From: Vlastimil Babka <vbabka@suse.cz>
To: Georgi Djakov <georgi.djakov@linaro.org>,
linux-mm@kvack.org, akpm@linux-foundation.org, cl@linux.com,
penberg@kernel.org, rientjes@google.com, iamjoonsoo.kim@lge.com
Cc: corbet@lwn.net, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mm/slub: Add slub_debug option to panic on memory corruption
Date: Tue, 9 Mar 2021 16:09:45 +0100 [thread overview]
Message-ID: <390d8a2f-ead9-48a9-99eb-65c73bd18422@suse.cz> (raw)
In-Reply-To: <20210309134720.29052-1-georgi.djakov@linaro.org>
On 3/9/21 2:47 PM, Georgi Djakov wrote:
> Being able to stop the system immediately when a memory corruption
> is detected is crucial to finding the source of it. This is very
> useful when the memory can be inspected with kdump or other tools.
Is this in some testing scenarios where you would also use e.g. panic_on_warn?
We could hook to that. If not, we could introduce a new
panic_on_memory_corruption that would apply also for debug_pagealloc and whatnot?
> Let's add an option panic the kernel when slab debug catches an
> object or list corruption.
>
> This new option is not enabled by default (yet), so it needs to be
> enabled explicitly (for example by adding "slub_debug=FZPUC" to
> the kernel command line).
>
> Signed-off-by: Georgi Djakov <georgi.djakov@linaro.org>
> ---
> Documentation/vm/slub.rst | 1 +
> include/linux/slab.h | 3 +++
> mm/slab.h | 2 +-
> mm/slub.c | 9 +++++++++
> 4 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/vm/slub.rst b/Documentation/vm/slub.rst
> index 03f294a638bd..32878c44f3de 100644
> --- a/Documentation/vm/slub.rst
> +++ b/Documentation/vm/slub.rst
> @@ -53,6 +53,7 @@ Possible debug options are::
> Z Red zoning
> P Poisoning (object and padding)
> U User tracking (free and alloc)
> + C Panic on object corruption (enables SLAB_CORRUPTION_PANIC)
> T Trace (please only use on single slabs)
> A Enable failslab filter mark for the cache
> O Switch debugging off for caches that would have
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 0c97d788762c..ebff5e704d08 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -39,6 +39,9 @@
> #define SLAB_STORE_USER ((slab_flags_t __force)0x00010000U)
> /* Panic if kmem_cache_create() fails */
> #define SLAB_PANIC ((slab_flags_t __force)0x00040000U)
> +/* Panic if memory corruption is detected */
> +#define SLAB_CORRUPTION_PANIC ((slab_flags_t __force)0x00080000U)
> +
> /*
> * SLAB_TYPESAFE_BY_RCU - **WARNING** READ THIS!
> *
> diff --git a/mm/slab.h b/mm/slab.h
> index 120b1d0dfb6d..ae0079017fc6 100644
> --- a/mm/slab.h
> +++ b/mm/slab.h
> @@ -134,7 +134,7 @@ static inline slab_flags_t kmem_cache_flags(unsigned int object_size,
> #define SLAB_DEBUG_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER)
> #elif defined(CONFIG_SLUB_DEBUG)
> #define SLAB_DEBUG_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \
> - SLAB_TRACE | SLAB_CONSISTENCY_CHECKS)
> + SLAB_TRACE | SLAB_CONSISTENCY_CHECKS | SLAB_CORRUPTION_PANIC)
> #else
> #define SLAB_DEBUG_FLAGS (0)
> #endif
> diff --git a/mm/slub.c b/mm/slub.c
> index 077a019e4d7a..49351427f701 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -741,6 +741,8 @@ void object_err(struct kmem_cache *s, struct page *page,
> {
> slab_bug(s, "%s", reason);
> print_trailer(s, page, object);
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic(reason);
> }
>
> static __printf(3, 4) void slab_err(struct kmem_cache *s, struct page *page,
> @@ -755,6 +757,8 @@ static __printf(3, 4) void slab_err(struct kmem_cache *s, struct page *page,
> slab_bug(s, "%s", buf);
> print_page_info(page);
> dump_stack();
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic("slab: slab error\n");
> }
>
> static void init_object(struct kmem_cache *s, void *object, u8 val)
> @@ -776,6 +780,8 @@ static void init_object(struct kmem_cache *s, void *object, u8 val)
> static void restore_bytes(struct kmem_cache *s, char *message, u8 data,
> void *from, void *to)
> {
> + if (slub_debug & SLAB_CORRUPTION_PANIC)
> + panic("slab: object overwritten\n");
> slab_fix(s, "Restoring 0x%p-0x%p=0x%x\n", from, to - 1, data);
> memset(from, data, to - from);
> }
> @@ -1319,6 +1325,9 @@ parse_slub_debug_flags(char *str, slab_flags_t *flags, char **slabs, bool init)
> case 'a':
> *flags |= SLAB_FAILSLAB;
> break;
> + case 'c':
> + *flags |= SLAB_CORRUPTION_PANIC;
> + break;
> case 'o':
> /*
> * Avoid enabling debugging on caches if its minimum
>
next prev parent reply other threads:[~2021-03-09 15:09 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-09 13:47 Georgi Djakov
2021-03-09 14:56 ` Christoph Lameter
2021-03-09 18:12 ` Georgi Djakov
2021-03-09 15:09 ` Vlastimil Babka [this message]
2021-03-09 18:14 ` Georgi Djakov
2021-03-09 18:18 ` Vlastimil Babka
2021-03-18 5:48 ` Kees Cook
2021-03-18 12:56 ` Vlastimil Babka
2021-03-18 17:08 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=390d8a2f-ead9-48a9-99eb-65c73bd18422@suse.cz \
--to=vbabka@suse.cz \
--cc=akpm@linux-foundation.org \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=georgi.djakov@linaro.org \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox