arch/arm/mm/kasan_init.c | 6 +++++ arch/arm64/mm/kasan_init.c | 7 ++++++ arch/loongarch/mm/kasan_init.c | 5 ++++ arch/powerpc/mm/kasan/init_32.c | 8 +++++- arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++ arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++ arch/riscv/mm/kasan_init.c | 6 +++++ arch/um/kernel/mem.c | 6 +++++ arch/x86/mm/kasan_init_64.c | 6 +++++ arch/xtensa/mm/kasan_init.c | 6 +++++ include/linux/kasan-enabled.h | 11 ++------ mm/kasan/common.c | 27 ++++++++++++++++++++ mm/kasan/generic.c | 20 +++++++++++++-- mm/kasan/hw_tags.c | 35 ++------------------------ mm/kasan/init.c | 6 +++++ mm/kasan/quarantine.c | 3 +++ mm/kasan/shadow.c | 23 ++++++++++++++++- mm/kasan/sw_tags.c | 9 +++++++ 18 files changed, 150 insertions(+), 46 deletions(-)
Currently only hw_tags mode of kasan can be enabled or disabled with
kernel parameter kasan=on|off for built kernel. For kasan generic and
sw_tags mode, there's no way to disable them once kernel is built.
This is not convenient sometime, e.g in system kdump is configured.
When the 1st kernel has KASAN enabled and crash triggered to switch to
kdump kernel, the generic or sw_tags mode will cost much extra memory
for kasan shadow while in fact it's meaningless to have kasan in kdump
kernel.
So this patchset moves the kasan=on|off out of hw_tags scope and into
common code to make it visible in generic and sw_tags mode too. Then we
can add kasan=off in kdump kernel to reduce the unneeded meomry cost for
kasan.
Test:
=====
I only took test on x86_64 for generic mode, and on arm64 for
generic, sw_tags and hw_tags mode. All of them works well.
However when I tested sw_tags on a HPE apollo arm64 machine, it always
breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug
can always be seen too.
"BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8"
I haven't got root cause of the bug, will report the bug later in
another thread.
====
Baoquan He (4):
mm/kasan: add conditional checks in functions to return directly if
kasan is disabled
mm/kasan: move kasan= code to common place
mm/kasan: don't initialize kasan if it's disabled
mm/kasan: make kasan=on|off take effect for all three modes
arch/arm/mm/kasan_init.c | 6 +++++
arch/arm64/mm/kasan_init.c | 7 ++++++
arch/loongarch/mm/kasan_init.c | 5 ++++
arch/powerpc/mm/kasan/init_32.c | 8 +++++-
arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++
arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++
arch/riscv/mm/kasan_init.c | 6 +++++
arch/um/kernel/mem.c | 6 +++++
arch/x86/mm/kasan_init_64.c | 6 +++++
arch/xtensa/mm/kasan_init.c | 6 +++++
include/linux/kasan-enabled.h | 11 ++------
mm/kasan/common.c | 27 ++++++++++++++++++++
mm/kasan/generic.c | 20 +++++++++++++--
mm/kasan/hw_tags.c | 35 ++------------------------
mm/kasan/init.c | 6 +++++
mm/kasan/quarantine.c | 3 +++
mm/kasan/shadow.c | 23 ++++++++++++++++-
mm/kasan/sw_tags.c | 9 +++++++
18 files changed, 150 insertions(+), 46 deletions(-)
--
2.41.0
On Tue, 5 Aug 2025 at 08:23, 'Baoquan He' via kasan-dev <kasan-dev@googlegroups.com> wrote: > > Currently only hw_tags mode of kasan can be enabled or disabled with > kernel parameter kasan=on|off for built kernel. For kasan generic and > sw_tags mode, there's no way to disable them once kernel is built. > This is not convenient sometime, e.g in system kdump is configured. > When the 1st kernel has KASAN enabled and crash triggered to switch to > kdump kernel, the generic or sw_tags mode will cost much extra memory > for kasan shadow while in fact it's meaningless to have kasan in kdump > kernel. Are you using KASAN generic or SW-tags is production? If in a test environment, is the overhead of the kdump kernel really unacceptable? > So this patchset moves the kasan=on|off out of hw_tags scope and into > common code to make it visible in generic and sw_tags mode too. Then we > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for > kasan. > > Test: > ===== > I only took test on x86_64 for generic mode, and on arm64 for > generic, sw_tags and hw_tags mode. All of them works well. Does it also work for CONFIG_KASAN_INLINE? > However when I tested sw_tags on a HPE apollo arm64 machine, it always > breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug > can always be seen too. > > "BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8" > > I haven't got root cause of the bug, will report the bug later in > another thread. > ==== > > Baoquan He (4): > mm/kasan: add conditional checks in functions to return directly if > kasan is disabled > mm/kasan: move kasan= code to common place > mm/kasan: don't initialize kasan if it's disabled > mm/kasan: make kasan=on|off take effect for all three modes > > arch/arm/mm/kasan_init.c | 6 +++++ > arch/arm64/mm/kasan_init.c | 7 ++++++ > arch/loongarch/mm/kasan_init.c | 5 ++++ > arch/powerpc/mm/kasan/init_32.c | 8 +++++- > arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++ > arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++ > arch/riscv/mm/kasan_init.c | 6 +++++ > arch/um/kernel/mem.c | 6 +++++ > arch/x86/mm/kasan_init_64.c | 6 +++++ > arch/xtensa/mm/kasan_init.c | 6 +++++ > include/linux/kasan-enabled.h | 11 ++------ > mm/kasan/common.c | 27 ++++++++++++++++++++ > mm/kasan/generic.c | 20 +++++++++++++-- > mm/kasan/hw_tags.c | 35 ++------------------------ > mm/kasan/init.c | 6 +++++ > mm/kasan/quarantine.c | 3 +++ > mm/kasan/shadow.c | 23 ++++++++++++++++- > mm/kasan/sw_tags.c | 9 +++++++ > 18 files changed, 150 insertions(+), 46 deletions(-) > > -- > 2.41.0 > > -- > You received this message because you are subscribed to the Google Groups "kasan-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@googlegroups.com. > To view this discussion visit https://groups.google.com/d/msgid/kasan-dev/20250805062333.121553-1-bhe%40redhat.com.
On 08/06/25 at 09:16am, Marco Elver wrote: > On Tue, 5 Aug 2025 at 08:23, 'Baoquan He' via kasan-dev > <kasan-dev@googlegroups.com> wrote: > > > > Currently only hw_tags mode of kasan can be enabled or disabled with > > kernel parameter kasan=on|off for built kernel. For kasan generic and > > sw_tags mode, there's no way to disable them once kernel is built. > > This is not convenient sometime, e.g in system kdump is configured. > > When the 1st kernel has KASAN enabled and crash triggered to switch to > > kdump kernel, the generic or sw_tags mode will cost much extra memory > > for kasan shadow while in fact it's meaningless to have kasan in kdump > > kernel. > > Are you using KASAN generic or SW-tags is production? > If in a test environment, is the overhead of the kdump kernel really > unacceptable? Thanks for checking this. I don't use KASAN in production environment. But in Redhat, our CI will run test cases on debug kernel with KASAN enabled by default. Then the crashkernel setting will be uncertain. E.g usually crashkernel=256M is enough for most of system. However, KASAN would make the crashkernel reservation need to reach to 768M on one ampere arm64 system. This is not the extra 1/8 of system ram as we expected because we have vmalloc mapping to create shaddow too. In this case, QE or other kernel developer who is not familiar with KASAN may need spend time to dig out what's going on here. And they may need adjust crashkernel= value to get an appropriate one to make system work. This is not good because we don't need KASAN feature in kdump kernel at all while we need tackle the unexpected crashkernel= setting. This can be fixed with a very easy way, a knob to disable kasan in kdump kernel can perfectly handle it. > > > So this patchset moves the kasan=on|off out of hw_tags scope and into > > common code to make it visible in generic and sw_tags mode too. Then we > > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for > > kasan. > > > > Test: > > ===== > > I only took test on x86_64 for generic mode, and on arm64 for > > generic, sw_tags and hw_tags mode. All of them works well. > > Does it also work for CONFIG_KASAN_INLINE? Yes, Andrey said in reply, I did investigation. You can see that KASAN_INLINE will bloat vmlinux by ~30M. This is not a big problem of kdump kernel. CONFIG_KASAN_OUTLINE=y [root@ampere-mtsnow-altra-08 linux]# ll vmlinux -rwxr-xr-x. 1 root root 124859016 Aug 6 06:08 vmlinux [root@ampere-mtsnow-altra-08 linux]# ll /boot/vmlinuz-* -rwxr-xr-x. 1 root root 15938048 Aug 3 00:15 /boot/vmlinuz-0-rescue-f81ab6a509e444e3857153cfa3fc6497 -rwxr-xr-x. 1 root root 15938048 Jul 23 20:00 /boot/vmlinuz-6.15.8-200.fc42.aarch64 -rwxr-xr-x. 1 root root 20644352 Aug 6 06:11 /boot/vmlinuz-6.16.0+ CONFIG_KASAN_INLINE=y [root@ampere-mtsnow-altra-08 linux]# ll vmlinux -rwxr-xr-x. 1 root root 150483592 Aug 6 10:53 vmlinux [root@ampere-mtsnow-altra-08 linux]# ll /boot/vmlinuz-* -rwxr-xr-x. 1 root root 15938048 Aug 3 00:15 /boot/vmlinuz-0-rescue-f81ab6a509e444e3857153cfa3fc6497 -rwxr-xr-x. 1 root root 15938048 Jul 23 20:00 /boot/vmlinuz-6.15.8-200.fc42.aarch64 -rwxr-xr-x. 1 root root 27779584 Aug 6 10:55 /boot/vmlinuz-6.16.0+ > > > However when I tested sw_tags on a HPE apollo arm64 machine, it always > > breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug > > can always be seen too. > > > > "BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8" > > > > I haven't got root cause of the bug, will report the bug later in > > another thread. > > ==== > > > > Baoquan He (4): > > mm/kasan: add conditional checks in functions to return directly if > > kasan is disabled > > mm/kasan: move kasan= code to common place > > mm/kasan: don't initialize kasan if it's disabled > > mm/kasan: make kasan=on|off take effect for all three modes > > > > arch/arm/mm/kasan_init.c | 6 +++++ > > arch/arm64/mm/kasan_init.c | 7 ++++++ > > arch/loongarch/mm/kasan_init.c | 5 ++++ > > arch/powerpc/mm/kasan/init_32.c | 8 +++++- > > arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++ > > arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++ > > arch/riscv/mm/kasan_init.c | 6 +++++ > > arch/um/kernel/mem.c | 6 +++++ > > arch/x86/mm/kasan_init_64.c | 6 +++++ > > arch/xtensa/mm/kasan_init.c | 6 +++++ > > include/linux/kasan-enabled.h | 11 ++------ > > mm/kasan/common.c | 27 ++++++++++++++++++++ > > mm/kasan/generic.c | 20 +++++++++++++-- > > mm/kasan/hw_tags.c | 35 ++------------------------ > > mm/kasan/init.c | 6 +++++ > > mm/kasan/quarantine.c | 3 +++ > > mm/kasan/shadow.c | 23 ++++++++++++++++- > > mm/kasan/sw_tags.c | 9 +++++++ > > 18 files changed, 150 insertions(+), 46 deletions(-) > > > > -- > > 2.41.0 > > > > -- > > You received this message because you are subscribed to the Google Groups "kasan-dev" group. > > To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@googlegroups.com. > > To view this discussion visit https://groups.google.com/d/msgid/kasan-dev/20250805062333.121553-1-bhe%40redhat.com. >
On 8/6/25 9:16 AM, Marco Elver wrote: > On Tue, 5 Aug 2025 at 08:23, 'Baoquan He' via kasan-dev > <kasan-dev@googlegroups.com> wrote: >> >> Currently only hw_tags mode of kasan can be enabled or disabled with >> kernel parameter kasan=on|off for built kernel. For kasan generic and >> sw_tags mode, there's no way to disable them once kernel is built. >> This is not convenient sometime, e.g in system kdump is configured. >> When the 1st kernel has KASAN enabled and crash triggered to switch to >> kdump kernel, the generic or sw_tags mode will cost much extra memory >> for kasan shadow while in fact it's meaningless to have kasan in kdump >> kernel. > > Are you using KASAN generic or SW-tags is production? > If in a test environment, is the overhead of the kdump kernel really > unacceptable? > kdump kernel operates with limited amount of memory, whatever was provided in 'crashkernel=' for the primary kernel. So it's quite easily can ran out of memory. By default kdump uses same as currently running kernel, but it can be configured to use a different one. At least in fedora it's in /etc/sysconfig/kdump: $ cat /etc/sysconfig/kdump # Kernel Version string for the -kdump kernel, such as 2.6.13-1544.FC5kdump # If no version is specified, then the init script will try to find a # kdump kernel with the same version number as the running kernel. KDUMP_KERNELVER="" >> So this patchset moves the kasan=on|off out of hw_tags scope and into >> common code to make it visible in generic and sw_tags mode too. Then we >> can add kasan=off in kdump kernel to reduce the unneeded meomry cost for >> kasan. >> >> Test: >> ===== >> I only took test on x86_64 for generic mode, and on arm64 for >> generic, sw_tags and hw_tags mode. All of them works well. > > Does it also work for CONFIG_KASAN_INLINE? > I think it should. Because we don't initialize init_task.kasan_depth we always bail out in kasan_report().
On 8/5/25 8:23 AM, Baoquan He wrote: > Currently only hw_tags mode of kasan can be enabled or disabled with > kernel parameter kasan=on|off for built kernel. For kasan generic and > sw_tags mode, there's no way to disable them once kernel is built. > This is not convenient sometime, e.g in system kdump is configured. > When the 1st kernel has KASAN enabled and crash triggered to switch to > kdump kernel, the generic or sw_tags mode will cost much extra memory > for kasan shadow while in fact it's meaningless to have kasan in kdump > kernel. > Ideally this problem should be solved by having kdump kernel with different config. Because if we want only reliably collect crash dumps, than we probably don't want other debug features, e.g. like VM_BUG_ON() crashing our kdump kernel. > So this patchset moves the kasan=on|off out of hw_tags scope and into > common code to make it visible in generic and sw_tags mode too. Then we > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for > kasan. > > Test: > ===== > I only took test on x86_64 for generic mode, and on arm64 for > generic, sw_tags and hw_tags mode. All of them works well. > > However when I tested sw_tags on a HPE apollo arm64 machine, it always > breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug > can always be seen too. > > "BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8" > > I haven't got root cause of the bug, will report the bug later in > another thread. > ==== > > Baoquan He (4): > mm/kasan: add conditional checks in functions to return directly if > kasan is disabled > mm/kasan: move kasan= code to common place > mm/kasan: don't initialize kasan if it's disabled > mm/kasan: make kasan=on|off take effect for all three modes > > arch/arm/mm/kasan_init.c | 6 +++++ > arch/arm64/mm/kasan_init.c | 7 ++++++ > arch/loongarch/mm/kasan_init.c | 5 ++++ > arch/powerpc/mm/kasan/init_32.c | 8 +++++- > arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++ > arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++ > arch/riscv/mm/kasan_init.c | 6 +++++ > arch/um/kernel/mem.c | 6 +++++ > arch/x86/mm/kasan_init_64.c | 6 +++++ > arch/xtensa/mm/kasan_init.c | 6 +++++ > include/linux/kasan-enabled.h | 11 ++------ > mm/kasan/common.c | 27 ++++++++++++++++++++ > mm/kasan/generic.c | 20 +++++++++++++-- > mm/kasan/hw_tags.c | 35 ++------------------------ > mm/kasan/init.c | 6 +++++ > mm/kasan/quarantine.c | 3 +++ > mm/kasan/shadow.c | 23 ++++++++++++++++- > mm/kasan/sw_tags.c | 9 +++++++ > 18 files changed, 150 insertions(+), 46 deletions(-) >
On 08/07/25 at 06:34pm, Andrey Ryabinin wrote: > > > On 8/5/25 8:23 AM, Baoquan He wrote: > > Currently only hw_tags mode of kasan can be enabled or disabled with > > kernel parameter kasan=on|off for built kernel. For kasan generic and > > sw_tags mode, there's no way to disable them once kernel is built. > > This is not convenient sometime, e.g in system kdump is configured. > > When the 1st kernel has KASAN enabled and crash triggered to switch to > > kdump kernel, the generic or sw_tags mode will cost much extra memory > > for kasan shadow while in fact it's meaningless to have kasan in kdump > > kernel. > > > > Ideally this problem should be solved by having kdump kernel with different > config. Because if we want only reliably collect crash dumps, than we probably > don't want other debug features, e.g. like VM_BUG_ON() crashing our kdump kernel. Yeah, we have done that in Redhat's internal CI testing. While we still want to switch back to let kdump take the same kernel as the 1st kernel. Like this, we have chance to test debug kernel for vmcore dumping. In this case, KASAN is the main barrier. For other debug features, VM_BUG_ON() should be captured in 1st kernel's running, we won't wait to run kdump kernel to catch it. I am planning to check and adding feature switch for kdump to disable if it's not needed in kdump kernel. E.g I have done in ima=on|off, and the existing 'kfence.sample_interval=0' for kfence. And the public kasan=on|off kernel parameter can make kasan feature more flexible. It can be used in production environment with kasan=off, and can switch to the same kernel to catch issues easily by stripping the cmdline setting. As adding a cmdline is much easier than setting kernel config and rebuild kernel. Besides, based on this patchset, we can easily remove kasan_arch_is_ready() by detecting the arch's support and disable kasan_flag_enabled. And when I testing generic/sw_tags/hw_tags on arm64, I feel if adding a kernel parameter for choosing different KASAN mode is much more convenient than changing kernel config and rebuild. If we choose to KASAN_OUTLINE, this even doesn't impact much in production environment. I would like to hear your suggestion. Thanks Baoquan > > > > So this patchset moves the kasan=on|off out of hw_tags scope and into > > common code to make it visible in generic and sw_tags mode too. Then we > > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for > > kasan. > > > > Test: > > ===== > > I only took test on x86_64 for generic mode, and on arm64 for > > generic, sw_tags and hw_tags mode. All of them works well. > > > > However when I tested sw_tags on a HPE apollo arm64 machine, it always > > breaks kernel with a KASAN bug. Even w/o this patchset applied, the bug > > can always be seen too. > > > > "BUG: KASAN: invalid-access in pcpu_alloc_noprof+0x42c/0x9a8" > > > > I haven't got root cause of the bug, will report the bug later in > > another thread. > > ==== > > > > Baoquan He (4): > > mm/kasan: add conditional checks in functions to return directly if > > kasan is disabled > > mm/kasan: move kasan= code to common place > > mm/kasan: don't initialize kasan if it's disabled > > mm/kasan: make kasan=on|off take effect for all three modes > > > > arch/arm/mm/kasan_init.c | 6 +++++ > > arch/arm64/mm/kasan_init.c | 7 ++++++ > > arch/loongarch/mm/kasan_init.c | 5 ++++ > > arch/powerpc/mm/kasan/init_32.c | 8 +++++- > > arch/powerpc/mm/kasan/init_book3e_64.c | 6 +++++ > > arch/powerpc/mm/kasan/init_book3s_64.c | 6 +++++ > > arch/riscv/mm/kasan_init.c | 6 +++++ > > arch/um/kernel/mem.c | 6 +++++ > > arch/x86/mm/kasan_init_64.c | 6 +++++ > > arch/xtensa/mm/kasan_init.c | 6 +++++ > > include/linux/kasan-enabled.h | 11 ++------ > > mm/kasan/common.c | 27 ++++++++++++++++++++ > > mm/kasan/generic.c | 20 +++++++++++++-- > > mm/kasan/hw_tags.c | 35 ++------------------------ > > mm/kasan/init.c | 6 +++++ > > mm/kasan/quarantine.c | 3 +++ > > mm/kasan/shadow.c | 23 ++++++++++++++++- > > mm/kasan/sw_tags.c | 9 +++++++ > > 18 files changed, 150 insertions(+), 46 deletions(-) > > >
© 2016 - 2025 Red Hat, Inc.