On 9/7/20 6:40 AM, Marco Elver wrote: > KFENCE is designed to be enabled in production kernels, and has near > zero performance overhead. Compared to KASAN, KFENCE trades performance > for precision. Could you talk a little bit about where you expect folks to continue to use KASAN? How would a developer or a tester choose which one to use? > KFENCE objects each reside on a dedicated page, at either the left or > right page boundaries. The pages to the left and right of the object > page are "guard pages", whose attributes are changed to a protected > state, and cause page faults on any attempted access to them. Such page > faults are then intercepted by KFENCE, which handles the fault > gracefully by reporting a memory access error. How much memory overhead does this end up having? I know it depends on the object size and so forth. But, could you give some real-world examples of memory consumption? Also, what's the worst case? Say I have a ton of worst-case-sized (32b) slab objects. Will I notice?
