lib/Kconfig.kasan at v6.0 · tjh.dev/kernel

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / lib / Kconfig.kasan
at v6.0 209 lines 6.8 kB view raw
wrap content
  1# SPDX-License-Identifier: GPL-2.0-only
  2
  3# This config refers to the generic KASAN mode.
  4config HAVE_ARCH_KASAN
  5	bool
  6
  7config HAVE_ARCH_KASAN_SW_TAGS
  8	bool
  9
 10config HAVE_ARCH_KASAN_HW_TAGS
 11	bool
 12
 13config HAVE_ARCH_KASAN_VMALLOC
 14	bool
 15
 16config ARCH_DISABLE_KASAN_INLINE
 17	bool
 18	help
 19	  Disables both inline and stack instrumentation. Selected by
 20	  architectures that do not support these instrumentation types.
 21
 22config CC_HAS_KASAN_GENERIC
 23	def_bool $(cc-option, -fsanitize=kernel-address)
 24
 25config CC_HAS_KASAN_SW_TAGS
 26	def_bool $(cc-option, -fsanitize=kernel-hwaddress)
 27
 28# This option is only required for software KASAN modes.
 29# Old GCC versions do not have proper support for no_sanitize_address.
 30# See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details.
 31config CC_HAS_WORKING_NOSANITIZE_ADDRESS
 32	def_bool !CC_IS_GCC || GCC_VERSION >= 80300
 33
 34menuconfig KASAN
 35	bool "KASAN: dynamic memory safety error detector"
 36	depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
 37		     (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \
 38		    CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \
 39		   HAVE_ARCH_KASAN_HW_TAGS
 40	depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB)
 41	select STACKDEPOT_ALWAYS_INIT
 42	help
 43	  Enables KASAN (Kernel Address Sanitizer) - a dynamic memory safety
 44	  error detector designed to find out-of-bounds and use-after-free bugs.
 45
 46	  See Documentation/dev-tools/kasan.rst for details.
 47
 48	  For better error reports, also enable CONFIG_STACKTRACE.
 49
 50if KASAN
 51
 52choice
 53	prompt "KASAN mode"
 54	default KASAN_GENERIC
 55	help
 56	  KASAN has three modes:
 57
 58	  1. Generic KASAN (supported by many architectures, enabled with
 59	     CONFIG_KASAN_GENERIC, similar to userspace ASan),
 60	  2. Software Tag-Based KASAN (arm64 only, based on software memory
 61	     tagging, enabled with CONFIG_KASAN_SW_TAGS, similar to userspace
 62	     HWASan), and
 63	  3. Hardware Tag-Based KASAN (arm64 only, based on hardware memory
 64	     tagging, enabled with CONFIG_KASAN_HW_TAGS).
 65
 66	  See Documentation/dev-tools/kasan.rst for details about each mode.
 67
 68config KASAN_GENERIC
 69	bool "Generic KASAN"
 70	depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC
 71	depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
 72	select SLUB_DEBUG if SLUB
 73	select CONSTRUCTORS
 74	help
 75	  Enables Generic KASAN.
 76
 77	  Requires GCC 8.3.0+ or Clang.
 78
 79	  Consumes about 1/8th of available memory at kernel start and adds an
 80	  overhead of ~50% for dynamic allocations.
 81	  The performance slowdown is ~x3.
 82
 83	  (Incompatible with CONFIG_DEBUG_SLAB: the kernel does not boot.)
 84
 85config KASAN_SW_TAGS
 86	bool "Software Tag-Based KASAN"
 87	depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS
 88	depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
 89	select SLUB_DEBUG if SLUB
 90	select CONSTRUCTORS
 91	help
 92	  Enables Software Tag-Based KASAN.
 93
 94	  Requires GCC 11+ or Clang.
 95
 96	  Supported only on arm64 CPUs and relies on Top Byte Ignore.
 97
 98	  Consumes about 1/16th of available memory at kernel start and
 99	  add an overhead of ~20% for dynamic allocations.
100
101	  May potentially introduce problems related to pointer casting and
102	  comparison, as it embeds a tag into the top byte of each pointer.
103
104	  (Incompatible with CONFIG_DEBUG_SLAB: the kernel does not boot.)
