blob: ef2c8f256c57dac3c2575249c91382707cd63a83 [file] [log] [blame]
Alexander Potapenkof80be452022-09-15 17:03:45 +02001# SPDX-License-Identifier: GPL-2.0-only
2config HAVE_ARCH_KMSAN
3 bool
4
5config HAVE_KMSAN_COMPILER
6 # Clang versions <14.0.0 also support -fsanitize=kernel-memory, but not
7 # all the features necessary to build the kernel with KMSAN.
8 depends on CC_IS_CLANG && CLANG_VERSION >= 140000
9 def_bool $(cc-option,-fsanitize=kernel-memory -mllvm -msan-disable-checks=1)
10
11config KMSAN
12 bool "KMSAN: detector of uninitialized values use"
13 depends on HAVE_ARCH_KMSAN && HAVE_KMSAN_COMPILER
14 depends on SLUB && DEBUG_KERNEL && !KASAN && !KCSAN
Alexander Potapenko83d0edf2022-11-02 12:06:10 +010015 depends on !PREEMPT_RT
Alexander Potapenkof80be452022-09-15 17:03:45 +020016 select STACKDEPOT
17 select STACKDEPOT_ALWAYS_INIT
18 help
19 KernelMemorySanitizer (KMSAN) is a dynamic detector of uses of
20 uninitialized values in the kernel. It is based on compiler
21 instrumentation provided by Clang and thus requires Clang to build.
22
23 An important note is that KMSAN is not intended for production use,
24 because it drastically increases kernel memory footprint and slows
25 the whole system down.
26
27 See <file:Documentation/dev-tools/kmsan.rst> for more details.
28
29if KMSAN
30
31config HAVE_KMSAN_PARAM_RETVAL
32 # -fsanitize-memory-param-retval is supported only by Clang >= 14.
33 depends on HAVE_KMSAN_COMPILER
34 def_bool $(cc-option,-fsanitize=kernel-memory -fsanitize-memory-param-retval)
35
36config KMSAN_CHECK_PARAM_RETVAL
37 bool "Check for uninitialized values passed to and returned from functions"
38 default y
39 depends on HAVE_KMSAN_PARAM_RETVAL
40 help
41 If the compiler supports -fsanitize-memory-param-retval, KMSAN will
42 eagerly check every function parameter passed by value and every
43 function return value.
44
45 Disabling KMSAN_CHECK_PARAM_RETVAL will result in tracking shadow for
46 function parameters and return values across function borders. This
47 is a more relaxed mode, but it generates more instrumentation code and
48 may potentially report errors in corner cases when non-instrumented
49 functions call instrumented ones.
50
Alexander Potapenko8ed691b2022-09-15 17:03:58 +020051config KMSAN_KUNIT_TEST
52 tristate "KMSAN integration test suite" if !KUNIT_ALL_TESTS
53 default KUNIT_ALL_TESTS
54 depends on TRACEPOINTS && KUNIT
55 help
56 Test suite for KMSAN, testing various error detection scenarios,
57 and checking that reports are correctly output to console.
58
59 Say Y here if you want the test to be built into the kernel and run
60 during boot; say M if you want the test to build as a module; say N
61 if you are unsure.
62
Alexander Potapenkof80be452022-09-15 17:03:45 +020063endif