lib/Kconfig.kasan at master · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / lib / Kconfig.kasan
at master 7.8 kB view raw
  1# SPDX-License-Identifier: GPL-2.0-only
  2
  3# This config refers to the generic KASAN mode.
  4config HAVE_ARCH_KASAN
  5	bool
  6
  7config HAVE_ARCH_KASAN_SW_TAGS
  8	bool
  9
 10config HAVE_ARCH_KASAN_HW_TAGS
 11	bool
 12
 13config HAVE_ARCH_KASAN_VMALLOC
 14	bool
 15
 16config ARCH_DISABLE_KASAN_INLINE
 17	bool
 18	help
 19	  Disables both inline and stack instrumentation. Selected by
 20	  architectures that do not support these instrumentation types.
 21
 22config ARCH_NEEDS_DEFER_KASAN
 23	bool
 24
 25config ARCH_DEFER_KASAN
 26	def_bool y
 27	depends on KASAN && ARCH_NEEDS_DEFER_KASAN
 28	help
 29	  Architectures should select this if they need to defer KASAN
 30	  initialization until shadow memory is properly set up. This
 31	  enables runtime control via static keys. Otherwise, KASAN uses
 32	  compile-time constants for better performance.
 33
 34config CC_HAS_KASAN_GENERIC
 35	def_bool $(cc-option, -fsanitize=kernel-address)
 36
 37config CC_HAS_KASAN_SW_TAGS
 38	def_bool $(cc-option, -fsanitize=kernel-hwaddress)
 39
 40# This option is only required for software KASAN modes.
 41# Old GCC versions do not have proper support for no_sanitize_address.
 42# See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details.
 43config CC_HAS_WORKING_NOSANITIZE_ADDRESS
 44	def_bool !CC_IS_GCC || GCC_VERSION >= 80300
 45
 46menuconfig KASAN
 47	bool "KASAN: dynamic memory safety error detector"
 48	depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
 49		     (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \
 50		    CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \
 51		   HAVE_ARCH_KASAN_HW_TAGS
 52	depends on SYSFS && !SLUB_TINY
 53	select STACKDEPOT_ALWAYS_INIT
 54	help
 55	  Enables KASAN (Kernel Address Sanitizer) - a dynamic memory safety
 56	  error detector designed to find out-of-bounds and use-after-free bugs.
 57
 58	  See Documentation/dev-tools/kasan.rst for details.
 59
 60	  For better error reports, also enable CONFIG_STACKTRACE.
 61
 62if KASAN
 63
 64config CC_HAS_KASAN_MEMINTRINSIC_PREFIX
 65	def_bool (CC_IS_CLANG && $(cc-option,-fsanitize=kernel-address -mllvm -asan-kernel-mem-intrinsic-prefix=1)) || \
 66		 (CC_IS_GCC && $(cc-option,-fsanitize=kernel-address --param asan-kernel-mem-intrinsic-prefix=1))
 67	# Don't define it if we don't need it: compilation of the test uses
 68	# this variable to decide how the compiler should treat builtins.
 69	depends on !KASAN_HW_TAGS
 70	help
 71	  The compiler is able to prefix memintrinsics with __asan or __hwasan.
 72
 73choice
 74	prompt "KASAN mode"
 75	default KASAN_GENERIC
 76	help
 77	  KASAN has three modes:
 78
 79	  1. Generic KASAN (supported by many architectures, enabled with
 80	     CONFIG_KASAN_GENERIC, similar to userspace ASan),
 81	  2. Software Tag-Based KASAN (arm64 only, based on software memory
 82	     tagging, enabled with CONFIG_KASAN_SW_TAGS, similar to userspace
 83	     HWASan), and
 84	  3. Hardware Tag-Based KASAN (arm64 only, based on hardware memory
 85	     tagging, enabled with CONFIG_KASAN_HW_TAGS).
 86
 87	  See Documentation/dev-tools/kasan.rst for details about each mode.
 88
 89config KASAN_GENERIC
 90	bool "Generic KASAN"
 91	depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC
 92	depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
 93	select SLUB_DEBUG
 94	select CONSTRUCTORS
 95	help
 96	  Enables Generic KASAN.
 97
 98	  Requires GCC 8.3.0+ or Clang.
 99
100	  Consumes about 1/8th of available memory at kernel start and adds an
101	  overhead of ~50% for dynamic allocations.
102	  The performance slowdown is ~x3.
103
104config KASAN_SW_TAGS
105	bool "Software Tag-Based KASAN"
106	depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS
107	depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
108	select SLUB_DEBUG
109	select CONSTRUCTORS
110	help
111	  Enables Software Tag-Based KASAN.
112
113	  Requires GCC 11+ or Clang.
114
115	  Supported only on arm64 CPUs and relies on Top Byte Ignore.
116
117	  Consumes about 1/16th of available memory at kernel start and
118	  add an overhead of ~20% for dynamic allocations.
