thu, 12 Nov 2020 11:54:10 +0000 (UTC)
X-HE-Tag: rub00_3f0871027306
X-Filterd-Recvd-Size: 4920
Received: from mail-oi1-f195.google.com (mail-oi1-f195.google.com [209.85.167.195])
	by imf24.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Thu, 12 Nov 2020 11:54:10 +0000 (UTC)
Received: by mail-oi1-f195.google.com with SMTP id c80so6071340oib.2
        for <linux-mm@kvack.org>; Thu, 12 Nov 2020 03:54:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
        b=qyNRVH7uRoGzThfKw483bERogXvPswmjZdEz5MJBQOAA8C1JUzh65WV1lhObwodn73
         suo5Yk0UnhRryemiUBMfN6y6/HUGHEHda0SV/CsOo5SR5XONFZ1F5GNNqL5jm4BcKL1B
         8gYZAG9ef4GSkHW4Co/gIBaBefKRGAJpesJ2IH4rX7EQ76gaclcRcNFMOp/zEcZkv3Kq
         yppNW/4xzLclkPK7JYaeDxEtKHHslLCdoJMgyxbuPOAPQr/sDdYtgOQHFcKPBkV8W6LM
         ozxpOka/pOr7VY0UBS3tl5PGcqaJhljMlLL0Okb5srW7n9Xs7ygh024NH1UCzeNuiNnD
         PpMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
        b=nBX29TVaG4N7/7WAVu0ZdCfWsIo6S4vq2ebeKI4IsaZz+AsWR7UyzGkYNSa+wsB8OT
         mzELho0L4ylS83ALPoBbESFxCmlmmxcTi8jOkXqDz6F44Lm4wYdk0IGIkg+U1q7ayaYg
         ZjpJNpZwPU8oDxXHtl5rhnePkb7Bn5Z6Yb1KvQ+7Nv0dVCUT8Z2Cef+W4ETC2UGiFfIX
         LxUbNfPYA66Ha/19QTlrr9bgkTE7IKn9ynn/iksUjJ1GZThcKiJEqMb+d84nRJjyYNkm
         g2j3iutVEBMxjvPn/F8bt1bkD9/bff4d7kKkjBh26FrxX99YGiAF2KnJ3Bjfjr3KQueM
         w6BA==
X-Gm-Message-State: AOAM533Sc8NVHIrJntr7Jqzx8Ir4mm2BxVGZpv5V9UxG85s/7MhZe0Am
	2LgTqjnn+SarXYxTK+NO0/HOqiPFgUIwS4ikokT9bw==
X-Google-Smtp-Source: ABdhPJzw0WWPF3x4VWyvJ/ZtTENi7KPBKfvDdxy5eksYbb8mHqBCAuDM5Y0bFcDPklnH9Xhdo7Aj5DJw9dg6jSrxzrc=
X-Received: by 2002:aca:a988:: with SMTP id s130mr5397138oie.172.1605182049579;
 Thu, 12 Nov 2020 03:54:09 -0800 (PST)
MIME-Version: 1.0
References: <cover.1605046662.git.andreyknvl@google.com> <fdf9e3aec8f57ebb2795710195f8aaf79e3b45bd.1605046662.git.andreyknvl@google.com>
 <20201112113541.GK29613@gaia>
In-Reply-To: <20201112113541.GK29613@gaia>
From: Marco Elver <elver@google.com>
Date: Thu, 12 Nov 2020 12:53:58 +0100
Message-ID: <CANpmjNMsxME==wFhk=aSaz19iX4Dj8HBXqjhDg5aG_iR-uk7Cg@mail.gmail.com>
Subject: Re: [PATCH v2 11/20] kasan: add and integrate kasan boot parameters
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Andrey Konovalov <andreyknvl@google.com>, Dmitry Vyukov <dvyukov@google.com>, 
	Alexander Potapenko <glider@google.com>, Will Deacon <will.deacon@arm.com>, 
	Vincenzo Frascino <vincenzo.frascino@arm.com>, Evgenii Stepanov <eugenis@google.com>, 
	Andrey Ryabinin <aryabinin@virtuozzo.com>, Branislav Rankov <Branislav.Rankov@arm.com>, 
	Kevin Brodsky <kevin.brodsky@arm.com>, Andrew Morton <akpm@linux-foundation.org>, 
	kasan-dev <kasan-dev@googlegroups.com>, 
	Linux ARM <linux-arm-kernel@lists.infradead.org>, 
	Linux Memory Management List <linux-mm@kvack.org>, LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, 12 Nov 2020 at 12:35, Catalin Marinas <catalin.marinas@arm.com> wrote:
>
> On Tue, Nov 10, 2020 at 11:20:15PM +0100, Andrey Konovalov wrote:
> > Hardware tag-based KASAN mode is intended to eventually be used in
> > production as a security mitigation. Therefore there's a need for finer
> > control over KASAN features and for an existence of a kill switch.
> >
> > This change adds a few boot parameters for hardware tag-based KASAN that
> > allow to disable or otherwise control particular KASAN features.
> >
> > The features that can be controlled are:
> >
> > 1. Whether KASAN is enabled at all.
> > 2. Whether KASAN collects and saves alloc/free stacks.
> > 3. Whether KASAN panics on a detected bug or not.
> >
> > With this change a new boot parameter kasan.mode allows to choose one of
> > three main modes:
> >
> > - kasan.mode=off - KASAN is disabled, no tag checks are performed
> > - kasan.mode=prod - only essential production features are enabled
> > - kasan.mode=full - all KASAN features are enabled
>
> Alternative naming if we want to avoid "production" (in case someone
> considers MTE to be expensive in a production system):
>
> - kasan.mode=off
> - kasan.mode=on
> - kasan.mode=debug