105
106config KASAN_HW_TAGS
107	bool "Hardware Tag-Based KASAN"
108	depends on HAVE_ARCH_KASAN_HW_TAGS
109	depends on SLUB
110	help
111	  Enables Hardware Tag-Based KASAN.
112
113	  Requires GCC 10+ or Clang 12+.
114
115	  Supported only on arm64 CPUs starting from ARMv8.5 and relies on
116	  Memory Tagging Extension and Top Byte Ignore.
117
118	  Consumes about 1/32nd of available memory.
119
120	  May potentially introduce problems related to pointer casting and
121	  comparison, as it embeds a tag into the top byte of each pointer.
122
123endchoice
124
125choice
126	prompt "Instrumentation type"
127	depends on KASAN_GENERIC || KASAN_SW_TAGS
128	default KASAN_OUTLINE
129
130config KASAN_OUTLINE
131	bool "Outline instrumentation"
132	help
133	  Makes the compiler insert function calls that check whether the memory
134	  is accessible before each memory access. Slower than KASAN_INLINE, but
135	  does not bloat the size of the kernel's .text section so much.
136
137config KASAN_INLINE
138	bool "Inline instrumentation"
139	depends on !ARCH_DISABLE_KASAN_INLINE
140	help
141	  Makes the compiler directly insert memory accessibility checks before
142	  each memory access. Faster than KASAN_OUTLINE (gives ~x2 boost for
143	  some workloads), but makes the kernel's .text size much bigger.
144
145endchoice
146
147config KASAN_STACK
148	bool "Stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
149	depends on KASAN_GENERIC || KASAN_SW_TAGS
150	depends on !ARCH_DISABLE_KASAN_INLINE
151	default y if CC_IS_GCC
152	help
153	  Disables stack instrumentation and thus KASAN's ability to detect
154	  out-of-bounds bugs in stack variables.
155
156	  With Clang, stack instrumentation has a problem that causes excessive
157	  stack usage, see https://bugs.llvm.org/show_bug.cgi?id=38809. Thus,
158	  with Clang, this option is deemed unsafe.
159
160	  This option is always disabled when compile-testing with Clang to
161	  avoid cluttering the log with stack overflow warnings.
162
163	  With GCC, enabling stack instrumentation is assumed to be safe.
164
165	  If the architecture disables inline instrumentation via
166	  ARCH_DISABLE_KASAN_INLINE, stack instrumentation gets disabled
167	  as well, as it adds inline-style instrumentation that is run
168	  unconditionally.
169
170config KASAN_TAGS_IDENTIFY
171	bool "Memory corruption type identification"
172	depends on KASAN_SW_TAGS || KASAN_HW_TAGS
173	help
174	  Enables best-effort identification of the bug types (use-after-free
175	  or out-of-bounds) at the cost of increased memory consumption.
176	  Only applicable for the tag-based KASAN modes.
177
178config KASAN_VMALLOC
179	bool "Check accesses to vmalloc allocations"
180	depends on HAVE_ARCH_KASAN_VMALLOC
181	help
182	  Makes KASAN check the validity of accesses to vmalloc allocations.
183
184	  With software KASAN modes, all types vmalloc allocations are
185	  checked. Enabling this option leads to higher memory usage.
186
187	  With Hardware Tag-Based KASAN, only non-executable VM_ALLOC mappings
188	  are checked. There is no additional memory usage.
189
190config KASAN_KUNIT_TEST
191	tristate "KUnit-compatible tests of KASAN bug detection capabilities" if !KUNIT_ALL_TESTS
192	depends on KASAN && KUNIT
193	default KUNIT_ALL_TESTS
194	help
195	  A KUnit-based KASAN test suite. Triggers different kinds of
196	  out-of-bounds and use-after-free accesses. Useful for testing whether
197	  KASAN can detect certain bug types.
198
199	  For more information on KUnit and unit tests in general, please refer
200	  to the KUnit documentation in Documentation/dev-tools/kunit/.
201
202config KASAN_MODULE_TEST
203	tristate "KUnit-incompatible tests of KASAN bug detection capabilities"
204	depends on m && KASAN && !KASAN_HW_TAGS
205	help
206	  A part of the KASAN test suite that is not integrated with KUnit.
207	  Incompatible with Hardware Tag-Based KASAN.
208
209endif # KASAN
Configure Feed

Configure Feed
