From: Baoquan He <bhe@redhat.com>
To: Marco Elver <elver@google.com>
Cc: linux-mm@kvack.org, ryabinin.a.a@gmail.com, glider@google.com,
andreyknvl@gmail.com, dvyukov@google.com,
vincenzo.frascino@arm.com, akpm@linux-foundation.org,
kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org,
kexec@lists.infradead.org
Subject: Re: [PATCH 0/4] mm/kasan: make kasan=on|off work for all three modes
Date: Fri, 8 Aug 2025 11:21:50 +0800 [thread overview]
Message-ID: <aJVtTjRUXqWePva0@MiWiFi-R3L-srv> (raw)
In-Reply-To: <CANpmjNP-29cuk+MY0w9rvLNizO02yY_ZxP+T0cmCZBi+b5tDTQ@mail.gmail.com>
On 08/06/25 at 09:16am, Marco Elver wrote:
> On Tue, 5 Aug 2025 at 08:23, 'Baoquan He' via kasan-dev
> <kasan-dev@googlegroups.com> wrote:
> >
> > Currently only hw_tags mode of kasan can be enabled or disabled with
> > kernel parameter kasan=on|off for built kernel. For kasan generic and
> > sw_tags mode, there's no way to disable them once kernel is built.
> > This is not convenient sometime, e.g in system kdump is configured.
> > When the 1st kernel has KASAN enabled and crash triggered to switch to
> > kdump kernel, the generic or sw_tags mode will cost much extra memory
> > for kasan shadow while in fact it's meaningless to have kasan in kdump
> > kernel.
>
> Are you using KASAN generic or SW-tags is production?
> If in a test environment, is the overhead of the kdump kernel really
> unacceptable?
Thanks for checking this.
I don't use KASAN in production environment. But in Redhat, our CI will
run test cases on debug kernel with KASAN enabled by default. Then the
crashkernel setting will be uncertain. E.g usually crashkernel=256M is
enough for most of system. However, KASAN would make the crashkernel
reservation need to reach to 768M on one ampere arm64 system. This is
not the extra 1/8 of system ram as we expected because we have vmalloc
mapping to create shaddow too. In this case, QE or other kernel
developer who is not familiar with KASAN may need spend time to dig out
what's going on here. And they may need adjust crashkernel= value to get
an appropriate one to make system work. This is not good because we
don't need KASAN feature in kdump kernel at all while we need tackle the
unexpected crashkernel= setting.
This can be fixed with a very easy way, a knob to disable kasan in kdump
kernel can perfectly handle it.
>
> > So this patchset moves the kasan=on|off out of hw_tags scope and into
> > common code to make it visible in generic and sw_tags mode too. Then we
> > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for
> > kasan.
> >
> > Test:
> > =====
> > I only took test on x86_64 for generic mode, and on arm64 for
> > generic, sw_tags and hw_tags mode. All of them works well.
>
> Does it also work for CONFIG_KASAN_INLINE?
Yes, Andrey said in reply, I did investigation. You can see that
KASAN_INLINE will bloat vmlinux by ~30M. This is not a big problem of
kdump kernel.
CONFIG_KASAN_OUTLINE=y
[root@ampere-mtsnow-altra-08 linux]# ll vmlinux
-rwxr-xr-x. 1 root root 124859016 Aug 6 06:08 vmlinux
[root@ampere-mtsnow-altra-08 linux]# ll /boot/vmlinuz-*
-rwxr-xr-x. 1 root root 15938048 Aug 3 00:15 /boot/vmlinuz-0-rescue-f81ab6a509e444e3857153cfa3fc6497
-rwxr-xr-x. 1 root root 15938048 Jul 23 20:00 /boot/vmlinuz-6.15.8-200.fc42.aarch64
-rwxr-xr-x. 1 root root 20644352 Aug 6 06:11 /boot/vmlinuz-6.16.0+
CONFIG_KASAN_INLINE=y
[root@ampere-mtsnow-altra-08 linux]# ll vmlinux
-rwxr-xr-x. 1 root root 150483592 Aug 6 10:53 vmlinux
[root@ampere-mtsnow-altra-08 linux]# ll /boot/vmlinuz-*
-rwxr-xr-x. 1 root root 15938048 Aug 3 00:15 /boot/vmlinuz-0-rescue-f81ab6a509e444e3857153cfa3fc6497
-rwxr-xr-x. 1 root root 15938048 Jul 23 20:00 /boot/vmlinuz-6.15.8-200.fc42.aarch64
-rwxr-xr-x. 1 root root 27779584 Aug 6 10:55 /boot/vmlinuz-6.16.0+
>
> > However when I tested sw_tags on a HPE apollo arm64 machine, it always
> > breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug
> > can always be seen too.