I believe this was what it was in RFC, and we had a long discussion on
what might be the most intuitive options. Since KASAN is still a
debugging tool for the most part, an "on" mode might imply we get all
the debugging facilities of regular KASAN. However, this is not the
case and misleading. Hence, we decided to be more explicit and avoid
"on".

> Anyway, whatever you prefer is fine by me:
>
> Acked-by: Catalin Marinas <catalin.marinas@arm.com>


From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=sTYh=ES=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2F6AFC55ABD
	for <linux-arm-kernel@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:48 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A821D221FE
	for <linux-arm-kernel@archiver.kernel.org>; Thu, 12 Nov 2020 11:54:47 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="nyemWSVu";
	dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="qyNRVH7u"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A821D221FE
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:To:Subject:Message-ID:Date:From:In-Reply-To:
	References:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=3IxZTxKzseznJJysRi1mPAysZFUJD1+ePHPpYvaLlfY=; b=nyemWSVuiZxfXXSjTpzCiTQSv
	U2tGzF94h7TXyPUPR3G3CDgkK0zlQuAw9A0Xix59Pzf37nbxNGLWoa1YcqueWs3C0Bd2l6oQjMOvS
	Es9gyVBFvRN3/wjncTesXyE1GccmdPzRDH5Hujm+iwRXDXEU/PtwFpnref2BeL/b4nGRl0WEogdBR
	h2Iv2JEiHS0gK/nDL20i8jfkqc7iD1m7Lj9+quFXvOo7scpYkd7cYMDc1RbVHFqZdXgu+Onpm9QcI
	bmM8lTJpIV3+h1cVaeTAfjHcIPVAHZVtjEFJfV0RKhFrRE6TDWthdN2ewW/tibBKGOHDLXkxC+JlA
	yHwc1vPgA==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kdBBC-00080Q-QT; Thu, 12 Nov 2020 11:54:18 +0000
Received: from mail-oi1-x244.google.com ([2607:f8b0:4864:20::244])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kdBB6-0007yB-6i
 for linux-arm-kernel@lists.infradead.org; Thu, 12 Nov 2020 11:54:13 +0000
Received: by mail-oi1-x244.google.com with SMTP id q206so6012587oif.13
 for <linux-arm-kernel@lists.infradead.org>;
 Thu, 12 Nov 2020 03:54:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
 b=qyNRVH7uRoGzThfKw483bERogXvPswmjZdEz5MJBQOAA8C1JUzh65WV1lhObwodn73
 suo5Yk0UnhRryemiUBMfN6y6/HUGHEHda0SV/CsOo5SR5XONFZ1F5GNNqL5jm4BcKL1B
 8gYZAG9ef4GSkHW4Co/gIBaBefKRGAJpesJ2IH4rX7EQ76gaclcRcNFMOp/zEcZkv3Kq
 yppNW/4xzLclkPK7JYaeDxEtKHHslLCdoJMgyxbuPOAPQr/sDdYtgOQHFcKPBkV8W6LM
 ozxpOka/pOr7VY0UBS3tl5PGcqaJhljMlLL0Okb5srW7n9Xs7ygh024NH1UCzeNuiNnD
 PpMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=1o9Kbu1VGM16HQ/aEUEXh5dMeJ0YbhrbAtdFyS8sHt8=;
 b=ZSLIKZTfujBvv1UsJvoc06wLy4GK2squb9Slu9XdFdTHCZ35vl1I7UWCPH2cr2i66a
 +Zq/K9LXF5pX8QlBRLLEFAyuQxCq8+r0vJpI6Xy134OiNe+qLQaqIXpiJJyM7ZUG8pQn
 18rmv5gozYkYHzETXIrQSuBWupZPyVcRWTeM7iLn7GjqjOOhoqrIW7wyYSgeRqrOWhAC
 WP/xLdGAEA92Puk8++1JNPPv1PIX2r7wptotZAs7vz7WyNnVUUOplp5FeaW+DumURHwj
 7Q0KFWNdQs9ahWRpedloO3Yi4NsW3zz3dqvas5gPpHFKmY+aORlUMdWQBA90PgYeLwnC
 EEKQ==
X-Gm-Message-State: AOAM531Y1W5OP4fxChS45ayhS2BxvO+RFEHWD6KSrG4Gfzzg1OyiLcfp
 gOUCkG4mZNz25whYu+x4zaMIDtnYXr5qeYhn3+SHAQ==
X-Google-Smtp-Source: ABdhPJzw0WWPF3x4VWyvJ/ZtTENi7KPBKfvDdxy5eksYbb8mHqBCAuDM5Y0bFcDPklnH9Xhdo7Aj5DJw9dg6jSrxzrc=
X-Received: by 2002:aca:a988:: with SMTP id s130mr5397138oie.172.1605182049579; 
 Thu, 12 Nov 2020 03:54:09 -0800 (PST)
MIME-Version: 1.0
References: <cover.1605046662.git.andreyknvl@google.com>
 <fdf9e3aec8f57ebb2795710195f8aaf79e3b45bd.1605046662.git.andreyknvl@google.com>
 <20201112113541.GK29613@gaia>
In-Reply-To: <20201112113541.GK29613@gaia>
From: Marco Elver <elver@google.com>
Date: Thu, 12 Nov 2020 12:53:58 +0100
Message-ID: <CANpmjNMsxME==wFhk=aSaz19iX4Dj8HBXqjhDg5aG_iR-uk7Cg@mail.gmail.com>
Subject: Re: [PATCH v2 11/20] kasan: add and integrate kasan boot parameters
To: Catalin Marinas <catalin.marinas@arm.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20201112_065412_495032_1CED8FDF 
X-CRM114-Status: GOOD (  19.80  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Linux ARM <linux-arm-kernel@lists.infradead.org>,
 Branislav Rankov <Branislav.Rankov@arm.com>,
 Andrey Konovalov <andreyknvl@google.com>,
 Kevin Brodsky <kevin.brodsky@arm.com>, Will Deacon <will.deacon@arm.com>,
 LKML <linux-kernel@vger.kernel.org>, kasan-dev <kasan-dev@googlegroups.com>,
 Linux Memory Management List <linux-mm@kvack.org>,
 Alexander Potapenko <glider@google.com>, Dmitry Vyukov <dvyukov@google.com>,
 Andrey Ryabinin <aryabinin@virtuozzo.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>,
 Evgenii Stepanov <eugenis@google.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

