7b838e8a7b
1.【需求描述】: 支持内核态堆内存非法访问检测,包括:越界访问、double free、释放后使用;支持libc常用高频函数内存检测;支持安全函数内存检测;读写检测可配可裁剪。 2.【方案描述】: (1).影子内存映射与标记 (2).编译器使能-fsanitize=kernel-address 自动插桩检测点 (3).实时校验影子内存的合法性; (4).错误访问打印回溯栈 BREAKING CHANGE: 新增支持API: LOS_LmsCheckPoolAdd使能检测指定内存池 LOS_LmsCheckPoolDel不检测指定内存池 LOS_LmsAddrProtect为指定内存段上锁,不允许访问 LOS_LmsAddrDisableProtect去能指定内存段的访问保护 Close #I4HYBG Signed-off-by: LiteOS2021 <dinglu@huawei.com> Change-Id: Ia356a003088b9df37df667ea8ba91c80f5a41967
42 lines
978 B
Plaintext
42 lines
978 B
Plaintext
config KERNEL_LMS
|
|
bool "Enable Lite Memory Sanitizer"
|
|
default n
|
|
depends on KERNEL_EXTKERNEL && DEBUG_VERSION && KERNEL_BACKTRACE
|
|
help
|
|
Select y to build LiteOS with memory sanitizer.
|
|
|
|
config LMS_MAX_RECORD_POOL_NUM
|
|
int "Lms check pool max num"
|
|
default 50
|
|
depends on KERNEL_LMS
|
|
help
|
|
The Max num of lms check pool
|
|
|
|
config LMS_LOAD_CHECK
|
|
bool "Enable lms read check"
|
|
default y
|
|
depends on KERNEL_LMS
|
|
help
|
|
Select y to enable read check.
|
|
|
|
config LMS_STORE_CHECK
|
|
bool "Enable lms write check"
|
|
default y
|
|
depends on KERNEL_LMS
|
|
help
|
|
Select y to enable write check.
|
|
|
|
config LMS_CHECK_STRICT
|
|
bool "Enable lms strict check, byte-by-byte"
|
|
default n
|
|
depends on KERNEL_LMS
|
|
help
|
|
Select y to enable byte-by-byte check in lms
|
|
|
|
config LMS_LIBC_FULL_CHECK
|
|
bool "Enable libc all function do lms check"
|
|
default n
|
|
depends on KERNEL_LMS
|
|
help
|
|
Select y to enable libc full check
|