From 431594a978752a9d43f9bdac1a79dff335ad9ba3 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Wed, 12 Feb 2020 11:49:00 +0100 Subject: build: Add option KERNEL_KASAN The kernel kernel address sanitizer is able to detect some memory bugs in the kernel like out of range array accesses. Signed-off-by: Hauke Mehrtens Reviewed-by: Alexandru Ardelean --- config/Config-kernel.in | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'config') diff --git a/config/Config-kernel.in b/config/Config-kernel.in index e8bcf1970f..ed75dd5853 100644 --- a/config/Config-kernel.in +++ b/config/Config-kernel.in @@ -120,6 +120,58 @@ config KERNEL_UBSAN_NULL This option enables detection of memory accesses via a null pointer. +config KERNEL_KASAN + bool "Compile the kernel with KASan: runtime memory debugger" + select KERNEL_SLUB_DEBUG + depends on (x86_64 || aarch64) + help + Enables kernel address sanitizer - runtime memory debugger, + designed to find out-of-bounds accesses and use-after-free bugs. + This is strictly a debugging feature and it requires a gcc version + of 4.9.2 or later. Detection of out of bounds accesses to stack or + global variables requires gcc 5.0 or later. + This feature consumes about 1/8 of available memory and brings about + ~x3 performance slowdown. + For better error detection enable CONFIG_STACKTRACE. + Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB + (the resulting kernel does not boot). + +config KERNEL_KASAN_EXTRA + bool "KAsan: extra checks" + depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL + help + This enables further checks in the kernel address sanitizer, for now + it only includes the address-use-after-scope check that can lead + to excessive kernel stack usage, frame size warnings and longer + compile time. + https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more + + +choice + prompt "Instrumentation type" + depends on KERNEL_KASAN + default KERNEL_KASAN_OUTLINE + +config KERNEL_KASAN_OUTLINE + bool "Outline instrumentation" + help + Before every memory access compiler insert function call + __asan_load*/__asan_store*. These functions performs check + of shadow memory. This is slower than inline instrumentation, + however it doesn't bloat size of kernel's .text section so + much as inline does. + +config KERNEL_KASAN_INLINE + bool "Inline instrumentation" + help + Compiler directly inserts code checking shadow memory before + memory accesses. This is faster than outline (in some workloads + it gives about x2 boost over outline instrumentation), but + make kernel's .text size much bigger. + This requires a gcc version of 5.0 or later. + +endchoice + config KERNEL_TASKSTATS bool "Compile the kernel with task resource/io statistics and accounting" default n -- cgit v1.2.3