On Thu, Feb 18, 2021 at 8:46 PM David Hildenbrand <david@xxxxxxxxxx> wrote: > > > 1. For KASAN_GENERIC: leave everything as is to be able to detect > > these boot-time bugs. > > > > 2. For KASAN_SW_TAGS: remove boot-time poisoning via > > kasan_free_pages(), but use the "invalid" tag as the default shadow > > value. The end result should be the same: bad accesses will be > > detected. For unallocated memory as it has the default "invalid" tag, > > and for allocated memory as it's poisoned properly when > > allocated/freed. > > > > 3. For KASAN_HW_TAGS: just remove boot-time poisoning via > > kasan_free_pages(). As the memory tags have a random unspecified > > value, we'll still have a 15/16 chance to detect a memory corruption. > > > > This also makes sense from the performance perspective: KASAN_GENERIC > > isn't meant to be running in production, so having a larger perf > > impact is acceptable. The other two modes will be faster. > > Sounds in principle sane to me. I'll post a v2 soon, thanks! > Side note: I am not sure if anybody runs KASAN in production. Memory is > expensive. Feel free to prove me wrong, I'd be very interest in actual > users. We run KASAN_SW_TAGS on some dogfood testing devices, and KASAN_HW_TAGS is being developed with the goal to be running in production.