119
120	  May potentially introduce problems related to pointer casting and
121	  comparison, as it embeds a tag into the top byte of each pointer.
122
123config KASAN_HW_TAGS
124	bool "Hardware Tag-Based KASAN"
125	depends on HAVE_ARCH_KASAN_HW_TAGS
126	help
127	  Enables Hardware Tag-Based KASAN.
128
129	  Requires GCC 10+ or Clang 12+.
130
131	  Supported only on arm64 CPUs starting from ARMv8.5 and relies on
132	  Memory Tagging Extension and Top Byte Ignore.
133
134	  Consumes about 1/32nd of available memory.
135
136	  May potentially introduce problems related to pointer casting and
137	  comparison, as it embeds a tag into the top byte of each pointer.
138
139endchoice
140
141choice
142	prompt "Instrumentation type"
143	depends on KASAN_GENERIC || KASAN_SW_TAGS
144	default KASAN_INLINE if !ARCH_DISABLE_KASAN_INLINE
145
146config KASAN_OUTLINE
147	bool "Outline instrumentation"
148	help
149	  Makes the compiler insert function calls that check whether the memory
150	  is accessible before each memory access. Slower than KASAN_INLINE, but
151	  does not bloat the size of the kernel's .text section so much.
152
153config KASAN_INLINE
154	bool "Inline instrumentation"
155	depends on !ARCH_DISABLE_KASAN_INLINE
156	help
157	  Makes the compiler directly insert memory accessibility checks before
158	  each memory access. Faster than KASAN_OUTLINE (gives ~x2 boost for
159	  some workloads), but makes the kernel's .text size much bigger.
160
161endchoice
162
163config KASAN_STACK
164	bool "Stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
165	depends on KASAN_GENERIC || KASAN_SW_TAGS
166	depends on !ARCH_DISABLE_KASAN_INLINE
167	default y if CC_IS_GCC
168	help
169	  Disables stack instrumentation and thus KASAN's ability to detect
170	  out-of-bounds bugs in stack variables.
171
172	  With Clang, stack instrumentation has a problem that causes excessive
173	  stack usage, see https://llvm.org/pr38809. Thus,
174	  with Clang, this option is deemed unsafe.
175
176	  This option is always disabled when compile-testing with Clang to
177	  avoid cluttering the log with stack overflow warnings.
178
179	  With GCC, enabling stack instrumentation is assumed to be safe.
180
181	  If the architecture disables inline instrumentation via
182	  ARCH_DISABLE_KASAN_INLINE, stack instrumentation gets disabled
183	  as well, as it adds inline-style instrumentation that is run
184	  unconditionally.
185
186config KASAN_VMALLOC
187	bool "Check accesses to vmalloc allocations"
188	depends on HAVE_ARCH_KASAN_VMALLOC
189	help
190	  Makes KASAN check the validity of accesses to vmalloc allocations.
191
192	  With software KASAN modes, all types vmalloc allocations are
193	  checked. Enabling this option leads to higher memory usage.
194
195	  With Hardware Tag-Based KASAN, only non-executable VM_ALLOC mappings
196	  are checked. There is no additional memory usage.
197
198config KASAN_KUNIT_TEST
199	tristate "KUnit-compatible tests of KASAN bug detection capabilities" if !KUNIT_ALL_TESTS
200	depends on KASAN && KUNIT && TRACEPOINTS
201	default KUNIT_ALL_TESTS
202	help
203	  A KUnit-based KASAN test suite. Triggers different kinds of
204	  out-of-bounds and use-after-free accesses. Useful for testing whether
205	  KASAN can detect certain bug types.
206
207	  For more information on KUnit and unit tests in general, please refer
208	  to the KUnit documentation in Documentation/dev-tools/kunit/.
209
210config KASAN_EXTRA_INFO
211	bool "Record and report more information"
212	depends on KASAN
213	help
214	  Record and report more information to help us find the cause of the
215	  bug and to help us correlate the error with other system events.
216
217	  Currently, the CPU number and timestamp are additionally
218	  recorded for each heap block at allocation and free time, and
219	  8 bytes will be added to each metadata structure that records
220	  allocation or free information.
221
222	  In Generic KASAN, each kmalloc-8 and kmalloc-16 object will add
223	  16 bytes of additional memory consumption, and each kmalloc-32
224	  object will add 8 bytes of additional memory consumption, not
225	  affecting other larger objects.
226
227	  In SW_TAGS KASAN and HW_TAGS KASAN, depending on the stack_ring_size
228	  boot parameter, it will add 8 * stack_ring_size bytes of additional
229	  memory consumption.
230
231endif # KASAN