~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/lib/Kconfig.ubsan

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /lib/Kconfig.ubsan (Version linux-6.12-rc7) and /lib/Kconfig.ubsan (Version linux-4.17.19)


  1 # SPDX-License-Identifier: GPL-2.0-only        !!   1 config ARCH_HAS_UBSAN_SANITIZE_ALL
  2 config ARCH_HAS_UBSAN                          << 
  3         bool                                        2         bool
  4                                                     3 
  5 menuconfig UBSAN                               !!   4 config ARCH_WANTS_UBSAN_NO_NULL
                                                   >>   5         def_bool n
                                                   >>   6 
                                                   >>   7 config UBSAN
  6         bool "Undefined behaviour sanity check      8         bool "Undefined behaviour sanity checker"
  7         depends on ARCH_HAS_UBSAN              << 
  8         help                                        9         help
  9           This option enables the Undefined Be !!  10           This option enables undefined behaviour sanity checker
 10           Compile-time instrumentation is used     11           Compile-time instrumentation is used to detect various undefined
 11           behaviours at runtime. For more deta !!  12           behaviours in runtime. Various types of checks may be enabled
 12           Documentation/dev-tools/ubsan.rst    !!  13           via boot parameter ubsan_handle
 13                                                !!  14           (see: Documentation/dev-tools/ubsan.rst).
 14 if UBSAN                                       !!  15 
 15                                                !!  16 config UBSAN_SANITIZE_ALL
 16 config UBSAN_TRAP                              !!  17         bool "Enable instrumentation for the entire kernel"
 17         bool "Abort on Sanitizer warnings (sma !!  18         depends on UBSAN
 18         depends on !COMPILE_TEST               !!  19         depends on ARCH_HAS_UBSAN_SANITIZE_ALL
 19         help                                   !!  20 
 20           Building kernels with Sanitizer feat !!  21         # We build with -Wno-maybe-uninitilzed, but we still want to
 21           the kernel size by around 5%, due to !!  22         # use -Wmaybe-uninitilized in allmodconfig builds.
 22           text on failure paths. To avoid this !!  23         # So dependsy bellow used to disable this option in allmodconfig
 23           can just issue a trap. This reduces  << 
 24           turns all warnings (including potent << 
 25           into full exceptions that abort the  << 
 26           (regardless of context, locks held,  << 
 27           the system. For some system builders << 
 28           trade-off.                           << 
 29                                                << 
 30           Also note that selecting Y will caus << 
 31           with an "illegal instruction" error  << 
 32           when a UBSAN violation occurs. (Exce << 
 33           will report which Sanitizer failed.) << 
 34           determine whether an Oops was caused << 
 35           out the details of a UBSAN violation << 
 36           output less useful for bug reports.  << 
 37                                                << 
 38 config CC_HAS_UBSAN_BOUNDS_STRICT              << 
 39         def_bool $(cc-option,-fsanitize=bounds << 
 40         help                                   << 
 41           The -fsanitize=bounds-strict option  << 
 42           but uses the more strict handling of << 
 43           of flexible arrays, which is compara << 
 44           -fsanitize=bounds.                   << 
 45                                                << 
 46 config CC_HAS_UBSAN_ARRAY_BOUNDS               << 
 47         def_bool $(cc-option,-fsanitize=array- << 
 48         help                                   << 
 49           Under Clang, the -fsanitize=bounds o << 
 50           of two more specific options, -fsani << 
 51           -fsanitize=local-bounds. However, -f << 
 52           only be used when trap mode is enabl << 
 53           CONFIG_LOCAL_BOUNDS.) Explicitly che << 
 54           so that we can build up the options  << 
 55           with or without UBSAN_TRAP.          << 
 56                                                << 
 57 config UBSAN_BOUNDS                            << 
 58         bool "Perform array index bounds check << 
 59         default UBSAN                          << 
 60         depends on CC_HAS_UBSAN_ARRAY_BOUNDS | << 
 61         help                                   << 
 62           This option enables detection of dir << 
 63           array accesses, where the array size << 
 64           Note that this does not protect arra << 
 65           to the {str,mem}*cpy() family of fun << 
 66           by CONFIG_FORTIFY_SOURCE).           << 
 67                                                << 
 68 config UBSAN_BOUNDS_STRICT                     << 
 69         def_bool UBSAN_BOUNDS && CC_HAS_UBSAN_ << 
 70         help                                   << 
 71           GCC's bounds sanitizer. This option  << 
 72           correct options in Makefile.ubsan.   << 
 73                                                << 
 74 config UBSAN_ARRAY_BOUNDS                      << 
 75         def_bool UBSAN_BOUNDS && CC_HAS_UBSAN_ << 
 76         help                                   << 
 77           Clang's array bounds sanitizer. This << 
 78           the correct options in Makefile.ubsa << 
 79                                                << 
 80 config UBSAN_LOCAL_BOUNDS                      << 
 81         def_bool UBSAN_ARRAY_BOUNDS && UBSAN_T << 
 82         help                                   << 
 83           This option enables Clang's -fsaniti << 
 84           when an access through a pointer tha << 
 85           of a statically-known size, where an << 
 86           be known statically) is out-of-bound << 
 87           trap-only, it depends on CONFIG_UBSA << 
 88                                                << 
 89 config UBSAN_SHIFT                             << 
 90         bool "Perform checking for bit-shift o << 
 91         depends on $(cc-option,-fsanitize=shif << 
 92         help                                   << 
 93           This option enables -fsanitize=shift << 
 94           operations that overflow to the left << 
 95           for signed types.                    << 
 96                                                << 
 97 config UBSAN_DIV_ZERO                          << 
 98         bool "Perform checking for integer div << 
 99         depends on $(cc-option,-fsanitize=inte << 
100         # https://github.com/ClangBuiltLinux/l << 
101         # https://github.com/llvm/llvm-project << 
102         depends on !CC_IS_CLANG                << 
103         help                                   << 
104           This option enables -fsanitize=integ << 
105           for integer division by zero. This i << 
106           kernel's existing exception handling << 
107           debugging information under CONFIG_U << 
108                                                << 
109 config UBSAN_UNREACHABLE                       << 
110         bool "Perform checking for unreachable << 
111         # objtool already handles unreachable  << 
112         # seeing UBSan instrumentation located << 
113         depends on !(OBJTOOL && (STACK_VALIDAT << 
114         depends on $(cc-option,-fsanitize=unre << 
115         help                                   << 
116           This option enables -fsanitize=unrea << 
117           flow reaching an expected-to-be-unre << 
118                                                << 
119 config UBSAN_SIGNED_WRAP                       << 
120         bool "Perform checking for signed arit << 
121         default UBSAN                          << 
122         depends on !COMPILE_TEST                   24         depends on !COMPILE_TEST
123         # The no_sanitize attribute was introd !!  25         default y
124         depends on !CC_IS_GCC || GCC_VERSION > << 
125         depends on $(cc-option,-fsanitize=sign << 
126         help                                       26         help
127           This option enables -fsanitize=signe !!  27           This option activates instrumentation for the entire kernel.
128           for wrap-around of any arithmetic op !!  28           If you don't enable this option, you have to explicitly specify
129           This currently performs nearly no in !!  29           UBSAN_SANITIZE := y for the files/directories you want to check for UB.
130           kernel's use of -fno-strict-overflow !!  30           Enabling this option will get kernel image size increased
131           arithmetic undefined behavior into w !!  31           significantly.
132           sanitizer versions will allow for wr << 
133           exclusively undefined behavior).     << 
134                                                << 
135 config UBSAN_BOOL                              << 
136         bool "Perform checking for non-boolean << 
137         default UBSAN                          << 
138         depends on $(cc-option,-fsanitize=bool << 
139         help                                   << 
140           This option enables -fsanitize=bool  << 
141           loaded that are neither 0 nor 1.     << 
142                                                << 
143 config UBSAN_ENUM                              << 
144         bool "Perform checking for out of boun << 
145         default UBSAN                          << 
146         depends on $(cc-option,-fsanitize=enum << 
147         help                                   << 
148           This option enables -fsanitize=enum  << 
149           into an enum that are outside the ra << 
150                                                    32 
151 config UBSAN_ALIGNMENT                             33 config UBSAN_ALIGNMENT
152         bool "Perform checking for misaligned  !!  34         bool "Enable checking of pointers alignment"
153         default !HAVE_EFFICIENT_UNALIGNED_ACCE !!  35         depends on UBSAN
154         depends on !UBSAN_TRAP && !COMPILE_TES !!  36         default y if !HAVE_EFFICIENT_UNALIGNED_ACCESS
155         depends on $(cc-option,-fsanitize=alig << 
156         help                                       37         help
157           This option enables the check of una !!  38           This option enables detection of unaligned memory accesses.
158           Enabling this option on architecture     39           Enabling this option on architectures that support unaligned
159           accesses may produce a lot of false      40           accesses may produce a lot of false positives.
160                                                    41 
                                                   >>  42 config UBSAN_NULL
                                                   >>  43         bool "Enable checking of null pointers"
                                                   >>  44         depends on UBSAN
                                                   >>  45         default y if !ARCH_WANTS_UBSAN_NO_NULL
                                                   >>  46         help
                                                   >>  47           This option enables detection of memory accesses via a
                                                   >>  48           null pointer.
                                                   >>  49 
161 config TEST_UBSAN                                  50 config TEST_UBSAN
162         tristate "Module for testing for undef     51         tristate "Module for testing for undefined behavior detection"
163         depends on m                           !!  52         depends on m && UBSAN
164         help                                       53         help
165           This is a test module for UBSAN.         54           This is a test module for UBSAN.
166           It triggers various undefined behavi     55           It triggers various undefined behavior, and detect it.
167                                                << 
168 endif   # if UBSAN                             << 
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php