Commit | Line | Data |
---|---|---|
ec8f24b7 | 1 | # SPDX-License-Identifier: GPL-2.0-only |
eefa864b JK |
2 | config PAGE_EXTENSION |
3 | bool "Extend memmap on extra space for more information on page" | |
a7f7f624 | 4 | help |
eefa864b JK |
5 | Extend memmap on extra space for more information on page. This |
6 | could be used for debugging features that need to insert extra | |
7 | field for every page. This extension enables us to save memory | |
8 | by not allocating this extra memory according to boottime | |
9 | configuration. | |
10 | ||
ee3b4290 AM |
11 | config DEBUG_PAGEALLOC |
12 | bool "Debug page memory allocations" | |
7bc32f6f AM |
13 | depends on DEBUG_KERNEL |
14 | depends on !HIBERNATION || ARCH_SUPPORTS_DEBUG_PAGEALLOC && !PPC && !SPARC | |
7bc32f6f | 15 | select PAGE_POISONING if !ARCH_SUPPORTS_DEBUG_PAGEALLOC |
a7f7f624 | 16 | help |
ee3b4290 | 17 | Unmap pages from the kernel linear mapping after free_pages(). |
ea6eabb0 CB |
18 | Depending on runtime enablement, this results in a small or large |
19 | slowdown, but helps to find certain types of memory corruption. | |
ee3b4290 | 20 | |
4462b32c VB |
21 | Also, the state of page tracking structures is checked more often as |
22 | pages are being allocated and freed, as unexpected state changes | |
23 | often happen for same reasons as memory corruption (e.g. double free, | |
8974558f VB |
24 | use-after-free). The error reports for these checks can be augmented |
25 | with stack traces of last allocation and freeing of the page, when | |
26 | PAGE_OWNER is also selected and enabled on boot. | |
4462b32c | 27 | |
7bc32f6f AM |
28 | For architectures which don't enable ARCH_SUPPORTS_DEBUG_PAGEALLOC, |
29 | fill the pages with poison patterns after free_pages() and verify | |
4462b32c VB |
30 | the patterns before alloc_pages(). Additionally, this option cannot |
31 | be enabled in combination with hibernation as that would result in | |
32 | incorrect warnings of memory corruption after a resume because free | |
33 | pages are not saved to the suspend image. | |
7bc32f6f | 34 | |
ea6eabb0 CB |
35 | By default this option will have a small overhead, e.g. by not |
36 | allowing the kernel mapping to be backed by large pages on some | |
37 | architectures. Even bigger overhead comes when the debugging is | |
38 | enabled by DEBUG_PAGEALLOC_ENABLE_DEFAULT or the debug_pagealloc | |
39 | command line parameter. | |
40 | ||
41 | config DEBUG_PAGEALLOC_ENABLE_DEFAULT | |
42 | bool "Enable debug page memory allocations by default?" | |
ea6eabb0 | 43 | depends on DEBUG_PAGEALLOC |
a7f7f624 | 44 | help |
ea6eabb0 CB |
45 | Enable debug page memory allocations by default? This value |
46 | can be overridden by debug_pagealloc=off|on. | |
47 | ||
0710d012 VB |
48 | config DEBUG_SLAB |
49 | bool "Debug slab memory allocations" | |
50 | depends on DEBUG_KERNEL && SLAB | |
51 | help | |
52 | Say Y here to have the kernel do limited verification on memory | |
53 | allocation as well as poisoning memory on free to catch use of freed | |
54 | memory. This can make kmalloc/kfree-intensive workloads much slower. | |
55 | ||
56 | config SLUB_DEBUG | |
57 | default y | |
58 | bool "Enable SLUB debugging support" if EXPERT | |
e240e53a | 59 | depends on SLUB && SYSFS && !SLUB_TINY |
8291eaaf | 60 | select STACKDEPOT if STACKTRACE_SUPPORT |
0710d012 VB |
61 | help |
62 | SLUB has extensive debug support features. Disabling these can | |
63 | result in significant savings in code size. This also disables | |
64 | SLUB sysfs support. /sys/slab will not exist and there will be | |
65 | no support for cache validation etc. | |
66 | ||
67 | config SLUB_DEBUG_ON | |
68 | bool "SLUB debugging on by default" | |
69 | depends on SLUB && SLUB_DEBUG | |
8291eaaf | 70 | select STACKDEPOT_ALWAYS_INIT if STACKTRACE_SUPPORT |
0710d012 VB |
71 | default n |
72 | help | |
73 | Boot with debugging on by default. SLUB boots by default with | |
74 | the runtime debug capabilities switched off. Enabling this is | |
75 | equivalent to specifying the "slub_debug" parameter on boot. | |
76 | There is no support for more fine grained debug control like | |
77 | possible with slub_debug=xxx. SLUB debugging may be switched | |
78 | off in a kernel built with CONFIG_SLUB_DEBUG_ON by specifying | |
