xref: /OK3568_Linux_fs/kernel/mm/Kconfig.debug (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun# SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyunconfig PAGE_EXTENSION
3*4882a593Smuzhiyun	bool "Extend memmap on extra space for more information on page"
4*4882a593Smuzhiyun	help
5*4882a593Smuzhiyun	  Extend memmap on extra space for more information on page. This
6*4882a593Smuzhiyun	  could be used for debugging features that need to insert extra
7*4882a593Smuzhiyun	  field for every page. This extension enables us to save memory
8*4882a593Smuzhiyun	  by not allocating this extra memory according to boottime
9*4882a593Smuzhiyun	  configuration.
10*4882a593Smuzhiyun
11*4882a593Smuzhiyunconfig DEBUG_PAGEALLOC
12*4882a593Smuzhiyun	bool "Debug page memory allocations"
13*4882a593Smuzhiyun	depends on DEBUG_KERNEL
14*4882a593Smuzhiyun	depends on !HIBERNATION || ARCH_SUPPORTS_DEBUG_PAGEALLOC && !PPC && !SPARC
15*4882a593Smuzhiyun	select PAGE_POISONING if !ARCH_SUPPORTS_DEBUG_PAGEALLOC
16*4882a593Smuzhiyun	help
17*4882a593Smuzhiyun	  Unmap pages from the kernel linear mapping after free_pages().
18*4882a593Smuzhiyun	  Depending on runtime enablement, this results in a small or large
19*4882a593Smuzhiyun	  slowdown, but helps to find certain types of memory corruption.
20*4882a593Smuzhiyun
21*4882a593Smuzhiyun	  Also, the state of page tracking structures is checked more often as
22*4882a593Smuzhiyun	  pages are being allocated and freed, as unexpected state changes
23*4882a593Smuzhiyun	  often happen for same reasons as memory corruption (e.g. double free,
24*4882a593Smuzhiyun	  use-after-free). The error reports for these checks can be augmented
25*4882a593Smuzhiyun	  with stack traces of last allocation and freeing of the page, when
26*4882a593Smuzhiyun	  PAGE_OWNER is also selected and enabled on boot.
27*4882a593Smuzhiyun
28*4882a593Smuzhiyun	  For architectures which don't enable ARCH_SUPPORTS_DEBUG_PAGEALLOC,
29*4882a593Smuzhiyun	  fill the pages with poison patterns after free_pages() and verify
30*4882a593Smuzhiyun	  the patterns before alloc_pages(). Additionally, this option cannot
31*4882a593Smuzhiyun	  be enabled in combination with hibernation as that would result in
32*4882a593Smuzhiyun	  incorrect warnings of memory corruption after a resume because free
33*4882a593Smuzhiyun	  pages are not saved to the suspend image.
34*4882a593Smuzhiyun
35*4882a593Smuzhiyun	  By default this option will have a small overhead, e.g. by not
36*4882a593Smuzhiyun	  allowing the kernel mapping to be backed by large pages on some
37*4882a593Smuzhiyun	  architectures. Even bigger overhead comes when the debugging is
38*4882a593Smuzhiyun	  enabled by DEBUG_PAGEALLOC_ENABLE_DEFAULT or the debug_pagealloc
39*4882a593Smuzhiyun	  command line parameter.
40*4882a593Smuzhiyun
41*4882a593Smuzhiyunconfig DEBUG_PAGEALLOC_ENABLE_DEFAULT
42*4882a593Smuzhiyun	bool "Enable debug page memory allocations by default?"
43*4882a593Smuzhiyun	depends on DEBUG_PAGEALLOC
44*4882a593Smuzhiyun	help
45*4882a593Smuzhiyun	  Enable debug page memory allocations by default? This value
46*4882a593Smuzhiyun	  can be overridden by debug_pagealloc=off|on.
47*4882a593Smuzhiyun
48*4882a593Smuzhiyunconfig PAGE_OWNER
49*4882a593Smuzhiyun	bool "Track page owner"
50*4882a593Smuzhiyun	depends on DEBUG_KERNEL && STACKTRACE_SUPPORT
51*4882a593Smuzhiyun	select DEBUG_FS
52*4882a593Smuzhiyun	select STACKTRACE
53*4882a593Smuzhiyun	select STACKDEPOT
54*4882a593Smuzhiyun	select PAGE_EXTENSION
55*4882a593Smuzhiyun	help
56*4882a593Smuzhiyun	  This keeps track of what call chain is the owner of a page, may
57*4882a593Smuzhiyun	  help to find bare alloc_page(s) leaks. Even if you include this
58*4882a593Smuzhiyun	  feature on your build, it is disabled in default. You should pass
59*4882a593Smuzhiyun	  "page_owner=on" to boot parameter in order to enable it. Eats
60*4882a593Smuzhiyun	  a fair amount of memory if enabled. See tools/vm/page_owner_sort.c
61*4882a593Smuzhiyun	  for user-space helper.
62*4882a593Smuzhiyun
63*4882a593Smuzhiyun	  If unsure, say N.
64*4882a593Smuzhiyun
65*4882a593Smuzhiyunconfig PAGE_PINNER
66*4882a593Smuzhiyun	bool "Track page pinner"
67*4882a593Smuzhiyun	depends on DEBUG_KERNEL && STACKTRACE_SUPPORT
68*4882a593Smuzhiyun	select DEBUG_FS
69*4882a593Smuzhiyun	select STACKTRACE
70*4882a593Smuzhiyun	select STACKDEPOT
71*4882a593Smuzhiyun	select PAGE_EXTENSION
72*4882a593Smuzhiyun	help
73*4882a593Smuzhiyun	  This keeps track of what call chain is the pinner of a page, may
74*4882a593Smuzhiyun	  help to find page migration failures. Even if you include this
75*4882a593Smuzhiyun	  feature in your build, it is disabled by default. You should pass
76*4882a593Smuzhiyun	  "page_pinner=on" to boot parameter in order to enable it. Eats
77*4882a593Smuzhiyun	  a fair amount of memory if enabled.
78*4882a593Smuzhiyun
79*4882a593Smuzhiyun	  If unsure, say N.
80*4882a593Smuzhiyun
81*4882a593Smuzhiyunconfig PAGE_POISONING
82*4882a593Smuzhiyun	bool "Poison pages after freeing"
83*4882a593Smuzhiyun	help
84*4882a593Smuzhiyun	  Fill the pages with poison patterns after free_pages() and verify
85*4882a593Smuzhiyun	  the patterns before alloc_pages. The filling of the memory helps
86*4882a593Smuzhiyun	  reduce the risk of information leaks from freed data. This does
87*4882a593Smuzhiyun	  have a potential performance impact if enabled with the
88*4882a593Smuzhiyun	  "page_poison=1" kernel boot option.
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun	  Note that "poison" here is not the same thing as the "HWPoison"
91*4882a593Smuzhiyun	  for CONFIG_MEMORY_FAILURE. This is software poisoning only.
92*4882a593Smuzhiyun
93*4882a593Smuzhiyun	  If you are only interested in sanitization of freed pages without
94*4882a593Smuzhiyun	  checking the poison pattern on alloc, you can boot the kernel with
95*4882a593Smuzhiyun	  "init_on_free=1" instead of enabling this.
96*4882a593Smuzhiyun
97*4882a593Smuzhiyun	  If unsure, say N
98*4882a593Smuzhiyun
99*4882a593Smuzhiyunconfig DEBUG_PAGE_REF
100*4882a593Smuzhiyun	bool "Enable tracepoint to track down page reference manipulation"
101*4882a593Smuzhiyun	depends on DEBUG_KERNEL
102*4882a593Smuzhiyun	depends on TRACEPOINTS
103*4882a593Smuzhiyun	help
104*4882a593Smuzhiyun	  This is a feature to add tracepoint for tracking down page reference
105*4882a593Smuzhiyun	  manipulation. This tracking is useful to diagnose functional failure
106*4882a593Smuzhiyun	  due to migration failures caused by page reference mismatches.  Be
107*4882a593Smuzhiyun	  careful when enabling this feature because it adds about 30 KB to the
108*4882a593Smuzhiyun	  kernel code.  However the runtime performance overhead is virtually
109*4882a593Smuzhiyun	  nil until the tracepoints are actually enabled.
110*4882a593Smuzhiyun
111*4882a593Smuzhiyunconfig DEBUG_RODATA_TEST
112*4882a593Smuzhiyun    bool "Testcase for the marking rodata read-only"
113*4882a593Smuzhiyun    depends on STRICT_KERNEL_RWX
114*4882a593Smuzhiyun	help
115*4882a593Smuzhiyun      This option enables a testcase for the setting rodata read-only.
116*4882a593Smuzhiyun
117*4882a593Smuzhiyunconfig ARCH_HAS_DEBUG_WX
118*4882a593Smuzhiyun	bool
119*4882a593Smuzhiyun
120*4882a593Smuzhiyunconfig DEBUG_WX
121*4882a593Smuzhiyun	bool "Warn on W+X mappings at boot"
122*4882a593Smuzhiyun	depends on ARCH_HAS_DEBUG_WX
123*4882a593Smuzhiyun	depends on MMU
124*4882a593Smuzhiyun	select PTDUMP_CORE
125*4882a593Smuzhiyun	help
126*4882a593Smuzhiyun	  Generate a warning if any W+X mappings are found at boot.
127*4882a593Smuzhiyun
128*4882a593Smuzhiyun	  This is useful for discovering cases where the kernel is leaving W+X
129*4882a593Smuzhiyun	  mappings after applying NX, as such mappings are a security risk.
130*4882a593Smuzhiyun
131*4882a593Smuzhiyun	  Look for a message in dmesg output like this:
132*4882a593Smuzhiyun
133*4882a593Smuzhiyun	    <arch>/mm: Checked W+X mappings: passed, no W+X pages found.
134*4882a593Smuzhiyun
135*4882a593Smuzhiyun	  or like this, if the check failed:
136*4882a593Smuzhiyun
137*4882a593Smuzhiyun	    <arch>/mm: Checked W+X mappings: failed, <N> W+X pages found.
138*4882a593Smuzhiyun
139*4882a593Smuzhiyun	  Note that even if the check fails, your kernel is possibly
140*4882a593Smuzhiyun	  still fine, as W+X mappings are not a security hole in
141*4882a593Smuzhiyun	  themselves, what they do is that they make the exploitation
142*4882a593Smuzhiyun	  of other unfixed kernel bugs easier.
143*4882a593Smuzhiyun
144*4882a593Smuzhiyun	  There is no runtime or memory usage effect of this option
145*4882a593Smuzhiyun	  once the kernel has booted up - it's a one time check.
146*4882a593Smuzhiyun
147*4882a593Smuzhiyun	  If in doubt, say "Y".
148*4882a593Smuzhiyun
149*4882a593Smuzhiyunconfig GENERIC_PTDUMP
150*4882a593Smuzhiyun	bool
151*4882a593Smuzhiyun
152*4882a593Smuzhiyunconfig PTDUMP_CORE
153*4882a593Smuzhiyun	bool
154*4882a593Smuzhiyun
155*4882a593Smuzhiyunconfig PTDUMP_DEBUGFS
156*4882a593Smuzhiyun	bool "Export kernel pagetable layout to userspace via debugfs"
157*4882a593Smuzhiyun	depends on DEBUG_KERNEL
158*4882a593Smuzhiyun	depends on DEBUG_FS
159*4882a593Smuzhiyun	depends on GENERIC_PTDUMP
160*4882a593Smuzhiyun	select PTDUMP_CORE
161*4882a593Smuzhiyun	help
162*4882a593Smuzhiyun	  Say Y here if you want to show the kernel pagetable layout in a
163*4882a593Smuzhiyun	  debugfs file. This information is only useful for kernel developers
164*4882a593Smuzhiyun	  who are working in architecture specific areas of the kernel.
165*4882a593Smuzhiyun	  It is probably not a good idea to enable this feature in a production
166*4882a593Smuzhiyun	  kernel.
167*4882a593Smuzhiyun
168*4882a593Smuzhiyun	  If in doubt, say N.
169