^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) # SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) # This config refers to the generic KASAN mode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) config HAVE_ARCH_KASAN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) config HAVE_ARCH_KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) config HAVE_ARCH_KASAN_HW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) config HAVE_ARCH_KASAN_VMALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) config CC_HAS_KASAN_GENERIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) def_bool $(cc-option, -fsanitize=kernel-address)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) config CC_HAS_KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) def_bool $(cc-option, -fsanitize=kernel-hwaddress)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) # This option is only required for software KASAN modes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) # Old GCC versions don't have proper support for no_sanitize_address.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) # See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) config CC_HAS_WORKING_NOSANITIZE_ADDRESS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) def_bool !CC_IS_GCC || GCC_VERSION >= 80300
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) menuconfig KASAN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) bool "KASAN: runtime memory debugger"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) HAVE_ARCH_KASAN_HW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) select STACKDEPOT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) Enables KASAN (KernelAddressSANitizer) - runtime memory debugger,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) designed to find out-of-bounds accesses and use-after-free bugs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) See Documentation/dev-tools/kasan.rst for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) if KASAN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) choice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) prompt "KASAN mode"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) default KASAN_GENERIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) KASAN has three modes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) 1. generic KASAN (similar to userspace ASan,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) 2. software tag-based KASAN (arm64 only, based on software
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) memory tagging (similar to userspace HWASan), enabled with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) CONFIG_KASAN_SW_TAGS), and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) 3. hardware tag-based KASAN (arm64 only, based on hardware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) memory tagging, enabled with CONFIG_KASAN_HW_TAGS).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) All KASAN modes are strictly debugging features.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) For better error reports enable CONFIG_STACKTRACE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) config KASAN_GENERIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) bool "Generic mode"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) select SLUB_DEBUG if SLUB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) select CONSTRUCTORS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) Enables generic KASAN mode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) This mode is supported in both GCC and Clang. With GCC it requires
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) version 8.3.0 or later. Any supported Clang version is compatible,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) but detection of out-of-bounds accesses for global variables is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) supported only since Clang 11.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) This mode consumes about 1/8th of available memory at kernel start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) and introduces an overhead of ~x1.5 for the rest of the allocations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) The performance slowdown is ~x3.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) (the resulting kernel does not boot).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) config KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) bool "Software tag-based mode"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) select SLUB_DEBUG if SLUB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) select CONSTRUCTORS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) Enables software tag-based KASAN mode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) This mode require software memory tagging support in the form of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) HWASan-like compiler instrumentation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) Currently this mode is only implemented for arm64 CPUs and relies on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) Top Byte Ignore. This mode requires Clang.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) This mode consumes about 1/16th of available memory at kernel start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) and introduces an overhead of ~20% for the rest of the allocations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) This mode may potentially introduce problems relating to pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) casting and comparison, as it embeds tags into the top byte of each
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) pointer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) (the resulting kernel does not boot).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) config KASAN_HW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) bool "Hardware tag-based mode"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) depends on HAVE_ARCH_KASAN_HW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) depends on SLUB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) Enables hardware tag-based KASAN mode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) This mode requires hardware memory tagging support, and can be used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) by any architecture that provides it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) Currently this mode is only implemented for arm64 CPUs starting from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) ARMv8.5 and relies on Memory Tagging Extension and Top Byte Ignore.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) endchoice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) choice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) prompt "Instrumentation type"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) depends on KASAN_GENERIC || KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) default KASAN_OUTLINE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) config KASAN_OUTLINE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) bool "Outline instrumentation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) Before every memory access compiler insert function call
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) __asan_load*/__asan_store*. These functions performs check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) of shadow memory. This is slower than inline instrumentation,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) however it doesn't bloat size of kernel's .text section so
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) much as inline does.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) config KASAN_INLINE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) bool "Inline instrumentation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) Compiler directly inserts code checking shadow memory before
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) memory accesses. This is faster than outline (in some workloads
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) it gives about x2 boost over outline instrumentation), but
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) make kernel's .text size much bigger.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) endchoice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) config KASAN_STACK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) depends on KASAN_GENERIC || KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) default y if CC_IS_GCC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) The LLVM stack address sanitizer has a know problem that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) causes excessive stack usage in a lot of functions, see
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) https://bugs.llvm.org/show_bug.cgi?id=38809
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) Disabling asan-stack makes it safe to run kernels build
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) with clang-8 with KASAN enabled, though it loses some of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) the functionality.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) This feature is always disabled when compile-testing with clang
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) to avoid cluttering the output in stack overflow warnings,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) but clang users can still enable it for builds without
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) CONFIG_COMPILE_TEST. On gcc it is assumed to always be safe
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) to use and enabled by default.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) config KASAN_S390_4_LEVEL_PAGING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) bool "KASan: use 4-level paging"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) depends on S390
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) Compiling the kernel with KASan disables automatic 3-level vs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 4-level paging selection. 3-level paging is used by default (up
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) to 3TB of RAM with KASan enabled). This options allows to force
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 4-level paging instead.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) config KASAN_SW_TAGS_IDENTIFY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) bool "Enable memory corruption identification"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) depends on KASAN_SW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) This option enables best-effort identification of bug type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) (use-after-free or out-of-bounds) at the cost of increased
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) memory consumption.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) config KASAN_VMALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) bool "Back mappings in vmalloc space with real shadow memory"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) depends on KASAN_GENERIC && HAVE_ARCH_KASAN_VMALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) By default, the shadow region for vmalloc space is the read-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) zero page. This means that KASAN cannot detect errors involving
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) vmalloc space.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) Enabling this option will hook in to vmap/vmalloc and back those
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) mappings with real shadow memory allocated on demand. This allows
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) for KASAN to detect more sorts of errors (and to support vmapped
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) stacks), but at the cost of higher memory usage.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) config KASAN_KUNIT_TEST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) tristate "KUnit-compatible tests of KASAN bug detection capabilities" if !KUNIT_ALL_TESTS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) depends on KASAN && KUNIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) default KUNIT_ALL_TESTS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) This is a KUnit test suite doing various nasty things like
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) out of bounds and use after free accesses. It is useful for testing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) kernel debugging features like KASAN.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) For more information on KUnit and unit tests in general, please refer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) to the KUnit documentation in Documentation/dev-tools/kunit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) config KASAN_MODULE_TEST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) tristate "KUnit-incompatible tests of KASAN bug detection capabilities"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) depends on m && KASAN && !KASAN_HW_TAGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) This is a part of the KASAN test suite that is incompatible with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) KUnit. Currently includes tests that do bad copy_from/to_user
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) accesses.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) endif # KASAN
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags