[mirror_ubuntu-zesty-kernel.git] / lib / Kconfig.kasan

config HAVE_ARCH_KASAN
	bool

if HAVE_ARCH_KASAN

config KASAN
	bool "KASan: runtime memory debugger"
	depends on SLUB || (SLAB && !DEBUG_SLAB)
	select CONSTRUCTORS
	select STACKDEPOT
	help
	  Enables kernel address sanitizer - runtime memory debugger,
	  designed to find out-of-bounds accesses and use-after-free bugs.
	  This is strictly a debugging feature and it requires a gcc version
	  of 4.9.2 or later. Detection of out of bounds accesses to stack or
	  global variables requires gcc 5.0 or later.
	  This feature consumes about 1/8 of available memory and brings about
	  ~x3 performance slowdown.
	  For better error detection enable CONFIG_STACKTRACE.
	  Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
	  (the resulting kernel does not boot).

choice
	prompt "Instrumentation type"
	depends on KASAN
	default KASAN_OUTLINE

config KASAN_OUTLINE
	bool "Outline instrumentation"
	help
	  Before every memory access compiler insert function call
	  __asan_load*/__asan_store*. These functions performs check
	  of shadow memory. This is slower than inline instrumentation,
	  however it doesn't bloat size of kernel's .text section so
	  much as inline does.

config KASAN_INLINE
	bool "Inline instrumentation"
	help
	  Compiler directly inserts code checking shadow memory before
	  memory accesses. This is faster than outline (in some workloads
	  it gives about x2 boost over outline instrumentation), but
	  make kernel's .text size much bigger.
	  This requires a gcc version of 5.0 or later.

endchoice

config TEST_KASAN
	tristate "Module for testing kasan for bug detection"
	depends on m && KASAN
	help
	  This is a test module doing various nasty things like
	  out of bounds accesses, use after free. It is useful for testing
	  kernel debugging features like kernel address sanitizer.

endif
Commit	Line	Data
0b24becc AR	1	config HAVE_ARCH_KASAN
	2	bool
	3
	4	if HAVE_ARCH_KASAN
	5
	6	config KASAN
	7	bool "KASan: runtime memory debugger"
80a9201a	8	depends on SLUB \|\| (SLAB && !DEBUG_SLAB)
bebf56a1	9	select CONSTRUCTORS
80a9201a	10	select STACKDEPOT
0b24becc AR	11	help
	12	Enables kernel address sanitizer - runtime memory debugger,
	13	designed to find out-of-bounds accesses and use-after-free bugs.
01e76903 JP	14	This is strictly a debugging feature and it requires a gcc version
	15	of 4.9.2 or later. Detection of out of bounds accesses to stack or
	16	global variables requires gcc 5.0 or later.
	17	This feature consumes about 1/8 of available memory and brings about
	18	~x3 performance slowdown.
89d3c87e	19	For better error detection enable CONFIG_STACKTRACE.
7ed2f9e6 AP	20	Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
7ed2f9e6 AP	21	(the resulting kernel does not boot).
0b24becc	22
0b24becc AR	23	choice
	24	prompt "Instrumentation type"
	25	depends on KASAN
	26	default KASAN_OUTLINE
	27
	28	config KASAN_OUTLINE
	29	bool "Outline instrumentation"
	30	help
	31	Before every memory access compiler insert function call
	32	__asan_load/__asan_store. These functions performs check
	33	of shadow memory. This is slower than inline instrumentation,
	34	however it doesn't bloat size of kernel's .text section so
	35	much as inline does.
	36
	37	config KASAN_INLINE
	38	bool "Inline instrumentation"
	39	help
	40	Compiler directly inserts code checking shadow memory before
	41	memory accesses. This is faster than outline (in some workloads
	42	it gives about x2 boost over outline instrumentation), but
	43	make kernel's .text size much bigger.
01e76903	44	This requires a gcc version of 5.0 or later.
0b24becc AR	45
	46	endchoice
	47
3f15801c AR	48	config TEST_KASAN
	49	tristate "Module for testing kasan for bug detection"
	50	depends on m && KASAN
	51	help
	52	This is a test module doing various nasty things like
	53	out of bounds accesses, use after free. It is useful for testing
	54	kernel debugging features like kernel address sanitizer.
	55
0b24becc	56	endif