build: Add option KERNEL_KASAN

The kernel kernel address sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>

config/Config-kernel.in

@@ -120,6 +120,58 @@ config KERNEL_UBSAN_NULL
 	  This option enables detection of memory accesses via a
 	  null pointer.
 
+config KERNEL_KASAN
+	bool "Compile the kernel with KASan: runtime memory debugger"
+	select KERNEL_SLUB_DEBUG
+	depends on (x86_64 || aarch64)
+	help
+	  Enables kernel address sanitizer - runtime memory debugger,
+	  designed to find out-of-bounds accesses and use-after-free bugs.
+	  This is strictly a debugging feature and it requires a gcc version
+	  of 4.9.2 or later. Detection of out of bounds accesses to stack or
+	  global variables requires gcc 5.0 or later.
+	  This feature consumes about 1/8 of available memory and brings about
+	  ~x3 performance slowdown.
+	  For better error detection enable CONFIG_STACKTRACE.
+	  Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
+	  (the resulting kernel does not boot).
+
+config KERNEL_KASAN_EXTRA
+	bool "KAsan: extra checks"
+	depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
+	help
+	  This enables further checks in the kernel address sanitizer, for now
+	  it only includes the address-use-after-scope check that can lead
+	  to excessive kernel stack usage, frame size warnings and longer
+	  compile time.
+	  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
+
+
+choice
+	prompt "Instrumentation type"
+	depends on KERNEL_KASAN
+	default KERNEL_KASAN_OUTLINE
+
+config KERNEL_KASAN_OUTLINE
+	bool "Outline instrumentation"
+	help
+	  Before every memory access compiler insert function call
+	  __asan_load*/__asan_store*. These functions performs check
+	  of shadow memory. This is slower than inline instrumentation,
+	  however it doesn't bloat size of kernel's .text section so
+	  much as inline does.
+
+config KERNEL_KASAN_INLINE
+	bool "Inline instrumentation"
+	help
+	  Compiler directly inserts code checking shadow memory before
+	  memory accesses. This is faster than outline (in some workloads
+	  it gives about x2 boost over outline instrumentation), but
+	  make kernel's .text size much bigger.
+	  This requires a gcc version of 5.0 or later.
+
+endchoice
+
 config KERNEL_TASKSTATS
 	bool "Compile the kernel with task resource/io statistics and accounting"
 	default n

target/linux/generic/config-4.14

@@ -4927,6 +4927,7 @@ CONFIG_TCP_CONG_CUBIC=y
 # CONFIG_TEST_FIRMWARE is not set
 # CONFIG_TEST_HASH is not set
 # CONFIG_TEST_HEXDUMP is not set
+# CONFIG_TEST_KASAN is not set
 # CONFIG_TEST_KMOD is not set
 # CONFIG_TEST_KSTRTOX is not set
 # CONFIG_TEST_LIST_SORT is not set

target/linux/generic/config-4.19

@@ -5187,6 +5187,7 @@ CONFIG_TCP_CONG_CUBIC=y
 # CONFIG_TEST_HASH is not set
 # CONFIG_TEST_HEXDUMP is not set
 # CONFIG_TEST_IDA is not set
+# CONFIG_TEST_KASAN is not set
 # CONFIG_TEST_KMOD is not set
 # CONFIG_TEST_KSTRTOX is not set
 # CONFIG_TEST_LIST_SORT is not set