From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 73301C27C53 for ; Wed, 12 Jun 2024 18:39:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E91EC6B009F; Wed, 12 Jun 2024 14:39:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E42B66B00A0; Wed, 12 Jun 2024 14:39:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D09526B00A2; Wed, 12 Jun 2024 14:39:27 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id B2F4B6B009F for ; Wed, 12 Jun 2024 14:39:27 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 28194418EF for ; Wed, 12 Jun 2024 18:39:27 +0000 (UTC) X-FDA: 82223099574.30.3618FA9 Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf11.hostedemail.com (Postfix) with ESMTP id 15E9A40011 for ; Wed, 12 Jun 2024 18:39:24 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=OzRr01nS; spf=pass (imf11.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1718217565; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=PGQ86V5UBZNtwrXw5n09oNJAhyYxpBSbswgP7IxzOcw=; b=XcTqjs85Xqo/rv5lw1qto1cc8oeu+ls3sK2S6HZoU+OX17PI56PJUO2QI/j/6KyU5dUry6 4l3DBjj+AbMX0zt2tWHqw6UDKtujzo6tpcD9Ke8sR4zx2hCBYhOmWE+BDGlDOHthzma7CQ l8rRyNv/UpYcxmi0MlLzwSnzeVKLafo= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1718217565; a=rsa-sha256; cv=none; b=enoCwanQW6Gs18HBKHzvcz4GGAhcdKYbz6mBF8zyv6SZ/+Mv8pjwMV0N3dwPRkvXw5+uVG ZI2fW3J3qAIItYfTWi80tb93acSSy5OfGVJlt4da1RBCvnl67+urhwhwIPi/Zg6HXesSnj tiycSJks9RhcE9EXPWKenCPYAsij4YE= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=OzRr01nS; spf=pass (imf11.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id DA887CE21FA; Wed, 12 Jun 2024 18:39:20 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 28C51C116B1; Wed, 12 Jun 2024 18:39:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1718217560; bh=MJVHRfHxaj60Hxhysjmfq/EOEVzWOTcWYElXRx7ibPY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=OzRr01nSYr1S44pbL4683JbDFh4GYvuUS/2Ofesh3Z4B5uaQ+kRkCRG39mDhAn0GI vfVpxlR93ToKvKjsl+r9mJlCqJ7Ee7Pmzsy9tWmXs4MGllFzMegoH4kOcvgTRR+WTL 8L0KPjiDxrnjRw9bB97mwfLNL+UTtpXF/77wEYXHZ6wZzh8ShupTgm9XaHTOMDZrNR Vh99JEjgq/ISlIDVzLHIMo3B89SZbLQxU9+TLmmGylhIQzufbHGZ+ppZRAJg0d1IUC HhmV1nbdeMXkwVAGJPJIfHnYZ9HUmx415ClIB4+sR0W5ds5Co16KlV8uRLb4+xvdQU HnVc9gQ1W6qnw== Date: Wed, 12 Jun 2024 11:39:19 -0700 From: Kees Cook To: "Christoph Lameter (Ampere)" Cc: Vlastimil Babka , Chengming Zhou , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Feng Tang , linux-mm@kvack.org, linux-kernel@vger.kernel.org, zhouchengming@bytedance.com Subject: Re: [PATCH v3 1/3] slab: make check_object() more consistent Message-ID: <202406121135.A3900578BF@keescook> References: <20240607-b4-slab-debug-v3-0-bb2a326c4ceb@linux.dev> <20240607-b4-slab-debug-v3-1-bb2a326c4ceb@linux.dev> <63da08b7-7aa3-3fad-55e6-9fc3928a49de@gentwo.org> <8b844d71-01f1-472b-a63a-4c9cdb26e9ef@suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Stat-Signature: kbkf9y1ohd4soqy1n6t4bp6wpiny8j5q X-Rspamd-Queue-Id: 15E9A40011 X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1718217564-661334 X-HE-Meta: U2FsdGVkX1+BViZn5UNrESuKf1gPlrCL8oxs3xgJgEny83hvflimqnp1c3UFKZBB89rA/Knv4Jx7uW1sx2r+MP5cm2NaPruU3WNBxO7oFwH5+r6wMCbF3DQ48LKR99eBxSdh1Vpr/iuMV2Ekxe242S3H082zgvTzk/sa2OcG0MyOiUqMLbExhS4lUITcWanQ0XIzCwuHOoE1ykac5CJCaTKfD5BPRfeMHqU0LCIG+ePySJEesOj1Q5KuO3+cgkqrJFjF6/za70qycWdvF9yAW7gmQEWWnLnVIfYPuo6gaI5VI8An66+jDbSJ7hf/T5zQGVsIewaXrtE4ZYGT6nLMv0pgHetwkf8tFpdCHzyam4I1fYyvLegx/cv2bmjQOk+2OUnYXKSHrFt5QJv/el7fI8kx7exE6iYUPlrHv2HhD9xCPGcncHtTgV14Ysn94EZ/3vXYrC+KgzdWfrVAkBzfxO6uy5KuwkscNZvoAxRQOSTQUEEMWamKA+Oh8+9Z9P9Lv5J3kAvXmCuG1lGc1R3Bm0xNQatI+Agj0kk48hm0mQvk5Extfr3Ng60kfjXmohGEmgvISI4uVdVfLmz+QzKOG86ZktOY20jpTokkQez/2hibHqDxConMqCz+qsU82nLCagkeVruUTMRO0B7Cf+1WK3srWXLzYGqyGBCtz+SUAXokEaauTc7Js3HLLKC+kv0CbCCPeHziiDTSAy2Y3oAuEuBMmiA/yqVEe/vhEGkxEc36Yrl4lyDpwNCJzVaKKqNQlyeg1nAlvxOyoYZOcHNm9+420NPVj8w+bypghTBOkhv+AzbbQhwqlHLccDFrBVM63zOJ6LjpN26NwLHkz4EHgI0yKzOkrABCYpJ4CTqIXoCsHSHa/a/Nn0Z6aWw9sU6lmCRUh5RhlmYw3oZ1yELsXP33rhzPs+0jWT7y4AJBBAvogbQwqGaHpjkC9Seq2Hwp4ainq9Fju/m5bFf0EPl LavuRCL7 8I3fXvZUSIgOTlTku8ve1/qhmYpQ+5DHgDrkXpN0k1b3HGkfa8j6GcYKpNY7VocvrrOr3/LemkQKf+OUoVHfHNQtHFZYZ+WcrOH00mbjhu0ZMNsNqwnyF1nnTWVIaDSnI5sPsWMK9e9Ww9VEo4oc8tO65oXKdJcLIZM7m6Qfwy62oL0pm2n+o5Cit2OM3MHUklCntx8dbWiJVNxOwxXLlbT6dzXjQdBuiqHmuIEyO2QEdYxzlRSSb2nPtDFCCohqLkAyDD/JCtQdMIIhLRuAh+J7tECYkBy2xXFUgoCt/NSklVO0XqNFQm/LfrQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jun 11, 2024 at 03:52:49PM -0700, Christoph Lameter (Ampere) wrote: > On Mon, 10 Jun 2024, Vlastimil Babka wrote: > > > Even if some security people enable parts of slub debugging for security > > people it is my impression they would rather panic/reboot or have memory > > leaked than trying to salvage the slab page? (CC Kees) > > In the past these resilience features have been used to allow the continued > operation of a broken kernel. > > So first the Kernel crashed with some obscure oops in the allocator due to > metadata corruption. > > One can then put a slub_debug option on the kernel command line which will > result in detailed error reports on what caused the corruption. It will also > activate resilience measures that will often allow the continued operation > until a fix becomes available. Sure, as long as it's up to the deployment. I just don't want padding errors unilaterally ignored. If it's useful, there's the CHECK_DATA_CORRUPTION() macro. That'll let a deployment escalate the issue from WARN to BUG, etc. -- Kees Cook