config HAVE_ARCH_KASAN
|
bool
|
|
if HAVE_ARCH_KASAN
|
|
config KASAN
|
bool "KASan: runtime memory debugger"
|
depends on SLUB || (SLAB && !DEBUG_SLAB)
|
select CONSTRUCTORS
|
select STACKDEPOT
|
help
|
Enables kernel address sanitizer - runtime memory debugger,
|
designed to find out-of-bounds accesses and use-after-free bugs.
|
This is strictly a debugging feature and it requires a gcc version
|
of 4.9.2 or later. Detection of out of bounds accesses to stack or
|
global variables requires gcc 5.0 or later.
|
This feature consumes about 1/8 of available memory and brings about
|
~x3 performance slowdown.
|
For better error detection enable CONFIG_STACKTRACE.
|
Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
|
(the resulting kernel does not boot).
|
|
choice
|
prompt "Instrumentation type"
|
depends on KASAN
|
default KASAN_OUTLINE
|
|
config KASAN_OUTLINE
|
bool "Outline instrumentation"
|
help
|
Before every memory access compiler insert function call
|
__asan_load*/__asan_store*. These functions performs check
|
of shadow memory. This is slower than inline instrumentation,
|
however it doesn't bloat size of kernel's .text section so
|
much as inline does.
|
|
config KASAN_INLINE
|
bool "Inline instrumentation"
|
help
|
Compiler directly inserts code checking shadow memory before
|
memory accesses. This is faster than outline (in some workloads
|
it gives about x2 boost over outline instrumentation), but
|
make kernel's .text size much bigger.
|
This requires a gcc version of 5.0 or later.
|
|
endchoice
|
|
config TEST_KASAN
|
tristate "Module for testing kasan for bug detection"
|
depends on m && KASAN
|
help
|
This is a test module doing various nasty things like
|
out of bounds accesses, use after free. It is useful for testing
|
kernel debugging features like kernel address sanitizer.
|
|
endif
|