> >
> > "BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8"
> >
> > I haven't got root cause of the bug, will report the bug later in
> > another thread.
> > ====
> >
> > Baoquan He (4):
> > mm/kasan: add conditional checks in functions to return directly if
> > kasan is disabled
> > mm/kasan: move kasan= code to common place
> > mm/kasan: don't initialize kasan if it's disabled
> > mm/kasan: make kasan=on|off take effect for all three modes
> >
> > arch/arm/mm/kasan_init.c | 6 +++++
> > arch/arm64/mm/kasan_init.c | 7 ++++++
> > arch/loongarch/mm/kasan_init.c | 5 ++++
> > arch/powerpc/mm/kasan/init_32.c | 8 +++++-
> > arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++
> > arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++
> > arch/riscv/mm/kasan_init.c | 6 +++++
> > arch/um/kernel/mem.c | 6 +++++
> > arch/x86/mm/kasan_init_64.c | 6 +++++
> > arch/xtensa/mm/kasan_init.c | 6 +++++
> > include/linux/kasan-enabled.h | 11 ++------
> > mm/kasan/common.c | 27 ++++++++++++++++++++
> > mm/kasan/generic.c | 20 +++++++++++++--
> > mm/kasan/hw_tags.c | 35 ++------------------------
> > mm/kasan/init.c | 6 +++++
> > mm/kasan/quarantine.c | 3 +++
> > mm/kasan/shadow.c | 23 ++++++++++++++++-
> > mm/kasan/sw_tags.c | 9 +++++++
> > 18 files changed, 150 insertions(+), 46 deletions(-)
> >
> > --
> > 2.41.0
> >
> > --
> > You received this message because you are subscribed to the Google Groups "kasan-dev" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@googlegroups.com.
> > To view this discussion visit https://groups.google.com/d/msgid/kasan-dev/20250805062333.121553-1-bhe%40redhat.com.
>
next prev parent reply other threads:[~2025-08-08 3:22 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-05 6:23 Baoquan He
2025-08-05 6:23 ` [PATCH 1/4] mm/kasan: add conditional checks in functions to return directly if kasan is disabled Baoquan He
2025-08-05 6:23 ` [PATCH 2/4] mm/kasan: move kasan= code to common place Baoquan He
2025-08-06 7:11 ` Marco Elver
2025-08-08 13:01 ` Baoquan He
2025-08-05 6:23 ` [PATCH 3/4] mm/kasan: don't initialize kasan if it's disabled Baoquan He
2025-08-05 6:23 ` [PATCH 4/4] mm/kasan: make kasan=on|off take effect for all three modes Baoquan He
2025-08-06 5:22 ` SeongJae Park
2025-08-06 9:36 ` Baoquan He
2025-08-06 16:26 ` Lorenzo Stoakes
2025-08-08 13:08 ` Baoquan He
2025-08-08 13:24 ` Lorenzo Stoakes
2025-08-12 13:27 ` Baoquan He
2025-08-12 17:06 ` Lorenzo Stoakes
2025-08-06 18:24 ` Sabyrzhan Tasbolatov
2025-08-08 15:59 ` Baoquan He
2025-08-06 7:16 ` [PATCH 0/4] mm/kasan: make kasan=on|off work " Marco Elver
2025-08-07 17:12 ` Andrey Ryabinin
2025-08-08 3:21 ` Baoquan He [this message]
2025-08-07 16:34 ` Andrey Ryabinin
2025-08-08 12:54 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aJVtTjRUXqWePva0@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=ryabinin.a.a@gmail.com \
--cc=vincenzo.frascino@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox