Blame view
lib/Kconfig.kasan
7.25 KB
ec8f24b7f treewide: Add SPD... |
1 |
# SPDX-License-Identifier: GPL-2.0-only |
2bd926b43 kasan: add CONFIG... |
2 |
# This config refers to the generic KASAN mode. |
0b24becc8 kasan: add kernel... |
3 4 |
config HAVE_ARCH_KASAN bool |
2bd926b43 kasan: add CONFIG... |
5 6 |
config HAVE_ARCH_KASAN_SW_TAGS bool |
6a63a63ff kasan: introduce ... |
7 8 9 10 |
config HAVE_ARCH_KASAN_HW_TAGS bool config HAVE_ARCH_KASAN_VMALLOC |
3c5c3cfb9 kasan: support ba... |
11 |
bool |
158f25522 kasan: allow an a... |
12 13 14 15 16 17 |
config ARCH_DISABLE_KASAN_INLINE bool help An architecture might not support inline instrumentation. When this option is selected, inline and stack instrumentation are disabled. |
2bd926b43 kasan: add CONFIG... |
18 19 20 21 22 |
config CC_HAS_KASAN_GENERIC def_bool $(cc-option, -fsanitize=kernel-address) config CC_HAS_KASAN_SW_TAGS def_bool $(cc-option, -fsanitize=kernel-hwaddress) |
0b24becc8 kasan: add kernel... |
23 |
|
6a63a63ff kasan: introduce ... |
24 25 26 |
# This option is only required for software KASAN modes. # Old GCC versions don't have proper support for no_sanitize_address. # See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details. |
7b861a53e kasan: Bump requi... |
27 |
config CC_HAS_WORKING_NOSANITIZE_ADDRESS |
acf7b0bf7 kasan: Fix requir... |
28 |
def_bool !CC_IS_GCC || GCC_VERSION >= 80300 |
7b861a53e kasan: Bump requi... |
29 |
|
7a3767f83 kasan: improve an... |
30 |
menuconfig KASAN |
2bd926b43 kasan: add CONFIG... |
31 |
bool "KASAN: runtime memory debugger" |
6a63a63ff kasan: introduce ... |
32 33 34 35 |
depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \ (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \ CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \ HAVE_ARCH_KASAN_HW_TAGS |
2bd926b43 kasan: add CONFIG... |
36 |
depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) |
ffcc5cea4 kasan: don't dupl... |
37 |
select STACKDEPOT |
2bd926b43 kasan: add CONFIG... |
38 39 40 41 |
help Enables KASAN (KernelAddressSANitizer) - runtime memory debugger, designed to find out-of-bounds accesses and use-after-free bugs. See Documentation/dev-tools/kasan.rst for details. |
7a3767f83 kasan: improve an... |
42 |
if KASAN |
2bd926b43 kasan: add CONFIG... |
43 44 |
choice prompt "KASAN mode" |
2bd926b43 kasan: add CONFIG... |
45 46 |
default KASAN_GENERIC help |
6a63a63ff kasan: introduce ... |
47 48 49 50 51 52 53 54 55 56 |
KASAN has three modes: 1. generic KASAN (similar to userspace ASan, x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC), 2. software tag-based KASAN (arm64 only, based on software memory tagging (similar to userspace HWASan), enabled with CONFIG_KASAN_SW_TAGS), and 3. hardware tag-based KASAN (arm64 only, based on hardware memory tagging, enabled with CONFIG_KASAN_HW_TAGS). All KASAN modes are strictly debugging features. |
ac4766be5 kasan: update req... |
57 |
|
6a63a63ff kasan: introduce ... |
58 |
For better error reports enable CONFIG_STACKTRACE. |
2bd926b43 kasan: add CONFIG... |
59 60 61 62 |
config KASAN_GENERIC bool "Generic mode" depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC |
fa360beac kasan: fix Kconfi... |
63 |
depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS |
dd275caf4 kasan: depend on ... |
64 |
select SLUB_DEBUG if SLUB |
6a63a63ff kasan: introduce ... |
65 |
select CONSTRUCTORS |
0b24becc8 kasan: add kernel... |
66 |
help |
2bd926b43 kasan: add CONFIG... |
67 |
Enables generic KASAN mode. |
ac4766be5 kasan: update req... |
68 69 |
This mode is supported in both GCC and Clang. With GCC it requires |
527f6750d kasan: remove men... |
70 71 72 |
version 8.3.0 or later. Any supported Clang version is compatible, but detection of out-of-bounds accesses for global variables is supported only since Clang 11. |
ac4766be5 kasan: update req... |
73 |
|
2bd926b43 kasan: add CONFIG... |
74 75 76 |
This mode consumes about 1/8th of available memory at kernel start and introduces an overhead of ~x1.5 for the rest of the allocations. The performance slowdown is ~x3. |
ac4766be5 kasan: update req... |
77 |
|
2bd926b43 kasan: add CONFIG... |
78 |
Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB |
7ed2f9e66 mm, kasan: SLAB s... |
79 |
(the resulting kernel does not boot). |
0b24becc8 kasan: add kernel... |
80 |
|
2bd926b43 kasan: add CONFIG... |
81 82 83 |
config KASAN_SW_TAGS bool "Software tag-based mode" depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS |
fa360beac kasan: fix Kconfi... |
84 |
depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS |
2bd926b43 kasan: add CONFIG... |
85 |
select SLUB_DEBUG if SLUB |
6a63a63ff kasan: introduce ... |
86 |
select CONSTRUCTORS |
2bd926b43 kasan: add CONFIG... |
87 88 |
help Enables software tag-based KASAN mode. |
ac4766be5 kasan: update req... |
89 |
|
6a63a63ff kasan: introduce ... |
90 91 92 93 94 |
This mode require software memory tagging support in the form of HWASan-like compiler instrumentation. Currently this mode is only implemented for arm64 CPUs and relies on Top Byte Ignore. This mode requires Clang. |
ac4766be5 kasan: update req... |
95 |
|
2bd926b43 kasan: add CONFIG... |
96 97 98 99 100 |
This mode consumes about 1/16th of available memory at kernel start and introduces an overhead of ~20% for the rest of the allocations. This mode may potentially introduce problems relating to pointer casting and comparison, as it embeds tags into the top byte of each pointer. |
ac4766be5 kasan: update req... |
101 |
|
2bd926b43 kasan: add CONFIG... |
102 103 |
Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB (the resulting kernel does not boot). |
6a63a63ff kasan: introduce ... |
104 105 106 107 108 109 110 111 112 113 114 115 |
config KASAN_HW_TAGS bool "Hardware tag-based mode" depends on HAVE_ARCH_KASAN_HW_TAGS depends on SLUB help Enables hardware tag-based KASAN mode. This mode requires hardware memory tagging support, and can be used by any architecture that provides it. Currently this mode is only implemented for arm64 CPUs starting from ARMv8.5 and relies on Memory Tagging Extension and Top Byte Ignore. |
2bd926b43 kasan: add CONFIG... |
116 |
endchoice |
0b24becc8 kasan: add kernel... |
117 118 |
choice prompt "Instrumentation type" |
6a63a63ff kasan: introduce ... |
119 |
depends on KASAN_GENERIC || KASAN_SW_TAGS |
0b24becc8 kasan: add kernel... |
120 121 122 123 124 125 126 127 128 129 130 131 132 |
default KASAN_OUTLINE config KASAN_OUTLINE bool "Outline instrumentation" help Before every memory access compiler insert function call __asan_load*/__asan_store*. These functions performs check of shadow memory. This is slower than inline instrumentation, however it doesn't bloat size of kernel's .text section so much as inline does. config KASAN_INLINE bool "Inline instrumentation" |
158f25522 kasan: allow an a... |
133 |
depends on !ARCH_DISABLE_KASAN_INLINE |
0b24becc8 kasan: add kernel... |
134 135 136 137 138 139 140 |
help Compiler directly inserts code checking shadow memory before memory accesses. This is faster than outline (in some workloads it gives about x2 boost over outline instrumentation), but make kernel's .text size much bigger. endchoice |
02c587733 kasan: remove red... |
141 |
config KASAN_STACK |
6baec880d kasan: turn off a... |
142 |
bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST |
6a63a63ff kasan: introduce ... |
143 |
depends on KASAN_GENERIC || KASAN_SW_TAGS |
158f25522 kasan: allow an a... |
144 |
depends on !ARCH_DISABLE_KASAN_INLINE |
02c587733 kasan: remove red... |
145 |
default y if CC_IS_GCC |
6baec880d kasan: turn off a... |
146 147 148 149 150 151 152 |
help The LLVM stack address sanitizer has a know problem that causes excessive stack usage in a lot of functions, see https://bugs.llvm.org/show_bug.cgi?id=38809 Disabling asan-stack makes it safe to run kernels build with clang-8 with KASAN enabled, though it loses some of the functionality. |
ebb6d35a7 kasan: remove cla... |
153 154 155 156 157 |
This feature is always disabled when compile-testing with clang to avoid cluttering the output in stack overflow warnings, but clang users can still enable it for builds without CONFIG_COMPILE_TEST. On gcc it is assumed to always be safe to use and enabled by default. |
158f25522 kasan: allow an a... |
158 159 160 |
If the architecture disables inline instrumentation, stack instrumentation is also disabled as it adds inline-style instrumentation that is run unconditionally. |
6baec880d kasan: turn off a... |
161 |
|
f06f78ab4 kasan: rename CON... |
162 |
config KASAN_TAGS_IDENTIFY |
ae8f06b31 kasan: add memory... |
163 |
bool "Enable memory corruption identification" |
7a22bdc3c kasan: add memory... |
164 |
depends on KASAN_SW_TAGS || KASAN_HW_TAGS |
ae8f06b31 kasan: add memory... |
165 166 167 168 |
help This option enables best-effort identification of bug type (use-after-free or out-of-bounds) at the cost of increased memory consumption. |
3c5c3cfb9 kasan: support ba... |
169 170 |
config KASAN_VMALLOC bool "Back mappings in vmalloc space with real shadow memory" |
71f6af6d5 kasan: KASAN_VMAL... |
171 |
depends on KASAN_GENERIC && HAVE_ARCH_KASAN_VMALLOC |
3c5c3cfb9 kasan: support ba... |
172 173 174 175 176 177 178 179 180 |
help By default, the shadow region for vmalloc space is the read-only zero page. This means that KASAN cannot detect errors involving vmalloc space. Enabling this option will hook in to vmap/vmalloc and back those mappings with real shadow memory allocated on demand. This allows for KASAN to detect more sorts of errors (and to support vmapped stacks), but at the cost of higher memory usage. |
73228c7ec KASAN: port KASAN... |
181 182 183 184 |
config KASAN_KUNIT_TEST tristate "KUnit-compatible tests of KASAN bug detection capabilities" if !KUNIT_ALL_TESTS depends on KASAN && KUNIT default KUNIT_ALL_TESTS |
3f15801cd lib: add kasan te... |
185 |
help |
73228c7ec KASAN: port KASAN... |
186 187 |
This is a KUnit test suite doing various nasty things like out of bounds and use after free accesses. It is useful for testing |
2bd926b43 kasan: add CONFIG... |
188 |
kernel debugging features like KASAN. |
7a3767f83 kasan: improve an... |
189 |
|
73228c7ec KASAN: port KASAN... |
190 |
For more information on KUnit and unit tests in general, please refer |
f05842cfb kasan, arm64: all... |
191 |
to the KUnit documentation in Documentation/dev-tools/kunit. |
73228c7ec KASAN: port KASAN... |
192 |
|
5d92bdffd kasan: rename CON... |
193 |
config KASAN_MODULE_TEST |
73228c7ec KASAN: port KASAN... |
194 |
tristate "KUnit-incompatible tests of KASAN bug detection capabilities" |
f05842cfb kasan, arm64: all... |
195 |
depends on m && KASAN && !KASAN_HW_TAGS |
73228c7ec KASAN: port KASAN... |
196 197 198 199 |
help This is a part of the KASAN test suite that is incompatible with KUnit. Currently includes tests that do bad copy_from/to_user accesses. |
7a3767f83 kasan: improve an... |
200 |
endif # KASAN |