| config HAVE_ARCH_KASAN |
| bool |
| |
| if HAVE_ARCH_KASAN |
| |
| config KASAN |
| bool "KASan: runtime memory debugger" |
| depends on SLUB_DEBUG |
| help |
| Enables kernel address sanitizer - runtime memory debugger, |
| designed to find out-of-bounds accesses and use-after-free bugs. |
| This is strictly debugging feature. It consumes about 1/8 |
| of available memory and brings about ~x3 performance slowdown. |
| For better error detection enable CONFIG_STACKTRACE, |
| and add slub_debug=U to boot cmdline. |
| |
| config KASAN_SHADOW_OFFSET |
| hex |
| default 0xdffffc0000000000 if X86_64 |
| |
| choice |
| prompt "Instrumentation type" |
| depends on KASAN |
| default KASAN_OUTLINE |
| |
| config KASAN_OUTLINE |
| bool "Outline instrumentation" |
| help |
| Before every memory access compiler insert function call |
| __asan_load*/__asan_store*. These functions performs check |
| of shadow memory. This is slower than inline instrumentation, |
| however it doesn't bloat size of kernel's .text section so |
| much as inline does. |
| |
| config KASAN_INLINE |
| bool "Inline instrumentation" |
| help |
| Compiler directly inserts code checking shadow memory before |
| memory accesses. This is faster than outline (in some workloads |
| it gives about x2 boost over outline instrumentation), but |
| make kernel's .text size much bigger. |
| |
| endchoice |
| |
| endif |