1# SPDX-License-Identifier: GPL-2.0-only 2config PAGE_EXTENSION 3 bool "Extend memmap on extra space for more information on page" 4 help 5 Extend memmap on extra space for more information on page. This 6 could be used for debugging features that need to insert extra 7 field for every page. This extension enables us to save memory 8 by not allocating this extra memory according to boottime 9 configuration. 10 11config DEBUG_PAGEALLOC 12 bool "Debug page memory allocations" 13 depends on DEBUG_KERNEL 14 depends on !HIBERNATION || ARCH_SUPPORTS_DEBUG_PAGEALLOC && !PPC && !SPARC 15 select PAGE_POISONING if !ARCH_SUPPORTS_DEBUG_PAGEALLOC 16 help 17 Unmap pages from the kernel linear mapping after free_pages(). 18 Depending on runtime enablement, this results in a small or large 19 slowdown, but helps to find certain types of memory corruption. 20 21 Also, the state of page tracking structures is checked more often as 22 pages are being allocated and freed, as unexpected state changes 23 often happen for same reasons as memory corruption (e.g. double free, 24 use-after-free). The error reports for these checks can be augmented 25 with stack traces of last allocation and freeing of the page, when 26 PAGE_OWNER is also selected and enabled on boot. 27 28 For architectures which don't enable ARCH_SUPPORTS_DEBUG_PAGEALLOC, 29 fill the pages with poison patterns after free_pages() and verify 30 the patterns before alloc_pages(). Additionally, this option cannot 31 be enabled in combination with hibernation as that would result in 32 incorrect warnings of memory corruption after a resume because free 33 pages are not saved to the suspend image. 34 35 By default this option will have a small overhead, e.g. by not 36 allowing the kernel mapping to be backed by large pages on some 37 architectures. Even bigger overhead comes when the debugging is 38 enabled by DEBUG_PAGEALLOC_ENABLE_DEFAULT or the debug_pagealloc 39 command line parameter. 40 41config DEBUG_PAGEALLOC_ENABLE_DEFAULT 42 bool "Enable debug page memory allocations by default?" 43 depends on DEBUG_PAGEALLOC 44 help 45 Enable debug page memory allocations by default? This value 46 can be overridden by debug_pagealloc=off|on. 47 48config PAGE_OWNER 49 bool "Track page owner" 50 depends on DEBUG_KERNEL && STACKTRACE_SUPPORT 51 select DEBUG_FS 52 select STACKTRACE 53 select STACKDEPOT 54 select PAGE_EXTENSION 55 help 56 This keeps track of what call chain is the owner of a page, may 57 help to find bare alloc_page(s) leaks. Even if you include this 58 feature on your build, it is disabled in default. You should pass 59 "page_owner=on" to boot parameter in order to enable it. Eats 60 a fair amount of memory if enabled. See tools/vm/page_owner_sort.c 61 for user-space helper. 62 63 If unsure, say N. 64 65config PAGE_POISONING 66 bool "Poison pages after freeing" 67 help 68 Fill the pages with poison patterns after free_pages() and verify 69 the patterns before alloc_pages. The filling of the memory helps 70 reduce the risk of information leaks from freed data. This does 71 have a potential performance impact if enabled with the 72 "page_poison=1" kernel boot option. 73 74 Note that "poison" here is not the same thing as the "HWPoison" 75 for CONFIG_MEMORY_FAILURE. This is software poisoning only. 76 77 If you are only interested in sanitization of freed pages without 78 checking the poison pattern on alloc, you can boot the kernel with 79 "init_on_free=1" instead of enabling this. 80 81 If unsure, say N 82 83config DEBUG_PAGE_REF 84 bool "Enable tracepoint to track down page reference manipulation" 85 depends on DEBUG_KERNEL 86 depends on TRACEPOINTS 87 help 88 This is a feature to add tracepoint for tracking down page reference 89 manipulation. This tracking is useful to diagnose functional failure 90 due to migration failures caused by page reference mismatches. Be 91 careful when enabling this feature because it adds about 30 KB to the 92 kernel code. However the runtime performance overhead is virtually 93 nil until the tracepoints are actually enabled. 94 95config DEBUG_RODATA_TEST 96 bool "Testcase for the marking rodata read-only" 97 depends on STRICT_KERNEL_RWX 98 help 99 This option enables a testcase for the setting rodata read-only. 100 101config ARCH_HAS_DEBUG_WX 102 bool 103 104config DEBUG_WX 105 bool "Warn on W+X mappings at boot" 106 depends on ARCH_HAS_DEBUG_WX 107 depends on MMU 108 select PTDUMP_CORE 109 help 110 Generate a warning if any W+X mappings are found at boot. 111 112 This is useful for discovering cases where the kernel is leaving W+X 113 mappings after applying NX, as such mappings are a security risk. 114 115 Look for a message in dmesg output like this: 116 117 <arch>/mm: Checked W+X mappings: passed, no W+X pages found. 118 119 or like this, if the check failed: 120 121 <arch>/mm: Checked W+X mappings: failed, <N> W+X pages found. 122 123 Note that even if the check fails, your kernel is possibly 124 still fine, as W+X mappings are not a security hole in 125 themselves, what they do is that they make the exploitation 126 of other unfixed kernel bugs easier. 127 128 There is no runtime or memory usage effect of this option 129 once the kernel has booted up - it's a one time check. 130 131 If in doubt, say "Y". 132 133config GENERIC_PTDUMP 134 bool 135 136config PTDUMP_CORE 137 bool 138 139config PTDUMP_DEBUGFS 140 bool "Export kernel pagetable layout to userspace via debugfs" 141 depends on DEBUG_KERNEL 142 depends on DEBUG_FS 143 depends on GENERIC_PTDUMP 144 select PTDUMP_CORE 145 help 146 Say Y here if you want to show the kernel pagetable layout in a 147 debugfs file. This information is only useful for kernel developers 148 who are working in architecture specific areas of the kernel. 149 It is probably not a good idea to enable this feature in a production 150 kernel. 151 152 If in doubt, say N. 153