[OpenWrt-Devel] [PATCH 1/4] build: Add option KERNEL_UBSAN
Hauke Mehrtens
hauke.mehrtens at intel.com
Wed Feb 12 05:48:59 EST 2020
The kernel Undefined Behavior Sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens at intel.com>
---
config/Config-kernel.in | 35 ++++++++++++++++++++++++++++++++
target/linux/generic/config-4.14 | 4 ++++
target/linux/generic/config-4.19 | 3 +++
3 files changed, 42 insertions(+)
diff --git a/config/Config-kernel.in b/config/Config-kernel.in
index 20930326ca..bf1c1055f1 100644
--- a/config/Config-kernel.in
+++ b/config/Config-kernel.in
@@ -85,6 +85,41 @@ config KERNEL_PROFILING
Enable the extended profiling support mechanisms used by profilers such
as OProfile.
+config KERNEL_UBSAN
+ bool "Compile the kernel with undefined behaviour sanity checker"
+ help
+ This option enables undefined behaviour sanity checker
+ Compile-time instrumentation is used to detect various undefined
+ behaviours in runtime. Various types of checks may be enabled
+ via boot parameter ubsan_handle
+ (see: Documentation/dev-tools/ubsan.rst).
+
+config KERNEL_UBSAN_SANITIZE_ALL
+ bool "Enable instrumentation for the entire kernel"
+ depends on KERNEL_UBSAN
+ default y
+ help
+ This option activates instrumentation for the entire kernel.
+ If you don't enable this option, you have to explicitly specify
+ UBSAN_SANITIZE := y for the files/directories you want to check for UB.
+ Enabling this option will get kernel image size increased
+ significantly.
+
+config KERNEL_UBSAN_ALIGNMENT
+ bool "Enable checking of pointers alignment"
+ depends on KERNEL_UBSAN
+ help
+ This option enables detection of unaligned memory accesses.
+ Enabling this option on architectures that support unaligned
+ accesses may produce a lot of false positives.
+
+config KERNEL_UBSAN_NULL
+ bool "Enable checking of null pointers"
+ depends on KERNEL_UBSAN
+ help
+ This option enables detection of memory accesses via a
+ null pointer.
+
config KERNEL_TASKSTATS
bool "Compile the kernel with task resource/io statistics and accounting"
default n
diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14
index 9681d9c278..73b0d77155 100644
--- a/target/linux/generic/config-4.14
+++ b/target/linux/generic/config-4.14
@@ -1516,6 +1516,10 @@ CONFIG_GACT_PROB=y
# CONFIG_GAMEPORT is not set
# CONFIG_GATEWORKS_GW16083 is not set
# CONFIG_GCC_PLUGINS is not set
+# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set
+# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
+# CONFIG_GCC_PLUGIN_RANDSTRUCT is not set
+# CONFIG_GCC_PLUGIN_STRUCTLEAK is not set
# CONFIG_GCOV is not set
# CONFIG_GCOV_KERNEL is not set
# CONFIG_GDB_SCRIPTS is not set
diff --git a/target/linux/generic/config-4.19 b/target/linux/generic/config-4.19
index d8ea243fc7..aba7bccaf6 100644
--- a/target/linux/generic/config-4.19
+++ b/target/linux/generic/config-4.19
@@ -1605,6 +1605,8 @@ CONFIG_GACT_PROB=y
# CONFIG_GAMEPORT is not set
# CONFIG_GATEWORKS_GW16083 is not set
# CONFIG_GCC_PLUGINS is not set
+# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set
+# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
# CONFIG_GCOV is not set
# CONFIG_GCOV_KERNEL is not set
# CONFIG_GDB_SCRIPTS is not set
@@ -5197,6 +5199,7 @@ CONFIG_TCP_CONG_CUBIC=y
# CONFIG_TEST_STATIC_KEYS is not set
# CONFIG_TEST_STRING_HELPERS is not set
# CONFIG_TEST_SYSCTL is not set
+# CONFIG_TEST_UBSAN is not set
# CONFIG_TEST_UDELAY is not set
# CONFIG_TEST_USER_COPY is not set
# CONFIG_TEST_UUID is not set
--
2.17.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list