| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- config HAVE_ARCH_KASAN
- bool
- if HAVE_ARCH_KASAN
- config KASAN
- bool "KASan: runtime memory debugger"
- depends on SLUB_DEBUG
- select CONSTRUCTORS
- help
- Enables kernel address sanitizer - runtime memory debugger,
- designed to find out-of-bounds accesses and use-after-free bugs.
- This is strictly a debugging feature and it requires a gcc version
- of 4.9.2 or later. Detection of out of bounds accesses to stack or
- global variables requires gcc 5.0 or later.
- This feature consumes about 1/8 of available memory and brings about
- ~x3 performance slowdown.
- For better error detection enable CONFIG_STACKTRACE,
- and add slub_debug=U to boot cmdline.
- config KASAN_SHADOW_OFFSET
- hex
- default 0xdffffc0000000000 if X86_64
- choice
- prompt "Instrumentation type"
- depends on KASAN
- default KASAN_OUTLINE
- config KASAN_OUTLINE
- bool "Outline instrumentation"
- help
- Before every memory access compiler insert function call
- __asan_load*/__asan_store*. These functions performs check
- of shadow memory. This is slower than inline instrumentation,
- however it doesn't bloat size of kernel's .text section so
- much as inline does.
- config KASAN_INLINE
- bool "Inline instrumentation"
- help
- Compiler directly inserts code checking shadow memory before
- memory accesses. This is faster than outline (in some workloads
- it gives about x2 boost over outline instrumentation), but
- make kernel's .text size much bigger.
- This requires a gcc version of 5.0 or later.
- endchoice
- config TEST_KASAN
- tristate "Module for testing kasan for bug detection"
- depends on m && KASAN
- help
- This is a test module doing various nasty things like
- out of bounds accesses, use after free. It is useful for testing
- kernel debugging features like kernel address sanitizer.
- endif
|
