From d3f134fd8a6ba2d330bba99d814f3371c654bd5d Mon Sep 17 00:00:00 2001 From: Andrey Konovalov Date: Fri, 5 Feb 2021 20:10:23 +0100 Subject: [PATCH] ANDROID: gki_defconfig: enable CONFIG_KASAN_HW_TAGS Enable in-kernel MTE (Memory Tagging Extension) support via CONFIG_KASAN_HW_TAGS=y. With this change in-kernel MTE will be auto-enabled during boot on hardware that supports MTE. Currently, in-kernel MTE is only supported for slab and page_alloc allocations. Future changes might include support for vmalloc, stack, and globals. By default: - MTE works in synchronous mode, which means that tag faults are being reported at the point of occurence. - When a tag fault is detected, a report is printed into the kernel log. Only the first tag fault gets reported. No panic occurs unless either "kasan.fault=panic" or "panic_on_warn" is set via command line. - A report contains the address and a stack trace of the access. There are no alloc/free stack traces for the accessed page or slab object (as specified via CONFIG_CMDLINE in this change). These defaults can be overridden via command line parameters, see Documentation/dev-tools/kasan.rst for details. In particular, using the "kasan=off" command line parameter will turn in-kernel MTE off. Note, that enabling alloc/free stacktraces requires specifying both "kasan.stacktrace=on" and "stack_depot_disable=off". On MTE-enabled hardware, a performance impact of ~10% is expected, but there is no such hardware yet to run benchmarks. A future integration of in-kernel MTE with init_on_alloc/free might significantly bring down the perfomance impact. There is no performance impact when in-kernel MTE is disabled via command line or when hardware without MTE (pre-ARMv8.5) is in use. There is still a side-effect of TTBR1 TBI (Top Byte Ignore) getting enabled with CONFIG_KASAN_HW_TAGS=y. Signed-off-by: Andrey Konovalov Bug: 172318110 Change-Id: I2f9bb845ae43292c182532e5e42f43e07b4d0d56 --- arch/arm64/configs/gki_defconfig | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig index 77c2ef7d9330..6c33676e55c4 100644 --- a/arch/arm64/configs/gki_defconfig +++ b/arch/arm64/configs/gki_defconfig @@ -56,6 +56,8 @@ CONFIG_CP15_BARRIER_EMULATION=y CONFIG_SETEND_EMULATION=y CONFIG_RANDOMIZE_BASE=y # CONFIG_RANDOMIZE_MODULE_REGION_FULL is not set +CONFIG_CMDLINE="stack_depot_disable=on kasan.stacktrace=off" +CONFIG_CMDLINE_EXTEND=y # CONFIG_DMI is not set CONFIG_PM_WAKELOCKS=y CONFIG_PM_WAKELOCKS_LIMIT=0 @@ -602,6 +604,8 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_DEBUG_FS=y CONFIG_DEBUG_STACK_USAGE=y CONFIG_DEBUG_MEMORY_INIT=y +CONFIG_KASAN=y +CONFIG_KASAN_HW_TAGS=y CONFIG_KFENCE=y CONFIG_KFENCE_SAMPLE_INTERVAL=0 CONFIG_PANIC_ON_OOPS=y