Blame view
lib/Kconfig.ubsan
3.72 KB
ec8f24b7f treewide: Add SPD... |
1 |
# SPDX-License-Identifier: GPL-2.0-only |
c6d308534 UBSAN: run-time u... |
2 3 |
config ARCH_HAS_UBSAN_SANITIZE_ALL bool |
277a10850 ubsan: split "bou... |
4 |
menuconfig UBSAN |
c6d308534 UBSAN: run-time u... |
5 6 |
bool "Undefined behaviour sanity checker" help |
0887a7ebc ubsan: add trap i... |
7 |
This option enables the Undefined Behaviour sanity checker. |
c6d308534 UBSAN: run-time u... |
8 |
Compile-time instrumentation is used to detect various undefined |
0887a7ebc ubsan: add trap i... |
9 10 |
behaviours at runtime. For more details, see: Documentation/dev-tools/ubsan.rst |
277a10850 ubsan: split "bou... |
11 |
if UBSAN |
0887a7ebc ubsan: add trap i... |
12 13 |
config UBSAN_TRAP bool "On Sanitizer warnings, abort the running kernel code" |
0887a7ebc ubsan: add trap i... |
14 15 16 17 18 19 20 21 22 23 24 |
depends on $(cc-option, -fsanitize-undefined-trap-on-error) help Building kernels with Sanitizer features enabled tends to grow the kernel size by around 5%, due to adding all the debugging text on failure paths. To avoid this, Sanitizer instrumentation can just issue a trap. This reduces the kernel size overhead but turns all warnings (including potentially harmless conditions) into full exceptions that abort the running kernel code (regardless of context, locks held, etc), which may destabilize the system. For some system builders this is an acceptable trade-off. |
c6d308534 UBSAN: run-time u... |
25 |
|
ea91a1d45 ubsan, kcsan: Don... |
26 27 28 29 30 31 32 33 34 |
config UBSAN_KCOV_BROKEN def_bool KCOV && CC_HAS_SANCOV_TRACE_PC depends on CC_IS_CLANG depends on !$(cc-option,-Werror=unused-command-line-argument -fsanitize=bounds -fsanitize-coverage=trace-pc) help Some versions of clang support either UBSAN or KCOV but not the combination of the two. See https://bugs.llvm.org/show_bug.cgi?id=45831 for the status in newer releases. |
277a10850 ubsan: split "bou... |
35 36 37 |
config UBSAN_BOUNDS bool "Perform array index bounds checking" default UBSAN |
ea91a1d45 ubsan, kcsan: Don... |
38 |
depends on !UBSAN_KCOV_BROKEN |
277a10850 ubsan: split "bou... |
39 40 41 42 43 44 |
help This option enables detection of directly indexed out of bounds array accesses, where the array size is known at compile time. Note that this does not protect array overflows via bad calls to the {str,mem}*cpy() family of functions (that is addressed by CONFIG_FORTIFY_SOURCE). |
6a6155f66 ubsan: introduce ... |
45 46 47 48 49 50 51 52 53 54 55 56 57 |
config UBSAN_LOCAL_BOUNDS bool "Perform array local bounds checking" depends on UBSAN_TRAP depends on CC_IS_CLANG depends on !UBSAN_KCOV_BROKEN help This option enables -fsanitize=local-bounds which traps when an exception/error is detected. Therefore, it should be enabled only if trapping is expected. Enabling this option detects errors due to accesses through a pointer that is derived from an object of a statically-known size, where an added offset (which may not be known statically) is out-of-bounds. |
277a10850 ubsan: split "bou... |
58 59 60 61 62 63 64 |
config UBSAN_MISC bool "Enable all other Undefined Behavior sanity checks" default UBSAN help This option enables all sanity checks that don't have their own Kconfig options. Disable this if you only want to have individually selected checks. |
c6d308534 UBSAN: run-time u... |
65 66 |
config UBSAN_SANITIZE_ALL bool "Enable instrumentation for the entire kernel" |
c6d308534 UBSAN: run-time u... |
67 |
depends on ARCH_HAS_UBSAN_SANITIZE_ALL |
dde5cf39d ubsan: fix tree-w... |
68 69 70 71 72 |
# We build with -Wno-maybe-uninitilzed, but we still want to # use -Wmaybe-uninitilized in allmodconfig builds. # So dependsy bellow used to disable this option in allmodconfig depends on !COMPILE_TEST |
c6d308534 UBSAN: run-time u... |
73 74 75 76 77 |
default y help This option activates instrumentation for the entire kernel. If you don't enable this option, you have to explicitly specify UBSAN_SANITIZE := y for the files/directories you want to check for UB. |
7707535ab ubsan: cosmetic f... |
78 79 |
Enabling this option will get kernel image size increased significantly. |
c6d308534 UBSAN: run-time u... |
80 |
|
8d58f222e ubsan: disable UB... |
81 82 83 |
config UBSAN_ALIGNMENT bool "Enable checks for pointers alignment" default !HAVE_EFFICIENT_UNALIGNED_ACCESS |
9380ce246 ubsan: entirely d... |
84 |
depends on !UBSAN_TRAP |
c6d308534 UBSAN: run-time u... |
85 |
help |
8d58f222e ubsan: disable UB... |
86 87 |
This option enables the check of unaligned memory accesses. Enabling this option on architectures that support unaligned |
c6d308534 UBSAN: run-time u... |
88 |
accesses may produce a lot of false positives. |
725c4d22b ubsan: allow to d... |
89 |
|
854686f4e lib: add testing ... |
90 91 |
config TEST_UBSAN tristate "Module for testing for undefined behavior detection" |
277a10850 ubsan: split "bou... |
92 |
depends on m |
854686f4e lib: add testing ... |
93 94 95 |
help This is a test module for UBSAN. It triggers various undefined behavior, and detect it. |
277a10850 ubsan: split "bou... |
96 97 |
endif # if UBSAN |