79 | "slub_debug=-". | |
80 | ||
8aa49762 CD |
81 | config PAGE_OWNER |
82 | bool "Track page owner" | |
83 | depends on DEBUG_KERNEL && STACKTRACE_SUPPORT | |
84 | select DEBUG_FS | |
85 | select STACKTRACE | |
86 | select STACKDEPOT | |
87 | select PAGE_EXTENSION | |
88 | help | |
89 | This keeps track of what call chain is the owner of a page, may | |
90 | help to find bare alloc_page(s) leaks. Even if you include this | |
91 | feature on your build, it is disabled in default. You should pass | |
92 | "page_owner=on" to boot parameter in order to enable it. Eats | |
799fb82a | 93 | a fair amount of memory if enabled. See tools/mm/page_owner_sort.c |
8aa49762 CD |
94 | for user-space helper. |
95 | ||
96 | If unsure, say N. | |
97 | ||
df4e817b PT |
98 | config PAGE_TABLE_CHECK |
99 | bool "Check for invalid mappings in user page tables" | |
100 | depends on ARCH_SUPPORTS_PAGE_TABLE_CHECK | |
101 | select PAGE_EXTENSION | |
102 | help | |
103 | Check that anonymous page is not being mapped twice with read write | |
104 | permissions. Check that anonymous and file pages are not being | |
105 | erroneously shared. Since the checking is performed at the time | |
106 | entries are added and removed to user page tables, leaking, corruption | |
107 | and double mapping problems are detected synchronously. | |
108 | ||
109 | If unsure say "n". | |
110 | ||
111 | config PAGE_TABLE_CHECK_ENFORCED | |
112 | bool "Enforce the page table checking by default" | |
113 | depends on PAGE_TABLE_CHECK | |
114 | help | |
115 | Always enable page table checking. By default the page table checking | |
116 | is disabled, and can be optionally enabled via page_table_check=on | |
117 | kernel parameter. This config enforces that page table check is always | |
118 | enabled. | |
119 | ||
120 | If unsure say "n". | |
121 | ||
6a11f75b | 122 | config PAGE_POISONING |
8823b1db | 123 | bool "Poison pages after freeing" |
a7f7f624 | 124 | help |
8823b1db LA |
125 | Fill the pages with poison patterns after free_pages() and verify |
126 | the patterns before alloc_pages. The filling of the memory helps | |
127 | reduce the risk of information leaks from freed data. This does | |
8c9a134c KC |
128 | have a potential performance impact if enabled with the |
129 | "page_poison=1" kernel boot option. | |
8823b1db LA |
130 | |
131 | Note that "poison" here is not the same thing as the "HWPoison" | |
132 | for CONFIG_MEMORY_FAILURE. This is software poisoning only. | |
133 | ||
8f424750 VB |
134 | If you are only interested in sanitization of freed pages without |
135 | checking the poison pattern on alloc, you can boot the kernel with | |
136 | "init_on_free=1" instead of enabling this. | |
8823b1db | 137 | |
8f424750 | 138 | If unsure, say N |
1414c7f4 | 139 | |
95813b8f JK |
140 | config DEBUG_PAGE_REF |
141 | bool "Enable tracepoint to track down page reference manipulation" | |
142 | depends on DEBUG_KERNEL | |
143 | depends on TRACEPOINTS | |
a7f7f624 | 144 | help |
95813b8f JK |
145 | This is a feature to add tracepoint for tracking down page reference |
146 | manipulation. This tracking is useful to diagnose functional failure | |
147 | due to migration failures caused by page reference mismatches. Be | |
148 | careful when enabling this feature because it adds about 30 KB to the | |
149 | kernel code. However the runtime performance overhead is virtually | |
150 | nil until the tracepoints are actually enabled. | |
2959a5f7 JP |
151 | |
152 | config DEBUG_RODATA_TEST | |
153 | bool "Testcase for the marking rodata read-only" | |
154 | depends on STRICT_KERNEL_RWX | |
a7f7f624 | 155 | help |
2959a5f7 | 156 | This option enables a testcase for the setting rodata read-only. |
30d621f6 | 157 | |
375d315c ZL |
158 | config ARCH_HAS_DEBUG_WX |
159 | bool | |
160 | ||
161 | config DEBUG_WX | |
162 | bool "Warn on W+X mappings at boot" | |
163 | depends on ARCH_HAS_DEBUG_WX | |
164 | depends on MMU | |
165 | select PTDUMP_CORE | |
166 | help | |
167 | Generate a warning if any W+X mappings are found at boot. | |
168 | ||
169 | This is useful for discovering cases where the kernel is leaving W+X | |
170 | mappings after applying NX, as such mappings are a security risk. | |
171 | ||
172 | Look for a message in dmesg output like this: | |
173 | ||
174 | <arch>/mm: Checked W+X mappings: passed, no W+X pages found. | |
175 | ||
176 | or like this, if the check failed: | |
177 | ||
178 | <arch>/mm: Checked W+X mappings: failed, <N> W+X pages found. | |
179 | ||
180 | Note that even if the check fails, your kernel is possibly | |
181 | still fine, as W+X mappings are not a security hole in | |
182 | themselves, what they do is that they make the exploitation | |
183 | of other unfixed kernel bugs easier. | |
184 | ||
185 | There is no runtime or memory usage effect of this option | |
186 | once the kernel has booted up - it's a one time check. | |
187 | ||
188 | If in doubt, say "Y". | |
189 | ||
30d621f6 SP |
190 | config GENERIC_PTDUMP |
191 | bool | |
192 | ||
193 | config PTDUMP_CORE | |
194 | bool | |
195 | ||
196 | config PTDUMP_DEBUGFS | |
197 | bool "Export kernel pagetable layout to userspace via debugfs" | |
198 | depends on DEBUG_KERNEL | |
199 | depends on DEBUG_FS | |
200 | depends on GENERIC_PTDUMP | |
201 | select PTDUMP_CORE | |
202 | help | |
203 | Say Y here if you want to show the kernel pagetable layout in a | |
204 | debugfs file. This information is only useful for kernel developers | |
205 | who are working in architecture specific areas of the kernel. | |
206 | It is probably not a good idea to enable this feature in a production | |
207 | kernel. | |
208 | ||
209 | If in doubt, say N. | |
b2db9ef2 ZH |
210 | |
211 | config HAVE_DEBUG_KMEMLEAK | |
212 | bool | |
213 | ||
214 | config DEBUG_KMEMLEAK | |
215 | bool "Kernel memory leak detector" | |
216 | depends on DEBUG_KERNEL && HAVE_DEBUG_KMEMLEAK | |
217 | select DEBUG_FS | |
218 | select STACKTRACE if STACKTRACE_SUPPORT | |
219 | select KALLSYMS | |
220 | select CRC32 | |
221 | select STACKDEPOT | |
222 | select STACKDEPOT_ALWAYS_INIT if !DEBUG_KMEMLEAK_DEFAULT_OFF | |
223 | help | |
224 | Say Y here if you want to enable the memory leak | |
225 | detector. The memory allocation/freeing is traced in a way | |
226 | similar to the Boehm's conservative garbage collector, the | |
227 | difference being that the orphan objects are not freed but | |
228 | only shown in /sys/kernel/debug/kmemleak. Enabling this | |
229 | feature will introduce an overhead to memory | |
230 | allocations. See Documentation/dev-tools/kmemleak.rst for more | |
231 | details. | |
232 | ||
233 | Enabling DEBUG_SLAB or SLUB_DEBUG may increase the chances | |
234 | of finding leaks due to the slab objects poisoning. | |
235 | ||
236 | In order to access the kmemleak file, debugfs needs to be | |
237 | mounted (usually at /sys/kernel/debug). | |
238 | ||
239 | config DEBUG_KMEMLEAK_MEM_POOL_SIZE | |
240 | int "Kmemleak memory pool size" | |
241 | depends on DEBUG_KMEMLEAK | |
242 | range 200 1000000 | |
243 | default 16000 | |
244 | help | |
245 | Kmemleak must track all the memory allocations to avoid | |
246 | reporting false positives. Since memory may be allocated or | |
247 | freed before kmemleak is fully initialised, use a static pool | |
248 | of metadata objects to track such callbacks. After kmemleak is | |
249 | fully initialised, this memory pool acts as an emergency one | |
250 | if slab allocations fail. | |
251 | ||
252 | config DEBUG_KMEMLEAK_TEST | |
253 | tristate "Simple test for the kernel memory leak detector" | |
254 | depends on DEBUG_KMEMLEAK && m | |
255 | help | |
256 | This option enables a module that explicitly leaks memory. | |
257 | ||
258 | If unsure, say N. | |
259 | ||
260 | config DEBUG_KMEMLEAK_DEFAULT_OFF | |
261 | bool "Default kmemleak to off" | |
262 | depends on DEBUG_KMEMLEAK | |
263 | help | |
264 | Say Y here to disable kmemleak by default. It can then be enabled | |
265 | on the command line via kmemleak=on. | |
266 | ||
267 | config DEBUG_KMEMLEAK_AUTO_SCAN | |
268 | bool "Enable kmemleak auto scan thread on boot up" | |
269 | default y | |
270 | depends on DEBUG_KMEMLEAK | |
271 | help | |
272 | Depending on the cpu, kmemleak scan may be cpu intensive and can | |
273 | stall user tasks at times. This option enables/disables automatic | |
274 | kmemleak scan at boot up. | |
275 | ||
276 | Say N here to disable kmemleak auto scan thread to stop automatic | |
277 | scanning. Disabling this option disables automatic reporting of | |
278 | memory leaks. | |
279 | ||
280 | If unsure, say Y. | |
281 |