Re: [PATCH v7 0/9] KFENCE: A low-overhead sampling-based memory safety error detector

From: Andrew Morton
Date: Tue Nov 03 2020 - 19:33:10 EST


On Tue, 3 Nov 2020 18:58:32 +0100 Marco Elver <elver@xxxxxxxxxx> wrote:

> This adds the Kernel Electric-Fence (KFENCE) infrastructure. KFENCE is a
> low-overhead sampling-based memory safety error detector of heap
> use-after-free, invalid-free, and out-of-bounds access errors. This
> series enables KFENCE for the x86 and arm64 architectures, and adds
> KFENCE hooks to the SLAB and SLUB allocators.
>
> KFENCE is designed to be enabled in production kernels, and has near
> zero performance overhead. Compared to KASAN, KFENCE trades performance
> for precision. The main motivation behind KFENCE's design, is that with
> enough total uptime KFENCE will detect bugs in code paths not typically
> exercised by non-production test workloads. One way to quickly achieve a
> large enough total uptime is when the tool is deployed across a large
> fleet of machines.

Has kfence detected any kernel bugs yet? What is its track record?

Will a kfence merge permit us to remove some other memory debugging
subsystem? We seem to have rather a lot of them.