path: root/lib/Kconfig.kasan
diff options
authorAndrey Ryabinin <>2015-02-13 14:40:17 -0800
committerLinus Torvalds <>2015-02-13 21:21:42 -0800
commitbebf56a1b176c2e1c9efe44e7e6915532cc682cf (patch)
tree4b967827878142197f2b62cd0b89652873631192 /lib/Kconfig.kasan
parent6301939d97d079f0d3dbe71e750f4daf5d39fc33 (diff)
kasan: enable instrumentation of global variables
This feature let us to detect accesses out of bounds of global variables. This will work as for globals in kernel image, so for globals in modules. Currently this won't work for symbols in user-specified sections (e.g. __init, __read_mostly, ...) The idea of this is simple. Compiler increases each global variable by redzone size and add constructors invoking __asan_register_globals() function. Information about global variable (address, size, size with redzone ...) passed to __asan_register_globals() so we could poison variable's redzone. This patch also forces module_alloc() to return 8*PAGE_SIZE aligned address making shadow memory handling ( kasan_module_alloc()/kasan_module_free() ) more simple. Such alignment guarantees that each shadow page backing modules address space correspond to only one module_alloc() allocation. Signed-off-by: Andrey Ryabinin <> Cc: Dmitry Vyukov <> Cc: Konstantin Serebryany <> Cc: Dmitry Chernenkov <> Signed-off-by: Andrey Konovalov <> Cc: Yuri Gribov <> Cc: Konstantin Khlebnikov <> Cc: Sasha Levin <> Cc: Christoph Lameter <> Cc: Joonsoo Kim <> Cc: Dave Hansen <> Cc: Andi Kleen <> Cc: Ingo Molnar <> Cc: Thomas Gleixner <> Cc: "H. Peter Anvin" <> Cc: Christoph Lameter <> Cc: Pekka Enberg <> Cc: David Rientjes <> Signed-off-by: Andrew Morton <> Signed-off-by: Linus Torvalds <>
Diffstat (limited to 'lib/Kconfig.kasan')
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
index 4d47d874335c..4fecaedc80a2 100644
--- a/lib/Kconfig.kasan
+++ b/lib/Kconfig.kasan
@@ -6,6 +6,7 @@ if HAVE_ARCH_KASAN
config KASAN
bool "KASan: runtime memory debugger"
depends on SLUB_DEBUG
Enables kernel address sanitizer - runtime memory debugger,
designed to find out-of-bounds accesses and use-after-free bugs.