162306a36Sopenharmony_ci# SPDX-License-Identifier: GPL-2.0-only
262306a36Sopenharmony_ciconfig HAVE_ARCH_KMSAN
362306a36Sopenharmony_ci	bool
462306a36Sopenharmony_ci
562306a36Sopenharmony_ciconfig HAVE_KMSAN_COMPILER
662306a36Sopenharmony_ci	# Clang versions <14.0.0 also support -fsanitize=kernel-memory, but not
762306a36Sopenharmony_ci	# all the features necessary to build the kernel with KMSAN.
862306a36Sopenharmony_ci	depends on CC_IS_CLANG && CLANG_VERSION >= 140000
962306a36Sopenharmony_ci	def_bool $(cc-option,-fsanitize=kernel-memory -mllvm -msan-disable-checks=1)
1062306a36Sopenharmony_ci
1162306a36Sopenharmony_ciconfig KMSAN
1262306a36Sopenharmony_ci	bool "KMSAN: detector of uninitialized values use"
1362306a36Sopenharmony_ci	depends on HAVE_ARCH_KMSAN && HAVE_KMSAN_COMPILER
1462306a36Sopenharmony_ci	depends on SLUB && DEBUG_KERNEL && !KASAN && !KCSAN
1562306a36Sopenharmony_ci	depends on !PREEMPT_RT
1662306a36Sopenharmony_ci	select STACKDEPOT
1762306a36Sopenharmony_ci	select STACKDEPOT_ALWAYS_INIT
1862306a36Sopenharmony_ci	help
1962306a36Sopenharmony_ci	  KernelMemorySanitizer (KMSAN) is a dynamic detector of uses of
2062306a36Sopenharmony_ci	  uninitialized values in the kernel. It is based on compiler
2162306a36Sopenharmony_ci	  instrumentation provided by Clang and thus requires Clang to build.
2262306a36Sopenharmony_ci
2362306a36Sopenharmony_ci	  An important note is that KMSAN is not intended for production use,
2462306a36Sopenharmony_ci	  because it drastically increases kernel memory footprint and slows
2562306a36Sopenharmony_ci	  the whole system down.
2662306a36Sopenharmony_ci
2762306a36Sopenharmony_ci	  See <file:Documentation/dev-tools/kmsan.rst> for more details.
2862306a36Sopenharmony_ci
2962306a36Sopenharmony_ciif KMSAN
3062306a36Sopenharmony_ci
3162306a36Sopenharmony_ciconfig HAVE_KMSAN_PARAM_RETVAL
3262306a36Sopenharmony_ci	# -fsanitize-memory-param-retval is supported only by Clang >= 14.
3362306a36Sopenharmony_ci	depends on HAVE_KMSAN_COMPILER
3462306a36Sopenharmony_ci	def_bool $(cc-option,-fsanitize=kernel-memory -fsanitize-memory-param-retval)
3562306a36Sopenharmony_ci
3662306a36Sopenharmony_ciconfig KMSAN_CHECK_PARAM_RETVAL
3762306a36Sopenharmony_ci	bool "Check for uninitialized values passed to and returned from functions"
3862306a36Sopenharmony_ci	default y
3962306a36Sopenharmony_ci	depends on HAVE_KMSAN_PARAM_RETVAL
4062306a36Sopenharmony_ci	help
4162306a36Sopenharmony_ci	  If the compiler supports -fsanitize-memory-param-retval, KMSAN will
4262306a36Sopenharmony_ci	  eagerly check every function parameter passed by value and every
4362306a36Sopenharmony_ci	  function return value.
4462306a36Sopenharmony_ci
4562306a36Sopenharmony_ci	  Disabling KMSAN_CHECK_PARAM_RETVAL will result in tracking shadow for
4662306a36Sopenharmony_ci	  function parameters and return values across function borders. This
4762306a36Sopenharmony_ci	  is a more relaxed mode, but it generates more instrumentation code and
4862306a36Sopenharmony_ci	  may potentially report errors in corner cases when non-instrumented
4962306a36Sopenharmony_ci	  functions call instrumented ones.
5062306a36Sopenharmony_ci
5162306a36Sopenharmony_ciconfig KMSAN_KUNIT_TEST
5262306a36Sopenharmony_ci	tristate "KMSAN integration test suite" if !KUNIT_ALL_TESTS
5362306a36Sopenharmony_ci	default KUNIT_ALL_TESTS
5462306a36Sopenharmony_ci	depends on TRACEPOINTS && KUNIT
5562306a36Sopenharmony_ci	help
5662306a36Sopenharmony_ci	  Test suite for KMSAN, testing various error detection scenarios,
5762306a36Sopenharmony_ci	  and checking that reports are correctly output to console.
5862306a36Sopenharmony_ci
5962306a36Sopenharmony_ci	  Say Y here if you want the test to be built into the kernel and run
6062306a36Sopenharmony_ci	  during boot; say M if you want the test to build as a module; say N
6162306a36Sopenharmony_ci	  if you are unsure.
6262306a36Sopenharmony_ci
6362306a36Sopenharmony_ciendif
64