0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 1) # SPDX-License-Identifier: GPL-2.0-only
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 2)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 3) config HAVE_ARCH_KFENCE
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 4) bool
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 5)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 6) menuconfig KFENCE
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 7) bool "KFENCE: low-overhead sampling-based memory safety error detector"
2b8305260fb37 (Alexander Potapenko 2021-02-25 17:19:21 -0800 8) depends on HAVE_ARCH_KFENCE && (SLAB || SLUB)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 9) select STACKTRACE
407f1d8c1b5f3 (Marco Elver 2021-05-04 18:40:21 -0700 10) select IRQ_WORK
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 11) help
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 12) KFENCE is a low-overhead sampling-based detector of heap out-of-bounds
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 13) access, use-after-free, and invalid-free errors. KFENCE is designed
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 14) to have negligible cost to permit enabling it in production
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 15) environments.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 16)
10efe55f883f2 (Marco Elver 2021-02-25 17:19:26 -0800 17) See <file:Documentation/dev-tools/kfence.rst> for more details.
10efe55f883f2 (Marco Elver 2021-02-25 17:19:26 -0800 18)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 19) Note that, KFENCE is not a substitute for explicit testing with tools
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 20) such as KASAN. KFENCE can detect a subset of bugs that KASAN can
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 21) detect, albeit at very different performance profiles. If you can
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 22) afford to use KASAN, continue using KASAN, for example in test
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 23) environments. If your kernel targets production use, and cannot
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 24) enable KASAN due to its cost, consider using KFENCE.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 25)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 26) if KFENCE
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 27)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 28) config KFENCE_STATIC_KEYS
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 29) bool "Use static keys to set up allocations"
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 30) default y
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 31) depends on JUMP_LABEL # To ensure performance, require jump labels
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 32) help
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 33) Use static keys (static branches) to set up KFENCE allocations. Using
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 34) static keys is normally recommended, because it avoids a dynamic
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 35) branch in the allocator's fast path. However, with very low sample
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 36) intervals, or on systems that do not support jump labels, a dynamic
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 37) branch may still be an acceptable performance trade-off.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 38)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 39) config KFENCE_SAMPLE_INTERVAL
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 40) int "Default sample interval in milliseconds"
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 41) default 100
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 42) help
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 43) The KFENCE sample interval determines the frequency with which heap
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 44) allocations will be guarded by KFENCE. May be overridden via boot
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 45) parameter "kfence.sample_interval".
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 46)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 47) Set this to 0 to disable KFENCE by default, in which case only
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 48) setting "kfence.sample_interval" to a non-zero value enables KFENCE.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 49)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 50) config KFENCE_NUM_OBJECTS
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 51) int "Number of guarded objects available"
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 52) range 1 65535
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 53) default 255
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 54) help
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 55) The number of guarded objects available. For each KFENCE object, 2
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 56) pages are required; with one containing the object and two adjacent
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 57) ones used as guard pages.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 58)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 59) config KFENCE_STRESS_TEST_FAULTS
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 60) int "Stress testing of fault handling and error reporting" if EXPERT
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 61) default 0
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 62) help
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 63) The inverse probability with which to randomly protect KFENCE object
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 64) pages, resulting in spurious use-after-frees. The main purpose of
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 65) this option is to stress test KFENCE with concurrent error reports
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 66) and allocations/frees. A value of 0 disables stress testing logic.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 67)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 68) Only for KFENCE testing; set to 0 if you are not a KFENCE developer.
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 69)
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 70) config KFENCE_KUNIT_TEST
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 71) tristate "KFENCE integration test suite" if !KUNIT_ALL_TESTS
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 72) default KUNIT_ALL_TESTS
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 73) depends on TRACEPOINTS && KUNIT
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 74) help
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 75) Test suite for KFENCE, testing various error detection scenarios with
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 76) various allocation types, and checking that reports are correctly
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 77) output to console.
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 78)
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 79) Say Y here if you want the test to be built into the kernel and run
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 80) during boot; say M if you want the test to build as a module; say N
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 81) if you are unsure.
bc8fbc5f305ae (Marco Elver 2021-02-25 17:19:31 -0800 82)
0ce20dd840897 (Alexander Potapenko 2021-02-25 17:18:53 -0800 83) endif # KFENCE