1 # SPDX-License-Identifier: GPL-2.0-only 2 3 config HAVE_ARCH_KFENCE 4 bool 5 6 menuconfig KFENCE 7 bool "KFENCE: low-overhead sampling-based memory safety error detector" 8 depends on HAVE_ARCH_KFENCE 9 select STACKTRACE 10 select IRQ_WORK 11 help 12 KFENCE is a low-overhead sampling-based detector of heap out-of-bounds 13 access, use-after-free, and invalid-free errors. KFENCE is designed 14 to have negligible cost to permit enabling it in production 15 environments. 16 17 See <file:Documentation/dev-tools/kfence.rst> for more details. 18 19 Note that, KFENCE is not a substitute for explicit testing with tools 20 such as KASAN. KFENCE can detect a subset of bugs that KASAN can 21 detect, albeit at very different performance profiles. If you can 22 afford to use KASAN, continue using KASAN, for example in test 23 environments. If your kernel targets production use, and cannot 24 enable KASAN due to its cost, consider using KFENCE. 25 26 if KFENCE 27 28 config KFENCE_SAMPLE_INTERVAL 29 int "Default sample interval in milliseconds" 30 default 100 31 help 32 The KFENCE sample interval determines the frequency with which heap 33 allocations will be guarded by KFENCE. May be overridden via boot 34 parameter "kfence.sample_interval". 35 36 Set this to 0 to disable KFENCE by default, in which case only 37 setting "kfence.sample_interval" to a non-zero value enables KFENCE. 38 39 config KFENCE_NUM_OBJECTS 40 int "Number of guarded objects available" 41 range 1 65535 42 default 255 43 help 44 The number of guarded objects available. For each KFENCE object, 2 45 pages are required; with one containing the object and two adjacent 46 ones used as guard pages. 47 48 config KFENCE_DEFERRABLE 49 bool "Use a deferrable timer to trigger allocations" 50 help 51 Use a deferrable timer to trigger allocations. This avoids forcing 52 CPU wake-ups if the system is idle, at the risk of a less predictable 53 sample interval. 54 55 Warning: The KUnit test suite fails with this option enabled - due to 56 the unpredictability of the sample interval! 57 58 Say N if you are unsure. 59 60 config KFENCE_STATIC_KEYS 61 bool "Use static keys to set up allocations" if EXPERT 62 depends on JUMP_LABEL 63 help 64 Use static keys (static branches) to set up KFENCE allocations. This 65 option is only recommended when using very large sample intervals, or 66 performance has carefully been evaluated with this option. 67 68 Using static keys comes with trade-offs that need to be carefully 69 evaluated given target workloads and system architectures. Notably, 70 enabling and disabling static keys invoke IPI broadcasts, the latency 71 and impact of which is much harder to predict than a dynamic branch. 72 73 Say N if you are unsure. 74 75 config KFENCE_STRESS_TEST_FAULTS 76 int "Stress testing of fault handling and error reporting" if EXPERT 77 default 0 78 help 79 The inverse probability with which to randomly protect KFENCE object 80 pages, resulting in spurious use-after-frees. The main purpose of 81 this option is to stress test KFENCE with concurrent error reports 82 and allocations/frees. A value of 0 disables stress testing logic. 83 84 Only for KFENCE testing; set to 0 if you are not a KFENCE developer. 85 86 config KFENCE_KUNIT_TEST 87 tristate "KFENCE integration test suite" if !KUNIT_ALL_TESTS 88 default KUNIT_ALL_TESTS 89 depends on TRACEPOINTS && KUNIT 90 help 91 Test suite for KFENCE, testing various error detection scenarios with 92 various allocation types, and checking that reports are correctly 93 output to console. 94 95 Say Y here if you want the test to be built into the kernel and run 96 during boot; say M if you want the test to build as a module; say N 97 if you are unsure. 98 99 endif # KFENCE
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.