7 bool "KASan: runtime memory debugger"
8 depends on SLUB || (SLAB && !DEBUG_SLAB)
9 select SLUB_DEBUG if SLUB
13 Enables kernel address sanitizer - runtime memory debugger,
14 designed to find out-of-bounds accesses and use-after-free bugs.
15 This is strictly a debugging feature and it requires a gcc version
16 of 4.9.2 or later. Detection of out of bounds accesses to stack or
17 global variables requires gcc 5.0 or later.
18 This feature consumes about 1/8 of available memory and brings about
19 ~x3 performance slowdown.
20 For better error detection enable CONFIG_STACKTRACE.
21 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
22 (the resulting kernel does not boot).
25 bool "KAsan: extra checks"
26 depends on KASAN && DEBUG_KERNEL && !COMPILE_TEST
28 This enables further checks in the kernel address sanitizer, for now
29 it only includes the address-use-after-scope check that can lead
30 to excessive kernel stack usage, frame size warnings and longer
32 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
36 prompt "Instrumentation type"
41 bool "Outline instrumentation"
43 Before every memory access compiler insert function call
44 __asan_load*/__asan_store*. These functions performs check
45 of shadow memory. This is slower than inline instrumentation,
46 however it doesn't bloat size of kernel's .text section so
50 bool "Inline instrumentation"
52 Compiler directly inserts code checking shadow memory before
53 memory accesses. This is faster than outline (in some workloads
54 it gives about x2 boost over outline instrumentation), but
55 make kernel's .text size much bigger.
56 This requires a gcc version of 5.0 or later.
61 tristate "Module for testing kasan for bug detection"
64 This is a test module doing various nasty things like
65 out of bounds accesses, use after free. It is useful for testing
66 kernel debugging features like kernel address sanitizer.