ubsan: introduce CONFIG_UBSAN_LOCAL_BOUNDS for Clang

When the kernel is compiled with Clang, -fsanitize=bounds expands to
-fsanitize=array-bounds and -fsanitize=local-bounds.

Enabling -fsanitize=local-bounds with Clang has the unfortunate
side-effect of inserting traps; this goes back to its original intent,
which was as a hardening and not a debugging feature [1].  The same
feature made its way into -fsanitize=bounds, but the traps remained.  For
that reason, -fsanitize=bounds was split into 'array-bounds' and
'local-bounds' [2].

Since 'local-bounds' doesn't behave like a normal sanitizer, enable it
with Clang only if trapping behaviour was requested by

Add the UBSAN_BOUNDS_LOCAL config to Kconfig.ubsan to enable the
'local-bounds' option by default when UBSAN_TRAP is enabled.


Suggested-by: Marco Elver <>
Signed-off-by: George Popescu <>
Signed-off-by: Andrew Morton <>
Reviewed-by: David Brazdil <>
Reviewed-by: Marco Elver <>
Cc: Masahiro Yamada <>
Cc: Michal Marek <>
Cc: Nathan Chancellor <>
Cc: Nick Desaulniers <>
Cc: Kees Cook <>
Cc: Dmitry Vyukov <>
Cc: Arnd Bergmann <>
Cc: Peter Zijlstra <>
Signed-off-by: Linus Torvalds <>
2 files changed