~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/lib/Kconfig.kasan

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 # SPDX-License-Identifier: GPL-2.0-only
  2 
  3 # This config refers to the generic KASAN mode.
  4 config HAVE_ARCH_KASAN
  5         bool
  6 
  7 config HAVE_ARCH_KASAN_SW_TAGS
  8         bool
  9 
 10 config HAVE_ARCH_KASAN_HW_TAGS
 11         bool
 12 
 13 config HAVE_ARCH_KASAN_VMALLOC
 14         bool
 15 
 16 config ARCH_DISABLE_KASAN_INLINE
 17         bool
 18         help
 19           Disables both inline and stack instrumentation. Selected by
 20           architectures that do not support these instrumentation types.
 21 
 22 config CC_HAS_KASAN_GENERIC
 23         def_bool $(cc-option, -fsanitize=kernel-address)
 24 
 25 config CC_HAS_KASAN_SW_TAGS
 26         def_bool $(cc-option, -fsanitize=kernel-hwaddress)
 27 
 28 # This option is only required for software KASAN modes.
 29 # Old GCC versions do not have proper support for no_sanitize_address.
 30 # See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details.
 31 config CC_HAS_WORKING_NOSANITIZE_ADDRESS
 32         def_bool !CC_IS_GCC || GCC_VERSION >= 80300
 33 
 34 menuconfig KASAN
 35         bool "KASAN: dynamic memory safety error detector"
 36         depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
 37                      (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \
 38                     CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \
 39                    HAVE_ARCH_KASAN_HW_TAGS
 40         depends on SYSFS && !SLUB_TINY
 41         select STACKDEPOT_ALWAYS_INIT
 42         help
 43           Enables KASAN (Kernel Address Sanitizer) - a dynamic memory safety
 44           error detector designed to find out-of-bounds and use-after-free bugs.
 45 
 46           See Documentation/dev-tools/kasan.rst for details.
 47 
 48           For better error reports, also enable CONFIG_STACKTRACE.
 49 
 50 if KASAN
 51 
 52 config CC_HAS_KASAN_MEMINTRINSIC_PREFIX
 53         def_bool (CC_IS_CLANG && $(cc-option,-fsanitize=kernel-address -mllvm -asan-kernel-mem-intrinsic-prefix=1)) || \
 54                  (CC_IS_GCC && $(cc-option,-fsanitize=kernel-address --param asan-kernel-mem-intrinsic-prefix=1))
 55         # Don't define it if we don't need it: compilation of the test uses
 56         # this variable to decide how the compiler should treat builtins.
 57         depends on !KASAN_HW_TAGS
 58         help
 59           The compiler is able to prefix memintrinsics with __asan or __hwasan.
 60 
 61 choice
 62         prompt "KASAN mode"
 63         default KASAN_GENERIC
 64         help
 65           KASAN has three modes:
 66 
 67           1. Generic KASAN (supported by many architectures, enabled with
 68              CONFIG_KASAN_GENERIC, similar to userspace ASan),
 69           2. Software Tag-Based KASAN (arm64 only, based on software memory
 70              tagging, enabled with CONFIG_KASAN_SW_TAGS, similar to userspace
 71              HWASan), and
 72           3. Hardware Tag-Based KASAN (arm64 only, based on hardware memory
 73              tagging, enabled with CONFIG_KASAN_HW_TAGS).
 74 
 75           See Documentation/dev-tools/kasan.rst for details about each mode.
 76 
 77 config KASAN_GENERIC
 78         bool "Generic KASAN"
 79         depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC
 80         depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
 81         select SLUB_DEBUG
 82         select CONSTRUCTORS
 83         help
 84           Enables Generic KASAN.
 85 
 86           Requires GCC 8.3.0+ or Clang.
 87 
 88           Consumes about 1/8th of available memory at kernel start and adds an
 89           overhead of ~50% for dynamic allocations.
 90           The performance slowdown is ~x3.
 91 
 92 config KASAN_SW_TAGS
 93         bool "Software Tag-Based KASAN"
 94         depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS
 95         depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
 96         select SLUB_DEBUG
 97         select CONSTRUCTORS
 98         help
 99           Enables Software Tag-Based KASAN.
100 
101           Requires GCC 11+ or Clang.
102 
103           Supported only on arm64 CPUs and relies on Top Byte Ignore.
104 
105           Consumes about 1/16th of available memory at kernel start and
106           add an overhead of ~20% for dynamic allocations.
107 
108           May potentially introduce problems related to pointer casting and
109           comparison, as it embeds a tag into the top byte of each pointer.
110 
111 config KASAN_HW_TAGS
112         bool "Hardware Tag-Based KASAN"
113         depends on HAVE_ARCH_KASAN_HW_TAGS
114         help
115           Enables Hardware Tag-Based KASAN.
116 
117           Requires GCC 10+ or Clang 12+.
118 
119           Supported only on arm64 CPUs starting from ARMv8.5 and relies on
120           Memory Tagging Extension and Top Byte Ignore.
121 
122           Consumes about 1/32nd of available memory.
123 
124           May potentially introduce problems related to pointer casting and
125           comparison, as it embeds a tag into the top byte of each pointer.
126 
127 endchoice
128 
129 choice
130         prompt "Instrumentation type"
131         depends on KASAN_GENERIC || KASAN_SW_TAGS
132         default KASAN_INLINE if !ARCH_DISABLE_KASAN_INLINE
133 
134 config KASAN_OUTLINE
135         bool "Outline instrumentation"
136         help
137           Makes the compiler insert function calls that check whether the memory
138           is accessible before each memory access. Slower than KASAN_INLINE, but
139           does not bloat the size of the kernel's .text section so much.
140 
141 config KASAN_INLINE
142         bool "Inline instrumentation"
143         depends on !ARCH_DISABLE_KASAN_INLINE
144         help
145           Makes the compiler directly insert memory accessibility checks before
146           each memory access. Faster than KASAN_OUTLINE (gives ~x2 boost for
147           some workloads), but makes the kernel's .text size much bigger.
148 
149 endchoice
150 
151 config KASAN_STACK
152         bool "Stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
153         depends on KASAN_GENERIC || KASAN_SW_TAGS
154         depends on !ARCH_DISABLE_KASAN_INLINE
155         default y if CC_IS_GCC
156         help
157           Disables stack instrumentation and thus KASAN's ability to detect
158           out-of-bounds bugs in stack variables.
159 
160           With Clang, stack instrumentation has a problem that causes excessive
161           stack usage, see https://llvm.org/pr38809. Thus,
162           with Clang, this option is deemed unsafe.
163 
164           This option is always disabled when compile-testing with Clang to
165           avoid cluttering the log with stack overflow warnings.
166 
167           With GCC, enabling stack instrumentation is assumed to be safe.
168 
169           If the architecture disables inline instrumentation via
170           ARCH_DISABLE_KASAN_INLINE, stack instrumentation gets disabled
171           as well, as it adds inline-style instrumentation that is run
172           unconditionally.
173 
174 config KASAN_VMALLOC
175         bool "Check accesses to vmalloc allocations"
176         depends on HAVE_ARCH_KASAN_VMALLOC
177         help
178           Makes KASAN check the validity of accesses to vmalloc allocations.
179 
180           With software KASAN modes, all types vmalloc allocations are
181           checked. Enabling this option leads to higher memory usage.
182 
183           With Hardware Tag-Based KASAN, only non-executable VM_ALLOC mappings
184           are checked. There is no additional memory usage.
185 
186 config KASAN_KUNIT_TEST
187         tristate "KUnit-compatible tests of KASAN bug detection capabilities" if !KUNIT_ALL_TESTS
188         depends on KASAN && KUNIT && TRACEPOINTS
189         default KUNIT_ALL_TESTS
190         help
191           A KUnit-based KASAN test suite. Triggers different kinds of
192           out-of-bounds and use-after-free accesses. Useful for testing whether
193           KASAN can detect certain bug types.
194 
195           For more information on KUnit and unit tests in general, please refer
196           to the KUnit documentation in Documentation/dev-tools/kunit/.
197 
198 config KASAN_MODULE_TEST
199         tristate "KUnit-incompatible tests of KASAN bug detection capabilities"
200         depends on m && KASAN && !KASAN_HW_TAGS
201         help
202           A part of the KASAN test suite that is not integrated with KUnit.
203           Incompatible with Hardware Tag-Based KASAN.
204 
205 config KASAN_EXTRA_INFO
206         bool "Record and report more information"
207         depends on KASAN
208         help
209           Record and report more information to help us find the cause of the
210           bug and to help us correlate the error with other system events.
211 
212           Currently, the CPU number and timestamp are additionally
213           recorded for each heap block at allocation and free time, and
214           8 bytes will be added to each metadata structure that records
215           allocation or free information.
216 
217           In Generic KASAN, each kmalloc-8 and kmalloc-16 object will add
218           16 bytes of additional memory consumption, and each kmalloc-32
219           object will add 8 bytes of additional memory consumption, not
220           affecting other larger objects.
221 
222           In SW_TAGS KASAN and HW_TAGS KASAN, depending on the stack_ring_size
223           boot parameter, it will add 8 * stack_ring_size bytes of additional
224           memory consumption.
225 
226 endif # KASAN

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php