xref: /OK3568_Linux_fs/kernel/lib/Kconfig.kfence (revision 4882a59341e53eb6f0b4789bf948001014eff981)

# SPDX-License-Identifier: GPL-2.0-only

config HAVE_ARCH_KFENCE
	bool

menuconfig KFENCE
	bool "KFENCE: low-overhead sampling-based memory safety error detector"
	depends on HAVE_ARCH_KFENCE && (SLAB || SLUB)
	select STACKTRACE
	select IRQ_WORK
	help
	  KFENCE is a low-overhead sampling-based detector of heap out-of-bounds
	  access, use-after-free, and invalid-free errors. KFENCE is designed
	  to have negligible cost to permit enabling it in production
	  environments.

	  See <file:Documentation/dev-tools/kfence.rst> for more details.

	  Note that, KFENCE is not a substitute for explicit testing with tools
	  such as KASAN. KFENCE can detect a subset of bugs that KASAN can
	  detect, albeit at very different performance profiles. If you can
	  afford to use KASAN, continue using KASAN, for example in test
	  environments. If your kernel targets production use, and cannot
	  enable KASAN due to its cost, consider using KFENCE.

if KFENCE

config KFENCE_STATIC_KEYS
	bool "Use static keys to set up allocations"
	default y
	depends on JUMP_LABEL # To ensure performance, require jump labels
	help
	  Use static keys (static branches) to set up KFENCE allocations. Using
	  static keys is normally recommended, because it avoids a dynamic
	  branch in the allocator's fast path. However, with very low sample
	  intervals, or on systems that do not support jump labels, a dynamic
	  branch may still be an acceptable performance trade-off.

config KFENCE_SAMPLE_INTERVAL
	int "Default sample interval in milliseconds"
	default 100
	help
	  The KFENCE sample interval determines the frequency with which heap
	  allocations will be guarded by KFENCE. May be overridden via boot
	  parameter "kfence.sample_interval".

	  Set this to 0 to disable KFENCE by default, in which case only
	  setting "kfence.sample_interval" to a non-zero value enables KFENCE.

config KFENCE_NUM_OBJECTS
	int "Number of guarded objects available"
	range 1 65535
	default 255
	help
	  The number of guarded objects available. For each KFENCE object, 2
	  pages are required; with one containing the object and two adjacent
	  ones used as guard pages.

config KFENCE_STRESS_TEST_FAULTS
	int "Stress testing of fault handling and error reporting" if EXPERT
	default 0
	help
	  The inverse probability with which to randomly protect KFENCE object
	  pages, resulting in spurious use-after-frees. The main purpose of
	  this option is to stress test KFENCE with concurrent error reports
	  and allocations/frees. A value of 0 disables stress testing logic.

	  Only for KFENCE testing; set to 0 if you are not a KFENCE developer.

config KFENCE_KUNIT_TEST
	tristate "KFENCE integration test suite" if !KUNIT_ALL_TESTS
	default KUNIT_ALL_TESTS
	depends on TRACEPOINTS && KUNIT
	help
	  Test suite for KFENCE, testing various error detection scenarios with
	  various allocation types, and checking that reports are correctly
	  output to console.

	  Say Y here if you want the test to be built into the kernel and run
	  during boot; say M if you want the test to build as a module; say N
	  if you are unsure.

endif # KFENCE