]>
Commit | Line | Data |
---|---|---|
ec8f24b7 | 1 | # SPDX-License-Identifier: GPL-2.0-only |
2bd926b4 | 2 | # This config refers to the generic KASAN mode. |
0b24becc AR |
3 | config HAVE_ARCH_KASAN |
4 | bool | |
5 | ||
2bd926b4 AK |
6 | config HAVE_ARCH_KASAN_SW_TAGS |
7 | bool | |
8 | ||
3c5c3cfb DA |
9 | config HAVE_ARCH_KASAN_VMALLOC |
10 | bool | |
11 | ||
2bd926b4 AK |
12 | config CC_HAS_KASAN_GENERIC |
13 | def_bool $(cc-option, -fsanitize=kernel-address) | |
14 | ||
15 | config CC_HAS_KASAN_SW_TAGS | |
16 | def_bool $(cc-option, -fsanitize=kernel-hwaddress) | |
0b24becc | 17 | |
7b861a53 | 18 | config CC_HAS_WORKING_NOSANITIZE_ADDRESS |
acf7b0bf | 19 | def_bool !CC_IS_GCC || GCC_VERSION >= 80300 |
7b861a53 | 20 | |
7a3767f8 | 21 | menuconfig KASAN |
2bd926b4 AK |
22 | bool "KASAN: runtime memory debugger" |
23 | depends on (HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \ | |
24 | (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS) | |
25 | depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) | |
7b861a53 | 26 | depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS |
2bd926b4 AK |
27 | help |
28 | Enables KASAN (KernelAddressSANitizer) - runtime memory debugger, | |
29 | designed to find out-of-bounds accesses and use-after-free bugs. | |
30 | See Documentation/dev-tools/kasan.rst for details. | |
31 | ||
7a3767f8 ME |
32 | if KASAN |
33 | ||
2bd926b4 AK |
34 | choice |
35 | prompt "KASAN mode" | |
2bd926b4 AK |
36 | default KASAN_GENERIC |
37 | help | |
38 | KASAN has two modes: generic KASAN (similar to userspace ASan, | |
39 | x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC) and | |
40 | software tag-based KASAN (a version based on software memory | |
41 | tagging, arm64 only, similar to userspace HWASan, enabled with | |
42 | CONFIG_KASAN_SW_TAGS). | |
43 | Both generic and tag-based KASAN are strictly debugging features. | |
44 | ||
45 | config KASAN_GENERIC | |
46 | bool "Generic mode" | |
47 | depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC | |
03758dbb | 48 | depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) |
dd275caf | 49 | select SLUB_DEBUG if SLUB |
bebf56a1 | 50 | select CONSTRUCTORS |
80a9201a | 51 | select STACKDEPOT |
0b24becc | 52 | help |
2bd926b4 AK |
53 | Enables generic KASAN mode. |
54 | Supported in both GCC and Clang. With GCC it requires version 4.9.2 | |
55 | or later for basic support and version 5.0 or later for detection of | |
56 | out-of-bounds accesses for stack and global variables and for inline | |
57 | instrumentation mode (CONFIG_KASAN_INLINE). With Clang it requires | |
58 | version 3.7.0 or later and it doesn't support detection of | |
59 | out-of-bounds accesses for global variables yet. | |
60 | This mode consumes about 1/8th of available memory at kernel start | |
61 | and introduces an overhead of ~x1.5 for the rest of the allocations. | |
62 | The performance slowdown is ~x3. | |
89d3c87e | 63 | For better error detection enable CONFIG_STACKTRACE. |
2bd926b4 | 64 | Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB |
7ed2f9e6 | 65 | (the resulting kernel does not boot). |
0b24becc | 66 | |
2bd926b4 AK |
67 | config KASAN_SW_TAGS |
68 | bool "Software tag-based mode" | |
69 | depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS | |
70 | depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) | |
71 | select SLUB_DEBUG if SLUB | |
72 | select CONSTRUCTORS | |
73 | select STACKDEPOT | |
74 | help | |
75 | Enables software tag-based KASAN mode. | |
76 | This mode requires Top Byte Ignore support by the CPU and therefore | |
77 | is only supported for arm64. | |
78 | This mode requires Clang version 7.0.0 or later. | |
79 | This mode consumes about 1/16th of available memory at kernel start | |
80 | and introduces an overhead of ~20% for the rest of the allocations. | |
81 | This mode may potentially introduce problems relating to pointer | |
82 | casting and comparison, as it embeds tags into the top byte of each | |
83 | pointer. | |
