[PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer

[PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 02/17] khwasan: move common kasan and khwasan code to common.c · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 08/17] khwasan, arm64: fix up fault handling logic · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 12/17] khwasan: add bug reporting routines · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 17/17] kasan: add SPDX-License-Identifier mark to source files · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 16/17] khwasan: update kasan documentation · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 15/17] khwasan, mm, arm64: tag non slab memory allocated via pagealloc · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 13/17] khwasan: add hooks implementation · Andrey Konovalov <hidden> · 2018-06-26
Re: [PATCH v4 13/17] khwasan: add hooks implementation · "Vincenzo Frascino@Foss" <vincenzo.frascino@arm.com> · 2018-07-25
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Andrey Konovalov <hidden> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Andrey Ryabinin <hidden> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Dmitry Vyukov <dvyukov@google.com> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Christopher Lameter <hidden> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Dmitry Vyukov <dvyukov@google.com> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Andrey Ryabinin <hidden> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Dmitry Vyukov <dvyukov@google.com> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Andrey Ryabinin <hidden> · 2018-07-31
Re: [PATCH v4 13/17] khwasan: add hooks implementation · Andrey Konovalov <hidden> · 2018-07-31
[PATCH v4 14/17] khwasan, arm64: add brk handler for inline instrumentation · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 11/17] khwasan: split out kasan_report.c from report.c · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 09/17] khwasan, arm64: enable top byte ignore for the kernel · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 10/17] khwasan, mm: perform untagged pointers comparison in krealloc · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 07/17] khwasan: add tag related helper functions · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 06/17] khwasan, arm64: untag virt address in __kimg_to_phys and _virt_addr_is_linear · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 05/17] khwasan: initialize shadow to 0xff · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 03/17] khwasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 04/17] khwasan, arm64: adjust shadow size for CONFIG_KASAN_HW · Andrey Konovalov <hidden> · 2018-06-26
[PATCH v4 01/17] khwasan, mm: change kasan hooks signatures · Andrey Konovalov <hidden> · 2018-06-26
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrew Morton <akpm@linux-foundation.org> · 2018-06-27
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Kostya Serebryany <hidden> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Geert Uytterhoeven <geert@linux-m68k.org> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Matthew Wilcox <willy@infradead.org> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Evgenii Stepanov <hidden> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrew Morton <akpm@linux-foundation.org> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Mark Rutland <mark.rutland@arm.com> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrew Morton <akpm@linux-foundation.org> · 2018-06-30
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Evgenii Stepanov <hidden> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrew Morton <akpm@linux-foundation.org> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Evgenii Stepanov <hidden> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrew Morton <akpm@linux-foundation.org> · 2018-07-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dave Martin <Dave.Martin@arm.com> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-28
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Mark Rutland <mark.rutland@arm.com> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dave Martin <Dave.Martin@arm.com> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Luc Van Oostenryck <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dan Carpenter <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Will Deacon <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-06-29
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Will Deacon <hidden> · 2018-07-03
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-07-18
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Konovalov <hidden> · 2018-07-31
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Will Deacon <hidden> · 2018-08-01
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dmitry Vyukov <dvyukov@google.com> · 2018-08-01
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Catalin Marinas <catalin.marinas@arm.com> · 2018-08-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dmitry Vyukov <dvyukov@google.com> · 2018-08-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Catalin Marinas <catalin.marinas@arm.com> · 2018-08-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Andrey Ryabinin <hidden> · 2018-08-02
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Will Deacon <hidden> · 2018-08-03
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dmitry Vyukov <dvyukov@google.com> · 2018-08-03
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Will Deacon <hidden> · 2018-08-08
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Dmitry Vyukov <dvyukov@google.com> · 2018-08-08
Re: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer · Catalin Marinas <catalin.marinas@arm.com> · 2018-06-29

From: akpm@linux-foundation.org (Andrew Morton)
Date: 2018-07-02 20:30:28
Also in: linux-doc, linux-kbuild, linux-mm, lkml

On Mon, 2 Jul 2018 13:22:23 -0700 Evgenii Stepanov [off-list ref] wrote:

On Mon, Jul 2, 2018 at 12:21 PM, Andrew Morton
[off-list ref] wrote:

quoted

On Mon, 2 Jul 2018 12:16:42 -0700 Evgenii Stepanov [off-list ref] wrote:

quoted

On Fri, Jun 29, 2018 at 7:41 PM, Andrew Morton
[off-list ref] wrote:

quoted

On Fri, 29 Jun 2018 14:45:08 +0200 Andrey Konovalov [off-list ref] wrote:

quoted

What kind of memory consumption testing would you like to see?

Well, 100kb or so is a teeny amount on virtually any machine.  I'm
assuming the savings are (much) more significant once the machine gets
loaded up and doing work?

So with clean kernel after boot we get 40 kb memory usage. With KASAN
it is ~120 kb, which is 200% overhead. With KHWASAN it's 50 kb, which
is 25% overhead. This should approximately scale to any amounts of
used slab memory. For example with 100 mb memory usage we would get
+200 mb for KASAN and +25 mb with KHWASAN. (And KASAN also requires
quarantine for better use-after-free detection). I can explicitly
mention the overhead in %s in the changelog.

If you think it makes sense, I can also make separate measurements
with some workload. What kind of workload should I use?

Whatever workload people were running when they encountered problems
with KASAN memory consumption ;)

I dunno, something simple.  `find / > /dev/null'?

Looking at a live Android device under load, slab (according to
/proc/meminfo) + kernel stack take 8-10% available RAM (~350MB).
Kasan's overhead of 2x - 3x on top of it is not insignificant.

(top-posting repaired.  Please don't)

For a debugging, not-for-production-use feature, that overhead sounds
quite acceptable to me.  What problems is it known to cause?

Not having this overhead enables near-production use - ex. running
kasan/khasan kernel on a personal, daily-use device to catch bugs that
do not reproduce in test configuration. These are the ones that often
cost the most engineering time to track down.

CPU overhead is bad, but generally tolerable. RAM is critical, in our
experience. Once it gets low enough, OOM-killer makes your life
miserable.

OK, anecdotal experience works for me.  But this is all stuff that
should have been in the changelog from day zero, please.  It describes
the reason for the patchset's existence!

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help