^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) # SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) config PAGE_EXTENSION
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) bool "Extend memmap on extra space for more information on page"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) Extend memmap on extra space for more information on page. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) could be used for debugging features that need to insert extra
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) field for every page. This extension enables us to save memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) by not allocating this extra memory according to boottime
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) configuration.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) config DEBUG_PAGEALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) bool "Debug page memory allocations"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) depends on DEBUG_KERNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) depends on !HIBERNATION || ARCH_SUPPORTS_DEBUG_PAGEALLOC && !PPC && !SPARC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) select PAGE_POISONING if !ARCH_SUPPORTS_DEBUG_PAGEALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) Unmap pages from the kernel linear mapping after free_pages().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) Depending on runtime enablement, this results in a small or large
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) slowdown, but helps to find certain types of memory corruption.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) Also, the state of page tracking structures is checked more often as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) pages are being allocated and freed, as unexpected state changes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) often happen for same reasons as memory corruption (e.g. double free,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) use-after-free). The error reports for these checks can be augmented
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) with stack traces of last allocation and freeing of the page, when
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) PAGE_OWNER is also selected and enabled on boot.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) For architectures which don't enable ARCH_SUPPORTS_DEBUG_PAGEALLOC,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) fill the pages with poison patterns after free_pages() and verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) the patterns before alloc_pages(). Additionally, this option cannot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) be enabled in combination with hibernation as that would result in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) incorrect warnings of memory corruption after a resume because free
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) pages are not saved to the suspend image.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) By default this option will have a small overhead, e.g. by not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) allowing the kernel mapping to be backed by large pages on some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) architectures. Even bigger overhead comes when the debugging is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) enabled by DEBUG_PAGEALLOC_ENABLE_DEFAULT or the debug_pagealloc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) command line parameter.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) config DEBUG_PAGEALLOC_ENABLE_DEFAULT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) bool "Enable debug page memory allocations by default?"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) depends on DEBUG_PAGEALLOC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) Enable debug page memory allocations by default? This value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) can be overridden by debug_pagealloc=off|on.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) config PAGE_OWNER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) bool "Track page owner"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) depends on DEBUG_KERNEL && STACKTRACE_SUPPORT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) select DEBUG_FS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) select STACKTRACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) select STACKDEPOT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) select PAGE_EXTENSION
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) This keeps track of what call chain is the owner of a page, may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) help to find bare alloc_page(s) leaks. Even if you include this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) feature on your build, it is disabled in default. You should pass
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) "page_owner=on" to boot parameter in order to enable it. Eats
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) a fair amount of memory if enabled. See tools/vm/page_owner_sort.c
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) for user-space helper.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) config PAGE_PINNER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) bool "Track page pinner"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) depends on DEBUG_KERNEL && STACKTRACE_SUPPORT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) select DEBUG_FS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) select STACKTRACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) select STACKDEPOT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) select PAGE_EXTENSION
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) This keeps track of what call chain is the pinner of a page, may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) help to find page migration failures. Even if you include this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) feature in your build, it is disabled by default. You should pass
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) "page_pinner=on" to boot parameter in order to enable it. Eats
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) a fair amount of memory if enabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) config PAGE_POISONING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) bool "Poison pages after freeing"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) Fill the pages with poison patterns after free_pages() and verify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) the patterns before alloc_pages. The filling of the memory helps
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) reduce the risk of information leaks from freed data. This does
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) have a potential performance impact if enabled with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) "page_poison=1" kernel boot option.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) Note that "poison" here is not the same thing as the "HWPoison"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) for CONFIG_MEMORY_FAILURE. This is software poisoning only.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) If you are only interested in sanitization of freed pages without
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) checking the poison pattern on alloc, you can boot the kernel with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) "init_on_free=1" instead of enabling this.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) If unsure, say N
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) config DEBUG_PAGE_REF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) bool "Enable tracepoint to track down page reference manipulation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) depends on DEBUG_KERNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) depends on TRACEPOINTS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) This is a feature to add tracepoint for tracking down page reference
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) manipulation. This tracking is useful to diagnose functional failure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) due to migration failures caused by page reference mismatches. Be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) careful when enabling this feature because it adds about 30 KB to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) kernel code. However the runtime performance overhead is virtually
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) nil until the tracepoints are actually enabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) config DEBUG_RODATA_TEST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) bool "Testcase for the marking rodata read-only"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) depends on STRICT_KERNEL_RWX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) This option enables a testcase for the setting rodata read-only.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) config ARCH_HAS_DEBUG_WX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) config DEBUG_WX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) bool "Warn on W+X mappings at boot"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) depends on ARCH_HAS_DEBUG_WX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) depends on MMU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) select PTDUMP_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) Generate a warning if any W+X mappings are found at boot.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) This is useful for discovering cases where the kernel is leaving W+X
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) mappings after applying NX, as such mappings are a security risk.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) Look for a message in dmesg output like this:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) <arch>/mm: Checked W+X mappings: passed, no W+X pages found.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) or like this, if the check failed:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) <arch>/mm: Checked W+X mappings: failed, <N> W+X pages found.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) Note that even if the check fails, your kernel is possibly
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) still fine, as W+X mappings are not a security hole in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) themselves, what they do is that they make the exploitation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) of other unfixed kernel bugs easier.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) There is no runtime or memory usage effect of this option
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) once the kernel has booted up - it's a one time check.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) If in doubt, say "Y".
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) config GENERIC_PTDUMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) config PTDUMP_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) config PTDUMP_DEBUGFS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) bool "Export kernel pagetable layout to userspace via debugfs"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) depends on DEBUG_KERNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) depends on DEBUG_FS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) depends on GENERIC_PTDUMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) select PTDUMP_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) Say Y here if you want to show the kernel pagetable layout in a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) debugfs file. This information is only useful for kernel developers
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) who are working in architecture specific areas of the kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) It is probably not a good idea to enable this feature in a production
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) If in doubt, say N.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags