On 10/23/24 10:56, Dmitry Vyukov wrote: >> >> Overall while I sympathise with this, it feels dangerous and a pretty major >> change, because there'll be something somewhere that will break because it >> expects faults to be swallowed that we no longer do swallow. >> >> So I'd say it'd be something we should defer, but of course it's a highly >> user-facing change so how easy that would be I don't know. >> >> But I definitely don't think a 'introduce the ability to do cheap PROT_NONE >> guards' series is the place to also fundmentally change how user access >> page faults are handled within the kernel :) > > Will delivering signals on kernel access be a backwards compatible > change? Or will we need a different API? MADV_GUARD_POISON_KERNEL? > It's just somewhat painful to detect/update all userspace if we add > this feature in future. Can we say signal delivery on kernel accesses > is unspecified? Would adding signal delivery to guard PTEs only help enough the ASAN etc usecase? Wouldn't it be instead possible to add some prctl to opt-in the whole ASANized process to deliver all existing segfaults as signals instead of -EFAULT ?
