From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6955DC636CD for ; Tue, 7 Feb 2023 12:36:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B42146B00BF; Tue, 7 Feb 2023 07:36:09 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id AF0F06B00C1; Tue, 7 Feb 2023 07:36:09 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9B88B6B00C2; Tue, 7 Feb 2023 07:36:09 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 89F036B00BF for ; Tue, 7 Feb 2023 07:36:09 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 51A741A021F for ; Tue, 7 Feb 2023 12:36:09 +0000 (UTC) X-FDA: 80440443258.16.A36A10B Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) by imf17.hostedemail.com (Postfix) with ESMTP id 1928B4001A for ; Tue, 7 Feb 2023 12:36:06 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=quicinc.com header.s=qcppdkim1 header.b="pQ/FFpvD"; spf=pass (imf17.hostedemail.com: domain of quic_zhenhuah@quicinc.com designates 205.220.180.131 as permitted sender) smtp.mailfrom=quic_zhenhuah@quicinc.com; dmarc=pass (policy=none) header.from=quicinc.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1675773367; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KZsTfdQ9Oet7yI0memLm3A3tl8Wjny/GnTKvfjTpTsQ=; b=GK1B6DA9qlDGevGUNn78cTARa0QFfZLa9EIg2GXGL6IdZKGfXxXPOuHTeZ3f8MG6Ng9Iov uz9axZnkgpZW2Skq6dZ7TqBY+odX9+RH52d4+RHK0RDABbzLr94PbnbxFVgnYSqoaguv1l lZmc7KPsRb2MU7DT5FpTKTspTfK7e/U= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=quicinc.com header.s=qcppdkim1 header.b="pQ/FFpvD"; spf=pass (imf17.hostedemail.com: domain of quic_zhenhuah@quicinc.com designates 205.220.180.131 as permitted sender) smtp.mailfrom=quic_zhenhuah@quicinc.com; dmarc=pass (policy=none) header.from=quicinc.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675773367; a=rsa-sha256; cv=none; b=mINq6UxqrbfLoPP6Fv3cHleuDdSLkB9ZpySb9qguw2zwWcrov1cDsiiIppsAy7MbBU1Cen bzxx6+iJpHwGzfBPEPjW9CzUx7XWeg1Ct6lfw6S/tD73J/87jGpiilh+mpSRy9AoU4zppg FB58dFaMueWt51CKAkznTaRoaSisFC8= Received: from pps.filterd (m0279872.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 317CGrCd024892; Tue, 7 Feb 2023 12:35:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=message-id : date : mime-version : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding; s=qcppdkim1; bh=KZsTfdQ9Oet7yI0memLm3A3tl8Wjny/GnTKvfjTpTsQ=; b=pQ/FFpvDqNpb/DpA8ZfVjiO0k/PHYc8mItxSq7saqHnvH/zmJ/CdeGLszKvjCMrJtsKy WuUxiGZSPP7SQcgOTNYpNwxfdEM6w2sXqBGp39OZzJiLnmIAzDFPtNHRit+COGMVtspA 3Mzqofz4VDHMi8/f+zu4Hj0gtaWZqUAFZU2YdHm3xPXzJcP9KoA99rs3nf1odsUFAZbP 75/e7N3XFd4lLO85nTgDeGfjPh7KAMGqNZMDLnJ3preOoDgD6iMXj/FGcDx5X9Wo52w8 s9eBC0ICVbga0RJpFRAioGWog+dN6SlD7nlIDH3wz5hvnCOjLaxjh8HCGkS0cpE97+G3 xw== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3nkdun9888-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 07 Feb 2023 12:35:58 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 317CZvDd010098 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 7 Feb 2023 12:35:57 GMT Received: from [10.253.39.173] (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.36; Tue, 7 Feb 2023 04:35:55 -0800 Message-ID: <1575ba20-09b7-d38b-f57d-77671d8d97cd@quicinc.com> Date: Tue, 7 Feb 2023 20:35:52 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: [PATCH] mm: kfence: export kfence_enabled as global variables Content-Language: en-US To: Mark Rutland CC: Marco Elver , , , , , , References: <1675750519-1064-1-git-send-email-quic_zhenhuah@quicinc.com> From: Zhenhua Huang In-Reply-To: Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: CejaW7oia3gl9GcZ9I7UJWgUxzanRPXo X-Proofpoint-ORIG-GUID: CejaW7oia3gl9GcZ9I7UJWgUxzanRPXo X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-02-07_04,2023-02-06_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 phishscore=0 priorityscore=1501 mlxlogscore=999 bulkscore=0 clxscore=1015 malwarescore=0 spamscore=0 adultscore=0 lowpriorityscore=0 impostorscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2302070112 X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 1928B4001A X-Stat-Signature: po3uueaekdhdqm31io3unoowomdr49q4 X-Rspam-User: X-HE-Tag: 1675773366-19176 X-HE-Meta: U2FsdGVkX1+r64bBZCKvxk3hXQ+urCyJxPparZP5T9FDoXgdm4qHGaXHn32RrXUMrQ4rkS7jlnwlH5ly668apT6A0xhfVZqw2+T6z+nFeOmZZWlcyKh8GoYK7C2bpjcTZeLneauhcXdUBSVk8c4i/1UPNhtODyz0kc/3bbMh5KsMQ3Rm4qiNLFnJXJ1cxShrY89gyiWIyMetLMUKXiGiNZQ2S6+S1K3OG6qyHwmSLbbY3cWmqHpjK+x7wQkx4P48TLOR1+B6bCumbVU7Bke5aIygHD+cy1Kgsxe2flBzmMxgdUvjrMn59lJUUvn7TKmstRlAMIikxePyPxHa3N+IU+zV8fPW67kQGhMN3PQSZeXwcR330DzaF0i3jp/fUA99U8VJH5scQ8M0RFQwFj61+hrnUii5jhtaj+ZwOOuWQfhKG/wm3wC2SaN9mGNWqjlXCYsApZ+rrFj1e4g+fG18EynpuIYTztceZNzKkqyMUJUCMe3coIJWbRHvUZ6rnvr2jrbVbAlfJaUC971PrSf1wZh7RcFdWfmm1iWf62LHXZZhvXmXBlGDqFXuT+yvvSr80SBeh6qTaOnGMIsPzses7fPvK+8wadMsL9PYAfo0kcmK0HpdppSEhovCtSkBFgzM7JRJyTqD6sJ35qeh0NUaUpZ/2SifY0FYEGhpZoGpUPjM0W4iq+MecLYkfeb0ouQ7akCC2zf/EW6T6Rgb85lTxujbFb9n+ImLtv1TxgQMBtuX6Ao+JagdOVZzibPwkWgFI3rn2tXKSnBaCmn7S4jzr0QiKO6DCd4P4Zy5G8CuIRYZ0ixLqK7t8J17SEp43mJND20P/nFzUkaADUfiIngeuJCAejl4/k1rf9ZY8q4SiIiSJE1lUii4BWLoowABtQDBxbhdZi6JiWZBjZK1MI/RmztnWa6odfBiwaULrGHmPcQlNXdBaIScv8xj69THcJYBwlpuLkCeAHpykRHoJA/ GWufhzmC mvBwDxSCjznjipasm9nXT/AxddRQN/fsMvj4yXDowQLDVX7qDyHcbEwoRLeGBbt1j/dlhY3tXcJPLHHk9BrCtGgHrOCJIuMjPgn9alXoxcRL1ToqneRHjYWL7tvBSmsoYMdnYHux5CtlDp2IyvV1kjdbAr1tHuKSYq/NvUBQud5JacMXZaAsjybl74saUAeUpg5CtM5VZqkiGHRMWmZtMqT5Hxpa/6PPFmMKuZC0vs65RttBpOTFO0kP4IR5nRYpfHnMU7CKjT8grRqbctTcHrw+ck0VTVW6D4rRt7iQu6+DUZ2d+01YlCO1b1A6s91b7x2iUz5VBXj0DkBoR6zcD8TGRWtU1Gz/v0ZzttUZsjhTewFs= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Thanks Mark! On 2023/2/7 18:48, Mark Rutland wrote: > On Tue, Feb 07, 2023 at 03:46:53PM +0800, Zhenhua Huang wrote: >> Thanks Marco! >> >> On 2023/2/7 15:19, Marco Elver wrote: >>> On Tue, 7 Feb 2023 at 07:15, Zhenhua Huang wrote: >>>> >>>> Export the variable to ease the judgement of whether kfence enabled >>>> at runtime. It should be more precise than through kernel config >>>> "CONFIG_KFENCE". >>>> >>>> For example We can disable kfence at runtime using bootargs >>>> "kfence.sample_interval=0" but CONFIG_KFENCE enabled. >>>> It was false positive. >>>> >>>> Signed-off-by: Zhenhua Huang >>>> --- >>>> arch/arm64/mm/pageattr.c | 3 ++- >>>> include/linux/kfence.h | 2 ++ >>>> mm/kfence/core.c | 2 +- >>>> 3 files changed, 5 insertions(+), 2 deletions(-) >>>> >>>> diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c >>>> index 79dd201..208d780 100644 >>>> --- a/arch/arm64/mm/pageattr.c >>>> +++ b/arch/arm64/mm/pageattr.c >>>> @@ -7,6 +7,7 @@ >>>> #include >>>> #include >>>> #include >>>> +#include >>>> >>>> #include >>>> #include >>>> @@ -27,7 +28,7 @@ bool can_set_direct_map(void) >>>> * protect/unprotect single pages. >>>> */ >>>> return (rodata_enabled && rodata_full) || debug_pagealloc_enabled() || >>>> - IS_ENABLED(CONFIG_KFENCE); >>>> + kfence_enabled; >>> >>> Unfortunately this won't work, because it's possible to enable KFENCE >>> after the kernel has booted with e.g.: echo 100 > >>> /sys/module/kfence/parameters/sample_interval >> Yeah, got it. Thanks for catching it. >>> >>> What is the problem you have encountered? Is the page-granular direct >>> map causing issues? >> We're working on a low memory target, page-granular mapping costed more (2M >> per 1GB) memory. Due to GKI constraints, it is not easy to disable >> CONFIG_KFENCE. So my intention was to move the judgement to runtime >> configurable w/ CONFIG_KFENCE on... >> >> Do you have any further suggestion/proposal on this? Many Thanks! > > Just to check, the cost is because we're mapping *all* of memory at page > granulatrity, right? If we were to just map the KFENCE region a page > granularity, would that be a sufficient saving? Yes,that's expected saving which I would like to address here. > > We didn't do that so far because it was simpler to just map everything at page > granularity (and that's also required by rodata_full, which I though android > used?). Yes, by default we're setting rodata_full. While for low-ram target, we also can lower the security requirement. This is why I am pursuing.. BTW, rodata_full can be easily runtime configured through bootargs. > > If it's really important (and rodata_full isn't being used), we could try to do > that. > > To do that we'd need to choose the KFENCE region *before* arm64 creates the > fine-grain translation tables, which probable needs an arch_ hook. It sounds a good solution. Let me also dig into this. Many Thanks! > > Thanks, > Mark. >