On Thu, 12 Nov 2020 at 12:35, Catalin Marinas <catalin.marinas@arm.com> wrote:
>
> On Tue, Nov 10, 2020 at 11:20:15PM +0100, Andrey Konovalov wrote:
> > Hardware tag-based KASAN mode is intended to eventually be used in
> > production as a security mitigation. Therefore there's a need for finer
> > control over KASAN features and for an existence of a kill switch.
> >
> > This change adds a few boot parameters for hardware tag-based KASAN that
> > allow to disable or otherwise control particular KASAN features.
> >
> > The features that can be controlled are:
> >
> > 1. Whether KASAN is enabled at all.
> > 2. Whether KASAN collects and saves alloc/free stacks.
> > 3. Whether KASAN panics on a detected bug or not.
> >
> > With this change a new boot parameter kasan.mode allows to choose one of
> > three main modes:
> >
> > - kasan.mode=off - KASAN is disabled, no tag checks are performed
> > - kasan.mode=prod - only essential production features are enabled
> > - kasan.mode=full - all KASAN features are enabled
>
> Alternative naming if we want to avoid "production" (in case someone
> considers MTE to be expensive in a production system):
>
> - kasan.mode=off
> - kasan.mode=on
> - kasan.mode=debug

I believe this was what it was in RFC, and we had a long discussion on
what might be the most intuitive options. Since KASAN is still a
debugging tool for the most part, an "on" mode might imply we get all
the debugging facilities of regular KASAN. However, this is not the
case and misleading. Hence, we decided to be more explicit and avoid
"on".

> Anyway, whatever you prefer is fine by me:
>
> Acked-by: Catalin Marinas <catalin.marinas@arm.com>

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel