1config HAVE_ARCH_KASAN 2 bool 3 4if HAVE_ARCH_KASAN 5 6config KASAN 7 bool "KASan: runtime memory debugger" 8 depends on SLUB_DEBUG 9 select CONSTRUCTORS 10 help 11 Enables kernel address sanitizer - runtime memory debugger, 12 designed to find out-of-bounds accesses and use-after-free bugs. 13 This is strictly a debugging feature and it requires a gcc version 14 of 4.9.2 or later. Detection of out of bounds accesses to stack or 15 global variables requires gcc 5.0 or later. 16 This feature consumes about 1/8 of available memory and brings about 17 ~x3 performance slowdown. 18 For better error detection enable CONFIG_STACKTRACE, 19 and add slub_debug=U to boot cmdline. 20 21config KASAN_SHADOW_OFFSET 22 hex 23 default 0xdffffc0000000000 if X86_64 24 25choice 26 prompt "Instrumentation type" 27 depends on KASAN 28 default KASAN_OUTLINE 29 30config KASAN_OUTLINE 31 bool "Outline instrumentation" 32 help 33 Before every memory access compiler insert function call 34 __asan_load*/__asan_store*. These functions performs check 35 of shadow memory. This is slower than inline instrumentation, 36 however it doesn't bloat size of kernel's .text section so 37 much as inline does. 38 39config KASAN_INLINE 40 bool "Inline instrumentation" 41 help 42 Compiler directly inserts code checking shadow memory before 43 memory accesses. This is faster than outline (in some workloads 44 it gives about x2 boost over outline instrumentation), but 45 make kernel's .text size much bigger. 46 This requires a gcc version of 5.0 or later. 47 48endchoice 49 50config TEST_KASAN 51 tristate "Module for testing kasan for bug detection" 52 depends on m && KASAN 53 help 54 This is a test module doing various nasty things like 55 out of bounds accesses, use after free. It is useful for testing 56 kernel debugging features like kernel address sanitizer. 57 58endif 59