Re: CVS commit: src/sys/kern

[Maxime Villard <max%m00nbsd.net@localhost>]

Le 16/08/2019 à 00:05, matthew green a écrit :
> KMEM_GUARD is useful for platforms that don't have kasan yet.

Verily it was not.

 1) The place where diagnostic/debug features should be implemented is pool(9),
    not kmem(9). Pools represent all of the dynamic system memory, kmem only a
    small subset of that. KMEM_GUARD was unable to detect anything on mbufs,
    pnbufs, vnodes, etc.

 2) The pool hardening enabled by default in GENERIC is more powerful in
    detecting inconsistencies - like [1] -, and does more than half of
    KMEM_GUARD's work with basically no overhead.

 3) The additional POOL_REDZONE option can be used to detect more bugs on all
    pools and not just kmem. But see below.

We need to stop with these useless debug-only options that nobody uses, and
which moreover are implemented in the wrong place and can detect nothing.

[1] https://mail-index.netbsd.org/current-users/2019/08/01/msg036317.html

Le 16/08/2019 à 07:46, Nick Hudson a écrit :
> yet? Can 32bit platforms and limit KVA have KASAN?

If you are telling me they could reliably use KMEM_GUARD before, then it
likely means they can have KASAN. If you want to add KASAN to more arches,
feel free to, I made it largely MI, so the MD effort needed is limited.

By the way, can we turn on POOL_REDZONE under DIAGNOSTIC now? Last time I
tried to do that you complained to me that ARM wasn't booting anymore, until
it turned out it was a bug in ARM which you later fixed. Would be nice to
hear about that, because POOL_REDZONE *is* the kind of feature that is useful.