android_kernel_samsung_sm8650_ksu/lib/Kconfig.kfence

# SPDX-License-Identifier: GPL-2.0-only

config HAVE_ARCH_KFENCE
	bool

menuconfig KFENCE
	bool "KFENCE: low-overhead sampling-based memory safety error detector"
	depends on HAVE_ARCH_KFENCE && (SLAB || SLUB)
	select STACKTRACE
	select IRQ_WORK
	help
	  KFENCE is a low-overhead sampling-based detector of heap out-of-bounds
	  access, use-after-free, and invalid-free errors. KFENCE is designed
	  to have negligible cost to permit enabling it in production
	  environments.

	  See <file:Documentation/dev-tools/kfence.rst> for more details.

	  Note that, KFENCE is not a substitute for explicit testing with tools
	  such as KASAN. KFENCE can detect a subset of bugs that KASAN can
	  detect, albeit at very different performance profiles. If you can
	  afford to use KASAN, continue using KASAN, for example in test
	  environments. If your kernel targets production use, and cannot
	  enable KASAN due to its cost, consider using KFENCE.

if KFENCE

config KFENCE_SAMPLE_INTERVAL
	int "Default sample interval in milliseconds"
	default 100
	help
	  The KFENCE sample interval determines the frequency with which heap
	  allocations will be guarded by KFENCE. May be overridden via boot
	  parameter "kfence.sample_interval".

	  Set this to 0 to disable KFENCE by default, in which case only
	  setting "kfence.sample_interval" to a non-zero value enables KFENCE.

config KFENCE_NUM_OBJECTS
	int "Number of guarded objects available"
	range 1 65535
	default 255
	help
	  The number of guarded objects available. For each KFENCE object, 2
	  pages are required; with one containing the object and two adjacent
	  ones used as guard pages.

config KFENCE_DEFERRABLE
	bool "Use a deferrable timer to trigger allocations"
	help
	  Use a deferrable timer to trigger allocations. This avoids forcing
	  CPU wake-ups if the system is idle, at the risk of a less predictable
	  sample interval.

	  Warning: The KUnit test suite fails with this option enabled - due to
	  the unpredictability of the sample interval!

	  Say N if you are unsure.

config KFENCE_STATIC_KEYS
	bool "Use static keys to set up allocations" if EXPERT
	depends on JUMP_LABEL
	help
	  Use static keys (static branches) to set up KFENCE allocations. This
	  option is only recommended when using very large sample intervals, or
	  performance has carefully been evaluated with this option.

	  Using static keys comes with trade-offs that need to be carefully
	  evaluated given target workloads and system architectures. Notably,
	  enabling and disabling static keys invoke IPI broadcasts, the latency
	  and impact of which is much harder to predict than a dynamic branch.

	  Say N if you are unsure.

config KFENCE_STRESS_TEST_FAULTS
	int "Stress testing of fault handling and error reporting" if EXPERT
	default 0
	help
	  The inverse probability with which to randomly protect KFENCE object
	  pages, resulting in spurious use-after-frees. The main purpose of
	  this option is to stress test KFENCE with concurrent error reports
	  and allocations/frees. A value of 0 disables stress testing logic.

	  Only for KFENCE testing; set to 0 if you are not a KFENCE developer.

config KFENCE_KUNIT_TEST
	tristate "KFENCE integration test suite" if !KUNIT_ALL_TESTS
	default KUNIT_ALL_TESTS
	depends on TRACEPOINTS && KUNIT
	help
	  Test suite for KFENCE, testing various error detection scenarios with
	  various allocation types, and checking that reports are correctly
	  output to console.

	  Say Y here if you want the test to be built into the kernel and run
	  during boot; say M if you want the test to build as a module; say N
	  if you are unsure.

endif # KFENCE