Kernel Electric-Fence (KFENCE) is a low-overhead sampling-based memory safety error detector. KFENCE detects heap out-of-bounds access, use-after-free, and invalid-free errors.
KFENCE is designed to be enabled in production kernels, and has near zero performance overhead. Compared to KASAN, KFENCE trades precision for performance. Signed-off-by: He Zhe <[email protected]> --- features/kfence/kfence.cfg | 2 ++ features/kfence/kfence.scc | 5 +++++ 2 files changed, 7 insertions(+) create mode 100644 features/kfence/kfence.cfg create mode 100644 features/kfence/kfence.scc diff --git a/features/kfence/kfence.cfg b/features/kfence/kfence.cfg new file mode 100644 index 00000000..6f4875c3 --- /dev/null +++ b/features/kfence/kfence.cfg @@ -0,0 +1,2 @@ +# SPDX-License-Identifier: MIT +CONFIG_KFENCE=y diff --git a/features/kfence/kfence.scc b/features/kfence/kfence.scc new file mode 100644 index 00000000..741bca26 --- /dev/null +++ b/features/kfence/kfence.scc @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: MIT +define KFEATURE_DESCRIPTION "a low-overhead sampling-based memory safety error detector" +define KFEATURE_COMPATIBILITY arch + +kconf non-hardware kfence.cfg -- 2.17.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9993): https://lists.yoctoproject.org/g/linux-yocto/message/9993 Mute This Topic: https://lists.yoctoproject.org/mt/83709728/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
