Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp276139pxb;
        Thu, 12 Nov 2020 03:39:58 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzVFBibE5ZID8cs3ggR2xaihxM+CefIwDabSeOx7fu7AjRkPvBlSOMmkEuL2xs3d3tj00ZI
X-Received: by 2002:a17:906:4699:: with SMTP id a25mr11525297ejr.284.1605181198486;
        Thu, 12 Nov 2020 03:39:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1605181198; cv=none;
        d=google.com; s=arc-20160816;
        b=SMRl4hIjU91QI0b5XRpakmyftSSlhJ/MYDUrzyLfYUH4WBQdXQCt+uE+VSdVLRg/OP
         EqQH69/v9+HTfqOyWeq4pIT/92nkUP//D+0CZyQP4GKsBPNvTM2sYAO/x455sH7ckYSX
         5LKndyAdpdymlElyQ5OLDRJWlkSzN9+R8z0H9wO7scBiNyli8bgq7XPoOk4K1+BTOMa1
         ayy6I9tH5X+eeAhwpV2HrXw1JiR0V7gKJdydzXZK9Lp5YgEogup0SCXSj4Do+GseANqI
         fJ+FBdXhKShYytYe5qNdqG1ixRNpZqcGY3OOC3RN63SmLxFgDqsF/KfKPXWB41taytZo
         ZctA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=AjsdVaceonTfSri/Ysro3eD+e/Yi2QaQpU3QWyDKJ64=;
        b=CN9WlsUWuNL4En55cI5v+cTh9dVyWoB4CsHH/dihe5862AWevQdGxUOnsyCqdzeCWg
         bJu+SvD7IQJeg4Qj9NFvNHBrGVnUq7vQjAs2TNKctcY7g5VP5e32Cp2NhlDGyLFlSzdq
         gOcrvXpF/9Bth2cPUd4p7DIjT4J4CE6Bzlg2kYZdXgZOwm1M9PSRwBQ7eAUsfFJqlgHy
         XCSoJgmA3LCHprcMh/eTW/uywofEF3nO8SqyeiNVQQU0zVERcvkwdMSqXV4DtBgOlGFQ
         WniWG2D+HWyMcOdjBYMichZddsxbHGfpmt/2yeCg/IYcSLY3F498IR1aDMrNPgwP+RQn
         dzcA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id l91si3673735edl.566.2020.11.12.03.39.34;
        Thu, 12 Nov 2020 03:39:58 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727925AbgKLLfu (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Thu, 12 Nov 2020 06:35:50 -0500
Received: from mail.kernel.org ([198.145.29.99]:43990 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727234AbgKLLfs (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 12 Nov 2020 06:35:48 -0500
Received: from gaia (unknown [2.26.170.190])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 194D5206FB;
        Thu, 12 Nov 2020 11:35:44 +0000 (UTC)
Date:   Thu, 12 Nov 2020 11:35:42 +0000
From:   Catalin Marinas <catalin.marinas@arm.com>
To:     Andrey Konovalov <andreyknvl@google.com>
Cc:     Dmitry Vyukov <dvyukov@google.com>,
        Alexander Potapenko <glider@google.com>,
        Marco Elver <elver@google.com>,
        Will Deacon <will.deacon@arm.com>,
        Vincenzo Frascino <vincenzo.frascino@arm.com>,
        Evgenii Stepanov <eugenis@google.com>,
        Andrey Ryabinin <aryabinin@virtuozzo.com>,
        Branislav Rankov <Branislav.Rankov@arm.com>,
        Kevin Brodsky <kevin.brodsky@arm.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org,
        linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 11/20] kasan: add and integrate kasan boot parameters
Message-ID: <20201112113541.GK29613@gaia>
References: <cover.1605046662.git.andreyknvl@google.com>
 <fdf9e3aec8f57ebb2795710195f8aaf79e3b45bd.1605046662.git.andreyknvl@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <fdf9e3aec8f57ebb2795710195f8aaf79e3b45bd.1605046662.git.andreyknvl@google.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Nov 10, 2020 at 11:20:15PM +0100, Andrey Konovalov wrote:
> Hardware tag-based KASAN mode is intended to eventually be used in
> production as a security mitigation. Therefore there's a need for finer
> control over KASAN features and for an existence of a kill switch.
> 
> This change adds a few boot parameters for hardware tag-based KASAN that
> allow to disable or otherwise control particular KASAN features.
> 
> The features that can be controlled are:
> 
> 1. Whether KASAN is enabled at all.
> 2. Whether KASAN collects and saves alloc/free stacks.
> 3. Whether KASAN panics on a detected bug or not.
> 
> With this change a new boot parameter kasan.mode allows to choose one of
> three main modes:
> 
> - kasan.mode=off - KASAN is disabled, no tag checks are performed
> - kasan.mode=prod - only essential production features are enabled
> - kasan.mode=full - all KASAN features are enabled

Alternative naming if we want to avoid "production" (in case someone
considers MTE to be expensive in a production system):

- kasan.mode=off
- kasan.mode=on
- kasan.mode=debug

Anyway, whatever you prefer is fine by me:

Acked-by: Catalin Marinas <catalin.marinas@arm.com>