| Andrey Ryabinin | 0b24bec | 2015-02-13 14:39:17 -0800 | [diff] [blame] | 1 | config HAVE_ARCH_KASAN |
| 2 | bool |
| 3 | |
| 4 | if HAVE_ARCH_KASAN |
| 5 | |
| 6 | config KASAN |
| 7 | bool "KASan: runtime memory debugger" |
| Andrey Ryabinin | 0316bec | 2015-02-13 14:39:42 -0800 | [diff] [blame^] | 8 | depends on SLUB_DEBUG |
| Andrey Ryabinin | 0b24bec | 2015-02-13 14:39:17 -0800 | [diff] [blame] | 9 | help |
| 10 | Enables kernel address sanitizer - runtime memory debugger, |
| 11 | designed to find out-of-bounds accesses and use-after-free bugs. |
| 12 | This is strictly debugging feature. It consumes about 1/8 |
| 13 | of available memory and brings about ~x3 performance slowdown. |
| 14 | For better error detection enable CONFIG_STACKTRACE, |
| 15 | and add slub_debug=U to boot cmdline. |
| 16 | |
| 17 | config KASAN_SHADOW_OFFSET |
| 18 | hex |
| Andrey Ryabinin | ef7f0d6 | 2015-02-13 14:39:25 -0800 | [diff] [blame] | 19 | default 0xdffffc0000000000 if X86_64 |
| Andrey Ryabinin | 0b24bec | 2015-02-13 14:39:17 -0800 | [diff] [blame] | 20 | |
| 21 | choice |
| 22 | prompt "Instrumentation type" |
| 23 | depends on KASAN |
| 24 | default KASAN_OUTLINE |
| 25 | |
| 26 | config KASAN_OUTLINE |
| 27 | bool "Outline instrumentation" |
| 28 | help |
| 29 | Before every memory access compiler insert function call |
| 30 | __asan_load*/__asan_store*. These functions performs check |
| 31 | of shadow memory. This is slower than inline instrumentation, |
| 32 | however it doesn't bloat size of kernel's .text section so |
| 33 | much as inline does. |
| 34 | |
| 35 | config KASAN_INLINE |
| 36 | bool "Inline instrumentation" |
| 37 | help |
| 38 | Compiler directly inserts code checking shadow memory before |
| 39 | memory accesses. This is faster than outline (in some workloads |
| 40 | it gives about x2 boost over outline instrumentation), but |
| 41 | make kernel's .text size much bigger. |
| 42 | |
| 43 | endchoice |
| 44 | |
| 45 | endif |