| blob | 39f24d6721e5a29d8016811d4f5332fca66c2ec2 |
1 config HAVE_ARCH_KASAN
2 bool
4 if HAVE_ARCH_KASAN
6 config KASAN
7 bool "KASan: runtime memory debugger"
8 depends on SLUB_DEBUG
9 select CONSTRUCTORS
10 help
11 Enables kernel address sanitizer - runtime memory debugger,
12 designed to find out-of-bounds accesses and use-after-free bugs.
13 This is strictly a debugging feature and it requires a gcc version
14 of 4.9.2 or later. Detection of out of bounds accesses to stack or
15 global variables requires gcc 5.0 or later.
16 This feature consumes about 1/8 of available memory and brings about
17 ~x3 performance slowdown.
18 For better error detection enable CONFIG_STACKTRACE,
19 and add slub_debug=U to boot cmdline.
21 choice
22 prompt "Instrumentation type"
23 depends on KASAN
24 default KASAN_OUTLINE
26 config KASAN_OUTLINE
27 bool "Outline instrumentation"
28 help
29 Before every memory access compiler insert function call
30 __asan_load*/__asan_store*. These functions performs check
31 of shadow memory. This is slower than inline instrumentation,
32 however it doesn't bloat size of kernel's .text section so
33 much as inline does.
35 config KASAN_INLINE
36 bool "Inline instrumentation"
37 help
38 Compiler directly inserts code checking shadow memory before
39 memory accesses. This is faster than outline (in some workloads
40 it gives about x2 boost over outline instrumentation), but
41 make kernel's .text size much bigger.
42 This requires a gcc version of 5.0 or later.
44 endchoice
46 config TEST_KASAN
47 tristate "Module for testing kasan for bug detection"
48 depends on m && KASAN
49 help
50 This is a test module doing various nasty things like
51 out of bounds accesses, use after free. It is useful for testing
52 kernel debugging features like kernel address sanitizer.
54 endif