| config HAVE_ARCH_KASAN |
| bool |
| |
| if HAVE_ARCH_KASAN |
| |
| config KASAN |
| bool "KASan: runtime memory debugger" |
| depends on SLUB || (SLAB && !DEBUG_SLAB) |
| select SLUB_DEBUG if SLUB |
| select CONSTRUCTORS |
| select STACKDEPOT |
| help |
| Enables kernel address sanitizer - runtime memory debugger, |
| designed to find out-of-bounds accesses and use-after-free bugs. |
| This is strictly a debugging feature and it requires a gcc version |
| of 4.9.2 or later. Detection of out of bounds accesses to stack or |
| global variables requires gcc 5.0 or later. |
| This feature consumes about 1/8 of available memory and brings about |
| ~x3 performance slowdown. |
| For better error detection enable CONFIG_STACKTRACE. |
| Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB |
| (the resulting kernel does not boot). |
| |
| config KASAN_EXTRA |
| bool "KAsan: extra checks" |
| depends on KASAN && DEBUG_KERNEL && !COMPILE_TEST |
| help |
| This enables further checks in the kernel address sanitizer, for now |
| it only includes the address-use-after-scope check that can lead |
| to excessive kernel stack usage, frame size warnings and longer |
| compile time. |
| https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more |
| |
| |
| choice |
| prompt "Instrumentation type" |
| depends on KASAN |
| default KASAN_OUTLINE |
| |
| config KASAN_OUTLINE |
| bool "Outline instrumentation" |
| help |
| Before every memory access compiler insert function call |
| __asan_load*/__asan_store*. These functions performs check |
| of shadow memory. This is slower than inline instrumentation, |
| however it doesn't bloat size of kernel's .text section so |
| much as inline does. |
| |
| config KASAN_INLINE |
| bool "Inline instrumentation" |
| help |
| Compiler directly inserts code checking shadow memory before |
| memory accesses. This is faster than outline (in some workloads |
| it gives about x2 boost over outline instrumentation), but |
| make kernel's .text size much bigger. |
| This requires a gcc version of 5.0 or later. |
| |
| endchoice |
| |
| config TEST_KASAN |
| tristate "Module for testing kasan for bug detection" |
| depends on m && KASAN |
| help |
| This is a test module doing various nasty things like |
| out of bounds accesses, use after free. It is useful for testing |
| kernel debugging features like kernel address sanitizer. |
| |
| endif |