From: Alexander Potapenko <glider@google.com>
To: Marco Elver <elver@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Dmitry Vyukov <dvyukov@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Shuah Khan <skhan@linuxfoundation.org>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
kasan-dev@googlegroups.com, workflows@vger.kernel.org,
linux-mm@kvack.org,
Ernesto Martinez Garcia <ernesto.martinezgarcia@tugraz.at>,
Kees Cook <kees@kernel.org>
Subject: Re: [PATCH] kfence: add kfence.fault parameter
Date: Tue, 3 Mar 2026 12:19:51 +0100 [thread overview]
Message-ID: <CAG_fn=WAwHUpoay2kY6rkEZQGYxoDGVJYf5B59Y80ht7++Lmqw@mail.gmail.com> (raw)
In-Reply-To: <20260225203639.3159463-1-elver@google.com>
> @@ -830,7 +835,8 @@ static void kfence_check_all_canary(void)
> static int kfence_check_canary_callback(struct notifier_block *nb,
> unsigned long reason, void *arg)
> {
> - kfence_check_all_canary();
> + if (READ_ONCE(kfence_enabled))
> + kfence_check_all_canary();
By the way, should we also check for kfence_enabled when reporting errors?
> @@ -1307,12 +1314,14 @@ bool kfence_handle_page_fault(unsigned long addr, bool is_write, struct pt_regs
> if (to_report) {
> raw_spin_lock_irqsave(&to_report->lock, flags);
> to_report->unprotected_page = unprotected_page;
> - kfence_report_error(addr, is_write, regs, to_report, error_type);
> + fault = kfence_report_error(addr, is_write, regs, to_report, error_type);
> raw_spin_unlock_irqrestore(&to_report->lock, flags);
> } else {
> /* This may be a UAF or OOB access, but we can't be sure. */
> - kfence_report_error(addr, is_write, regs, NULL, KFENCE_ERROR_INVALID);
> + fault = kfence_report_error(addr, is_write, regs, NULL, KFENCE_ERROR_INVALID);
> }
>
> + kfence_handle_fault(fault);
> +
> return kfence_unprotect(addr); /* Unprotect and let access proceed. */
If kfence_handle_fault() oopses, kfence_unprotect() will never be
called, is that the desired behavior?
> /* Require non-NULL meta, except if KFENCE_ERROR_INVALID. */
> if (WARN_ON(type != KFENCE_ERROR_INVALID && !meta))
> - return;
> + return KFENCE_FAULT_NONE;
We explicitly don't panic here; guess it should be fine...
prev parent reply other threads:[~2026-03-03 11:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-25 20:36 Marco Elver
2026-02-25 22:26 ` Rik van Riel
2026-02-26 1:16 ` Marco Elver
2026-03-03 11:19 ` Alexander Potapenko [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAG_fn=WAwHUpoay2kY6rkEZQGYxoDGVJYf5B59Y80ht7++Lmqw@mail.gmail.com' \
--to=glider@google.com \
--cc=akpm@linux-foundation.org \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=ernesto.martinezgarcia@tugraz.at \
--cc=kasan-dev@googlegroups.com \
--cc=kees@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=skhan@linuxfoundation.org \
--cc=workflows@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox