1config HAVE_ARCH_KASAN
2	bool
3
4if HAVE_ARCH_KASAN
5
6config KASAN
7	bool "KASan: runtime memory debugger"
8	depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB)
9	select SLUB_DEBUG if SLUB
10	select CONSTRUCTORS
11	select STACKDEPOT
12	help
13	  Enables kernel address sanitizer - runtime memory debugger,
14	  designed to find out-of-bounds accesses and use-after-free bugs.
15	  This is strictly a debugging feature and it requires a gcc version
16	  of 4.9.2 or later. Detection of out of bounds accesses to stack or
17	  global variables requires gcc 5.0 or later.
18	  This feature consumes about 1/8 of available memory and brings about
19	  ~x3 performance slowdown.
20	  For better error detection enable CONFIG_STACKTRACE.
21	  Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
22	  (the resulting kernel does not boot).
23
24config KASAN_EXTRA
25	bool "KAsan: extra checks"
26	depends on KASAN && DEBUG_KERNEL && !COMPILE_TEST
27	help
28	  This enables further checks in the kernel address sanitizer, for now
29	  it only includes the address-use-after-scope check that can lead
30	  to excessive kernel stack usage, frame size warnings and longer
31	  compile time.
32	  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
33
34
35choice
36	prompt "Instrumentation type"
37	depends on KASAN
38	default KASAN_OUTLINE
39
40config KASAN_OUTLINE
41	bool "Outline instrumentation"
42	help
43	  Before every memory access compiler insert function call
44	  __asan_load*/__asan_store*. These functions performs check
45	  of shadow memory. This is slower than inline instrumentation,
46	  however it doesn't bloat size of kernel's .text section so
47	  much as inline does.
48
49config KASAN_INLINE
50	bool "Inline instrumentation"
51	help
52	  Compiler directly inserts code checking shadow memory before
53	  memory accesses. This is faster than outline (in some workloads
54	  it gives about x2 boost over outline instrumentation), but
55	  make kernel's .text size much bigger.
56	  This requires a gcc version of 5.0 or later.
57
58endchoice
59
60config TEST_KASAN
61	tristate "Module for testing kasan for bug detection"
62	depends on m && KASAN
63	help
64	  This is a test module doing various nasty things like
65	  out of bounds accesses, use after free. It is useful for testing
66	  kernel debugging features like kernel address sanitizer.
67
68endif
69