Re: [RFC PATCH 00/14] khwasan: kernel hardware assisted address sanitizer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Ingo,

On Sun, Mar 4, 2018 at 12:44 PM, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
> * Geert Uytterhoeven <geert@xxxxxxxxxxxxxx> wrote:
>> On Fri, Mar 2, 2018 at 8:44 PM, Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote:
>> > This patchset adds a new mode to KASAN, which is called KHWASAN (Kernel
>> > HardWare assisted Address SANitizer). There's still some work to do and
>> > there are a few TODOs in the code, so I'm publishing this as a RFC to
>> > collect some initial feedback.
>> >
>> > The plan is to implement HWASan [1] for the kernel with the incentive,
>> > that it's going to have comparable performance, but in the same time
>> > consume much less memory, trading that off for somewhat imprecise bug
>> > detection and being supported only for arm64.
>> >
>> > The overall idea of the approach used by KHWASAN is the following:
>> >
>> > 1. By using the Top Byte Ignore arm64 CPU feature, we can store pointer
>> >    tags in the top byte of each kernel pointer.
>>
>> And for how long will this be OK?
>
> Firstly it's not for production kernels, it's a hardware accelerator for an
> intrusive debug feature, so it shouldn't really matter, right?

Sorry, I didn't know it was a debug feature.

> Secondly, if the top byte is lost and the other 56 bits can still be used that
> gives a virtual memory space of up to 65,536 TB, which should be enough for a few
> years in the arm64 space, right?
>
>> Remembering:
>>   - AmigaBasic,
>>   - MacOS,
>>   - Emacs,
>>   - ...
>> They all tried to use the same trick, and did regret...
>> (AmigaBasic never survived this failure).
>
> The 64-bit address space is really a lot larger, and it's a debug-info feature in
> any case.

So that gives up ca. 25 years, less when considering address randomization.
But as long as it stays a debug feature...

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux