mirror of https://github.com/Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 lines
3.7 KiB
104 lines
3.7 KiB
# SPDX-License-Identifier: GPL-2.0-only |
|
config ARCH_HAS_UBSAN_SANITIZE_ALL |
|
bool |
|
|
|
menuconfig UBSAN |
|
bool "Undefined behaviour sanity checker" |
|
help |
|
This option enables the Undefined Behaviour sanity checker. |
|
Compile-time instrumentation is used to detect various undefined |
|
behaviours at runtime. For more details, see: |
|
Documentation/dev-tools/ubsan.rst |
|
|
|
if UBSAN |
|
|
|
config UBSAN_TRAP |
|
bool "On Sanitizer warnings, abort the running kernel code" |
|
depends on $(cc-option, -fsanitize-undefined-trap-on-error) |
|
help |
|
Building kernels with Sanitizer features enabled tends to grow |
|
the kernel size by around 5%, due to adding all the debugging |
|
text on failure paths. To avoid this, Sanitizer instrumentation |
|
can just issue a trap. This reduces the kernel size overhead but |
|
turns all warnings (including potentially harmless conditions) |
|
into full exceptions that abort the running kernel code |
|
(regardless of context, locks held, etc), which may destabilize |
|
the system. For some system builders this is an acceptable |
|
trade-off. |
|
|
|
config UBSAN_KCOV_BROKEN |
|
def_bool KCOV && CC_HAS_SANCOV_TRACE_PC |
|
depends on CC_IS_CLANG |
|
depends on !$(cc-option,-Werror=unused-command-line-argument -fsanitize=bounds -fsanitize-coverage=trace-pc) |
|
help |
|
Some versions of clang support either UBSAN or KCOV but not the |
|
combination of the two. |
|
See https://bugs.llvm.org/show_bug.cgi?id=45831 for the status |
|
in newer releases. |
|
|
|
config UBSAN_BOUNDS |
|
bool "Perform array index bounds checking" |
|
default UBSAN |
|
depends on !UBSAN_KCOV_BROKEN |
|
help |
|
This option enables detection of directly indexed out of bounds |
|
array accesses, where the array size is known at compile time. |
|
Note that this does not protect array overflows via bad calls |
|
to the {str,mem}*cpy() family of functions (that is addressed |
|
by CONFIG_FORTIFY_SOURCE). |
|
|
|
config UBSAN_LOCAL_BOUNDS |
|
bool "Perform array local bounds checking" |
|
depends on UBSAN_TRAP |
|
depends on CC_IS_CLANG |
|
depends on !UBSAN_KCOV_BROKEN |
|
help |
|
This option enables -fsanitize=local-bounds which traps when an |
|
exception/error is detected. Therefore, it should be enabled only |
|
if trapping is expected. |
|
Enabling this option detects errors due to accesses through a |
|
pointer that is derived from an object of a statically-known size, |
|
where an added offset (which may not be known statically) is |
|
out-of-bounds. |
|
|
|
config UBSAN_MISC |
|
bool "Enable all other Undefined Behavior sanity checks" |
|
default UBSAN |
|
help |
|
This option enables all sanity checks that don't have their |
|
own Kconfig options. Disable this if you only want to have |
|
individually selected checks. |
|
|
|
config UBSAN_SANITIZE_ALL |
|
bool "Enable instrumentation for the entire kernel" |
|
depends on ARCH_HAS_UBSAN_SANITIZE_ALL |
|
|
|
# We build with -Wno-maybe-uninitilzed, but we still want to |
|
# use -Wmaybe-uninitilized in allmodconfig builds. |
|
# So dependsy bellow used to disable this option in allmodconfig |
|
depends on !COMPILE_TEST |
|
default y |
|
help |
|
This option activates instrumentation for the entire kernel. |
|
If you don't enable this option, you have to explicitly specify |
|
UBSAN_SANITIZE := y for the files/directories you want to check for UB. |
|
Enabling this option will get kernel image size increased |
|
significantly. |
|
|
|
config UBSAN_ALIGNMENT |
|
bool "Enable checks for pointers alignment" |
|
default !HAVE_EFFICIENT_UNALIGNED_ACCESS |
|
depends on !UBSAN_TRAP |
|
help |
|
This option enables the check of unaligned memory accesses. |
|
Enabling this option on architectures that support unaligned |
|
accesses may produce a lot of false positives. |
|
|
|
config TEST_UBSAN |
|
tristate "Module for testing for undefined behavior detection" |
|
depends on m |
|
help |
|
This is a test module for UBSAN. |
|
It triggers various undefined behavior, and detect it. |
|
|
|
endif # if UBSAN
|
|
|