On Thu, 10 Sep 2020 at 16:58, Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote: > > On Mon, Sep 7, 2020 at 3:41 PM Marco Elver <elver@xxxxxxxxxx> wrote: > > +config KFENCE_NUM_OBJECTS > > + int "Number of guarded objects available" > > + default 255 > > + range 1 65535 > > + help > > + The number of guarded objects available. For each KFENCE object, 2 > > + pages are required; with one containing the object and two adjacent > > + ones used as guard pages. > > Hi Marco, > > Wonder if you tested build/boot with KFENCE_NUM_OBJECTS=65535? Can a > compiler create such a large object? Indeed, I get a "ld: kernel image bigger than KERNEL_IMAGE_SIZE". Let's lower it to something more reasonable. The main reason to have the limit is to constrain random configs and avoid the inevitable error reports. > > +config KFENCE_FAULT_INJECTION > > + int "Fault injection for stress testing" > > + default 0 > > + depends on EXPERT > > + help > > + The inverse probability with which to randomly protect KFENCE object > > + pages, resulting in spurious use-after-frees. The main purpose of > > + this option is to stress-test KFENCE with concurrent error reports > > + and allocations/frees. A value of 0 disables fault injection. > > I would name this differently. "FAULT_INJECTION" is already taken for > a different thing, so it's a bit confusing. > KFENCE_DEBUG_SOMETHING may be a better name. > It would also be good to make it very clear in the short description > that this is for testing of KFENCE itself. When I configure syzbot I > routinely can't figure out if various DEBUG configs detect user > errors, or enable additional unit tests, or something else. Makes sense, we'll change the name. > Maybe it should depend on DEBUG_KERNEL as well? EXPERT selects DEBUG_KERNEL, so depending on DEBUG_KERNEL doesn't make sense. > > +/* > > + * Get the canary byte pattern for @addr. Use a pattern that varies based on the > > + * lower 3 bits of the address, to detect memory corruptions with higher > > + * probability, where similar constants are used. > > + */ > > +#define KFENCE_CANARY_PATTERN(addr) ((u8)0xaa ^ (u8)((unsigned long)addr & 0x7)) > > (addr) in macro body Done for v2. > > + seq_con_printf(seq, > > + "kfence-#%zd [0x" PTR_FMT "-0x" PTR_FMT > > PTR_FMT is only used in this file, should it be declared in report.c? It's also used by the test. > Please post example reports somewhere. It's hard to figure out all > details of the reporting/formatting. They can be seen in Documentation added later in the series (also viewable here: https://github.com/google/kasan/blob/kfence/Documentation/dev-tools/kfence.rst) Thank you! -- Marco
