summaryrefslogtreecommitdiffstats
path: root/lib/Kconfig.ubsan
diff options
context:
space:
mode:
authorJann Horn <jannh@google.com>2023-07-05 23:51:27 +0200
committerKees Cook <keescook@chromium.org>2023-07-18 01:05:19 +0200
commitce6616724fb425d6043d0dad6af996cd7c79bcc4 (patch)
tree344595f37aec651815664c0461378a7e8d68b6d2 /lib/Kconfig.ubsan
parentLinux 6.5-rc2 (diff)
downloadlinux-ce6616724fb425d6043d0dad6af996cd7c79bcc4.tar.xz
linux-ce6616724fb425d6043d0dad6af996cd7c79bcc4.zip
ubsan: Clarify Kconfig text for CONFIG_UBSAN_TRAP
Make it clearer in the one-line description and the verbose description text that CONFIG_UBSAN_TRAP as currently implemented involves a tradeoff of much less helpful oops messages in exchange for a smaller kernel image. (With the additional effect of turning UBSAN warnings into crashes, which may or may not be desired.) Signed-off-by: Jann Horn <jannh@google.com> Link: https://lore.kernel.org/r/20230705215128.486054-1-jannh@google.com Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'lib/Kconfig.ubsan')
-rw-r--r--lib/Kconfig.ubsan10
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index efae7e011956..59e21bfec188 100644
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -13,7 +13,7 @@ menuconfig UBSAN
if UBSAN
config UBSAN_TRAP
- bool "On Sanitizer warnings, abort the running kernel code"
+ bool "Abort on Sanitizer warnings (smaller kernel but less verbose)"
depends on !COMPILE_TEST
help
Building kernels with Sanitizer features enabled tends to grow
@@ -26,6 +26,14 @@ config UBSAN_TRAP
the system. For some system builders this is an acceptable
trade-off.
+ Also note that selecting Y will cause your kernel to Oops
+ with an "illegal instruction" error with no further details
+ when a UBSAN violation occurs. (Except on arm64, which will
+ report which Sanitizer failed.) This may make it hard to
+ determine whether an Oops was caused by UBSAN or to figure
+ out the details of a UBSAN violation. It makes the kernel log
+ output less useful for bug reports.
+
config CC_HAS_UBSAN_BOUNDS_STRICT
def_bool $(cc-option,-fsanitize=bounds-strict)
help