From: Baoquan He <bhe@redhat.com>
To: Andrey Konovalov <andreyknvl@gmail.com>
Cc: glider@google.com, dvyukov@google.com, elver@google.com,
linux-mm@kvack.org, ryabinin.a.a@gmail.com,
vincenzo.frascino@arm.com, akpm@linux-foundation.org,
kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org,
kexec@lists.infradead.org, sj@kernel.org,
lorenzo.stoakes@oracle.com, snovitoll@gmail.com,
christophe.leroy@csgroup.eu
Subject: Re: [PATCH v3 00/12] mm/kasan: make kasan=on|off work for all three modes
Date: Thu, 4 Sep 2025 16:11:33 +0800 [thread overview]
Message-ID: <aLlJtTeNMdtZAA9B@MiWiFi-R3L-srv> (raw)
In-Reply-To: <CA+fCnZdfv+D7sfRtWgbbFAmWExggzC2by8sDaK7hXfTS7viY8w@mail.gmail.com>
On 09/03/25 at 03:22pm, Andrey Konovalov wrote:
> On Wed, Aug 20, 2025 at 7:35 AM Baoquan He <bhe@redhat.com> wrote:
> >
> > Currently only hw_tags mode of kasan can be enabled or disabled with
> > kernel parameter kasan=on|off for built kernel. For kasan generic and
> > sw_tags mode, there's no way to disable them once kernel is built.
> > This is not convenient sometime, e.g in system kdump is configured.
> > When the 1st kernel has KASAN enabled and crash triggered to switch to
> > kdump kernel, the generic or sw_tags mode will cost much extra memory
> > for kasan shadow while in fact it's meaningless to have kasan in kdump
> > kernel.
> >
> > So this patchset moves the kasan=on|off out of hw_tags scope and into
> > common code to make it visible in generic and sw_tags mode too. Then we
> > can add kasan=off in kdump kernel to reduce the unneeded meomry cost for
> > kasan.
>
> Continuing the discussion on the previous version: so the unwanted
> extra memory usage is caused by the shadow memory for vmalloc
> allocations (as they get freed lazily)? This needs to be explained in
> the commit message.
Hmm, up to now, there are two parts of big amount of memory requiring
for kernel as I observed. One is the direct memory mapping shadow of
kasan, which is 1/8 of system RAM in generic mode and 1/16 of system
RAM in sw_tags mode; the other is the shadow meomry for vmalloc which
causes meomry big meomry usage in kdump kernel because of lazy vmap
freeing. By introducing "kasan=off|on", if we specify 'kasan=off', the
former is avoided by skipping the kasan_init(), and the latter is avoided
by not build the vmalloc shadow for vmalloc.
Yes, I totally agree with you, I should have put this in cover letter
and the main patch log to explain it better.
>
> If so, would it help if we make the kasan.vmalloc command-line
> parameter work with the non-HW_TAGS modes (and make it do the same
> thing as disabling CONFIG_KASAN_VMALLOC)?
>
> What I don't like about introducing kasan=off for non-HW_TAGS modes is
> that this parameter does not actually disable KASAN. It just
> suppresses KASAN code for mapping proper shadow memory. But the
> compiler-added instrumentation is still executing (and I suspect this
> might break the inline instrumentation mode).
I may not follow your saying it doesn't disable KASAN. In this patchset,
not only do I disable the code for mapping shadow memory, but also I
skip any KASAN checking. Please see change of check_region_inline() in
mm/kasan/generic.c and kasan_check_range() in mm/kasan/sw_tags.c. It
will skip any KASAN checking when accessing memory.
Yeah, the compiler added instrumentation will be called, but the if
(!kasan_enabled()) checking will decide if going further into KASAN code
or just return directly. I tried inline mode on x86_64 and arm64, it
works well when one reviewer said inline mode could cost much more
memory, I don't see any breakage w or w/o kasan=off when this patchset
applied..
>
> Perhaps, we could instead add a new kasan.shadow=on/off parameter to
> make it more explicit that KASAN is not off, it's just that it stops
> mapping shadow memory.
Hmm, as I explained at above, kasan=off will stop mapping shadow memory,
and also stop executing KASAN code to poison/unpoison memory and check the
shadow. It may be inappropriate to say it only stops mapping shadow.
>
> Dmitry, Alexander, Marco, do you have any opinion on kasan=off for
> non-HW_TAGS modes?
>
> On a side note, this series will need to be rebased onto Sabyrzhan's
> patches [1] - those are close to being ready. But perhaps let's wait
> for v7 first.
I replied to Sabyrzhan's patchset, on top of this patchset, it's much
easier and cleaner to remove kasan_arch_is_ready(). We don't need
introduce CONFIG_ARCH_DEFER_KASAN. Please see below patchset which is
based on this patchset introducing 'kasan=off|on' to genric|sw_tags
mode.
[PATCH 0/4] mm/kasan: remove kasan_arch_is_ready()
https://lore.kernel.org/all/20250812130933.71593-1-bhe@redhat.com/T/#u
>
> [1] https://lore.kernel.org/all/20250810125746.1105476-1-snovitoll@gmail.com/
>
Thanks a lot for reviewing and feedback.
next prev parent reply other threads:[~2025-09-04 8:11 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-20 5:34 [PATCH v3 00/12] mm/kasan: make kasan=on|off work for all three modes Baoquan He
2025-08-20 5:34 ` [PATCH v3 01/12] mm/kasan: add conditional checks in functions to return directly if kasan is disabled Baoquan He
2025-08-20 5:34 ` [PATCH v3 02/12] mm/kasan: move kasan= code to common place Baoquan He
2025-08-20 5:34 ` [PATCH v3 03/12] mm/kasan/sw_tags: don't initialize kasan if it's disabled Baoquan He
2025-08-20 5:34 ` [PATCH v3 04/12] arch/arm: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 05/12] arch/arm64: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 06/12] arch/loongarch: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 07/12] arch/powerpc: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 08/12] arch/riscv: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 09/12] arch/x86: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 10/12] arch/xtensa: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 11/12] arch/um: " Baoquan He
2025-08-20 5:34 ` [PATCH v3 12/12] mm/kasan: make kasan=on|off take effect for all three modes Baoquan He
2025-09-03 13:22 ` [PATCH v3 00/12] mm/kasan: make kasan=on|off work " Andrey Konovalov
2025-09-04 8:11 ` Baoquan He [this message]
2025-09-04 14:58 ` Andrey Konovalov
2025-09-05 17:12 ` Andrey Ryabinin
2025-09-05 18:08 ` Andrey Konovalov
2025-09-05 19:13 ` Christophe Leroy
2025-09-05 19:44 ` Andrey Konovalov
2025-09-05 20:34 ` Andrey Konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aLlJtTeNMdtZAA9B@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=christophe.leroy@csgroup.eu \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=ryabinin.a.a@gmail.com \
--cc=sj@kernel.org \
--cc=snovitoll@gmail.com \
--cc=vincenzo.frascino@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).