On Sun, Sep 11, 2022 at 12:08 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > On Sun, Sep 11, 2022 at 09:59:22AM +0000, Pasha Tatashin wrote: > > Currently, page_table_check when detects errors panics kernel. Instead, > > print a warning, and panic only when specifically requested via kernel > > parameter: > > > > page_table_check=panic > > Why are the page table checks so special that they deserve their own > command line parameter? Why shouldn't this be controlled by the usual > panic_on_warn option? page_table_check can be used as a security feature preventing false page sharing between address spaces. For example, at Google we want it to keep enabled on production systems, yet we do not want to enable panic_on_warn as it would cause panics for many other reasons which are security unrelated. Pasha
