Kconfig.kmsan 1.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. # SPDX-License-Identifier: GPL-2.0-only
  2. config HAVE_ARCH_KMSAN
  3. bool
  4. config HAVE_KMSAN_COMPILER
  5. def_bool $(cc-option,-fsanitize=kernel-memory)
  6. config KMSAN
  7. bool "KMSAN: detector of uninitialized values use"
  8. depends on HAVE_ARCH_KMSAN && HAVE_KMSAN_COMPILER
  9. depends on DEBUG_KERNEL && !KASAN && !KCSAN
  10. depends on !PREEMPT_RT
  11. select STACKDEPOT
  12. select STACKDEPOT_ALWAYS_INIT
  13. help
  14. KernelMemorySanitizer (KMSAN) is a dynamic detector of uses of
  15. uninitialized values in the kernel. It is based on compiler
  16. instrumentation provided by Clang and thus requires Clang to build.
  17. An important note is that KMSAN is not intended for production use,
  18. because it drastically increases kernel memory footprint and slows
  19. the whole system down.
  20. See <file:Documentation/dev-tools/kmsan.rst> for more details.
  21. if KMSAN
  22. config KMSAN_CHECK_PARAM_RETVAL
  23. bool "Check for uninitialized values passed to and returned from functions"
  24. default y
  25. help
  26. If the compiler supports -fsanitize-memory-param-retval, KMSAN will
  27. eagerly check every function parameter passed by value and every
  28. function return value.
  29. Disabling KMSAN_CHECK_PARAM_RETVAL will result in tracking shadow for
  30. function parameters and return values across function borders. This
  31. is a more relaxed mode, but it generates more instrumentation code and
  32. may potentially report errors in corner cases when non-instrumented
  33. functions call instrumented ones.
  34. config KMSAN_KUNIT_TEST
  35. tristate "KMSAN integration test suite" if !KUNIT_ALL_TESTS
  36. default KUNIT_ALL_TESTS
  37. depends on TRACEPOINTS && KUNIT
  38. help
  39. Test suite for KMSAN, testing various error detection scenarios,
  40. and checking that reports are correctly output to console.
  41. Say Y here if you want the test to be built into the kernel and run
  42. during boot; say M if you want the test to build as a module; say N
  43. if you are unsure.
  44. endif