84 | For better error detection enable CONFIG_STACKTRACE. | |
85 | Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB | |
86 | (the resulting kernel does not boot). | |
87 | ||
88 | endchoice | |
89 | ||
0b24becc AR |
90 | choice |
91 | prompt "Instrumentation type" | |
0b24becc AR |
92 | default KASAN_OUTLINE |
93 | ||
94 | config KASAN_OUTLINE | |
95 | bool "Outline instrumentation" | |
96 | help | |
97 | Before every memory access compiler insert function call | |
98 | __asan_load*/__asan_store*. These functions performs check | |
99 | of shadow memory. This is slower than inline instrumentation, | |
100 | however it doesn't bloat size of kernel's .text section so | |
101 | much as inline does. | |
102 | ||
103 | config KASAN_INLINE | |
104 | bool "Inline instrumentation" | |
105 | help | |
106 | Compiler directly inserts code checking shadow memory before | |
107 | memory accesses. This is faster than outline (in some workloads | |
108 | it gives about x2 boost over outline instrumentation), but | |
109 | make kernel's .text size much bigger. | |
2bd926b4 | 110 | For CONFIG_KASAN_GENERIC this requires GCC 5.0 or later. |
0b24becc AR |
111 | |
112 | endchoice | |
113 | ||
6baec880 AB |
114 | config KASAN_STACK_ENABLE |
115 | bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST | |
6baec880 AB |
116 | help |
117 | The LLVM stack address sanitizer has a know problem that | |
118 | causes excessive stack usage in a lot of functions, see | |
119 | https://bugs.llvm.org/show_bug.cgi?id=38809 | |
120 | Disabling asan-stack makes it safe to run kernels build | |
121 | with clang-8 with KASAN enabled, though it loses some of | |
122 | the functionality. | |
ebb6d35a AB |
123 | This feature is always disabled when compile-testing with clang |
124 | to avoid cluttering the output in stack overflow warnings, | |
125 | but clang users can still enable it for builds without | |
126 | CONFIG_COMPILE_TEST. On gcc it is assumed to always be safe | |
127 | to use and enabled by default. | |
6baec880 AB |
128 | |
129 | config KASAN_STACK | |
130 | int | |
131 | default 1 if KASAN_STACK_ENABLE || CC_IS_GCC | |
132 | default 0 | |
133 | ||
5dff0381 VG |
134 | config KASAN_S390_4_LEVEL_PAGING |
135 | bool "KASan: use 4-level paging" | |
7a3767f8 | 136 | depends on S390 |
5dff0381 VG |
137 | help |
138 | Compiling the kernel with KASan disables automatic 3-level vs | |
139 | 4-level paging selection. 3-level paging is used by default (up | |
140 | to 3TB of RAM with KASan enabled). This options allows to force | |
141 | 4-level paging instead. | |
142 | ||
ae8f06b3 WW |
143 | config KASAN_SW_TAGS_IDENTIFY |
144 | bool "Enable memory corruption identification" | |
145 | depends on KASAN_SW_TAGS | |
146 | help | |
147 | This option enables best-effort identification of bug type | |
148 | (use-after-free or out-of-bounds) at the cost of increased | |
149 | memory consumption. | |
150 | ||
3c5c3cfb DA |
151 | config KASAN_VMALLOC |
152 | bool "Back mappings in vmalloc space with real shadow memory" | |
7a3767f8 | 153 | depends on HAVE_ARCH_KASAN_VMALLOC |
3c5c3cfb DA |
154 | help |
155 | By default, the shadow region for vmalloc space is the read-only | |
156 | zero page. This means that KASAN cannot detect errors involving | |
157 | vmalloc space. | |
158 | ||
159 | Enabling this option will hook in to vmap/vmalloc and back those | |
160 | mappings with real shadow memory allocated on demand. This allows | |
161 | for KASAN to detect more sorts of errors (and to support vmapped | |
162 | stacks), but at the cost of higher memory usage. | |
163 | ||
3f15801c | 164 | config TEST_KASAN |
2bd926b4 | 165 | tristate "Module for testing KASAN for bug detection" |
7a3767f8 | 166 | depends on m |
3f15801c AR |
167 | help |
168 | This is a test module doing various nasty things like | |
169 | out of bounds accesses, use after free. It is useful for testing | |
2bd926b4 | 170 | kernel debugging features like KASAN. |
7a3767f8 ME |
171 | |
172 | endif # KASAN |