mirror of
https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
synced 2024-10-31 18:09:19 +00:00
a37ad26828
This feature let us to detect accesses out of bounds of global variables. This will work as for globals in kernel image, so for globals in modules. Currently this won't work for symbols in user-specified sections (e.g. __init, __read_mostly, ...) The idea of this is simple. Compiler increases each global variable by redzone size and add constructors invoking __asan_register_globals() function. Information about global variable (address, size, size with redzone ...) passed to __asan_register_globals() so we could poison variable's redzone. This patch also forces module_alloc() to return 8*PAGE_SIZE aligned address making shadow memory handling ( kasan_module_alloc()/kasan_module_free() ) more simple. Such alignment guarantees that each shadow page backing modules address space correspond to only one module_alloc() allocation. Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Konstantin Serebryany <kcc@google.com> Cc: Dmitry Chernenkov <dmitryc@google.com> Signed-off-by: Andrey Konovalov <adech.fo@gmail.com> Cc: Yuri Gribov <tetra2005@gmail.com> Cc: Konstantin Khlebnikov <koct9i@gmail.com> Cc: Sasha Levin <sasha.levin@oracle.com> Cc: Christoph Lameter <cl@linux.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [dkeitel@codeaurora.org: resolve trivial merge conflicts] Git-commit: bebf56a1b176c2e1c9efe44e7e6915532cc682cf Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Signed-off-by: David Keitel <dkeitel@codeaurora.org> Change-Id: I4dda6aa06fc53fd018a87ce8b08b62a9712f54fe
46 lines
1.3 KiB
Text
46 lines
1.3 KiB
Text
config HAVE_ARCH_KASAN
|
|
bool
|
|
|
|
if HAVE_ARCH_KASAN
|
|
|
|
config KASAN
|
|
bool "KASan: runtime memory debugger"
|
|
depends on SLUB_DEBUG
|
|
select CONSTRUCTORS
|
|
help
|
|
Enables kernel address sanitizer - runtime memory debugger,
|
|
designed to find out-of-bounds accesses and use-after-free bugs.
|
|
This is strictly debugging feature. It consumes about 1/8
|
|
of available memory and brings about ~x3 performance slowdown.
|
|
For better error detection enable CONFIG_STACKTRACE,
|
|
and add slub_debug=U to boot cmdline.
|
|
|
|
config KASAN_SHADOW_OFFSET
|
|
hex
|
|
default 0xdffffc0000000000 if X86_64
|
|
|
|
choice
|
|
prompt "Instrumentation type"
|
|
depends on KASAN
|
|
default KASAN_OUTLINE
|
|
|
|
config KASAN_OUTLINE
|
|
bool "Outline instrumentation"
|
|
help
|
|
Before every memory access compiler insert function call
|
|
__asan_load*/__asan_store*. These functions performs check
|
|
of shadow memory. This is slower than inline instrumentation,
|
|
however it doesn't bloat size of kernel's .text section so
|
|
much as inline does.
|
|
|
|
config KASAN_INLINE
|
|
bool "Inline instrumentation"
|
|
help
|
|
Compiler directly inserts code checking shadow memory before
|
|
memory accesses. This is faster than outline (in some workloads
|
|
it gives about x2 boost over outline instrumentation), but
|
|
make kernel's .text size much bigger.
|
|
|
|
endchoice
|
|
|
|
endif
|