randstruct: Enable Clang support · tjh.dev/kernel@035f7f8

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

randstruct: Enable Clang support

Clang 15 will support randstruct via the -frandomize-layout-seed-file=...
option. Update the Kconfig and Makefile to recognize this feature.

Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: linux-kbuild@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220503205503.3054173-7-keescook@chromium.org

Kees Cook 3 years ago 035f7f87 be2b34fa

+15 -2

2 changed files

expand all

scripts

Makefile.randstruct

security

Kconfig.hardening

scripts/Makefile.randstruct

··· 7 7 += -fplugin=$(objtree)/scripts/gcc-plugins/randomize_layout_plugin.so 8 8 randstruct-cflags-$(CONFIG_RANDSTRUCT_PERFORMANCE) \ 9 9 += -fplugin-arg-randomize_layout_plugin-performance-mode 10 + else 11 + randstruct-cflags-y \ 12 + += -frandomize-layout-seed-file=$(objtree)/scripts/basic/randstruct.seed 10 13 endif 11 14 12 15 export RANDSTRUCT_CFLAGS := $(randstruct-cflags-y)

+12 -2

security/Kconfig.hardening

··· 266 266 267 267 endmenu 268 268 269 + config CC_HAS_RANDSTRUCT 270 + def_bool $(cc-option,-frandomize-layout-seed-file=/dev/null) 271 + 269 272 choice 270 273 prompt "Randomize layout of sensitive kernel structures" 271 - default RANDSTRUCT_FULL if COMPILE_TEST && GCC_PLUGINS 274 + default RANDSTRUCT_FULL if COMPILE_TEST && (GCC_PLUGINS || CC_HAS_RANDSTRUCT) 272 275 default RANDSTRUCT_NONE 273 276 help 274 277 If you enable this, the layouts of structures that are entirely ··· 300 297 301 298 config RANDSTRUCT_FULL 302 299 bool "Fully randomize structure layout" 303 - depends on GCC_PLUGINS 300 + depends on CC_HAS_RANDSTRUCT || GCC_PLUGINS 304 301 select MODVERSIONS if MODULES 305 302 help 306 303 Fully randomize the member layout of sensitive 307 304 structures as much as possible, which may have both a 308 305 memory size and performance impact. 306 + 307 + One difference between the Clang and GCC plugin 308 + implementations is the handling of bitfields. The GCC 309 + plugin treats them as fully separate variables, 310 + introducing sometimes significant padding. Clang tries 311 + to keep adjacent bitfields together, but with their bit 312 + ordering randomized. 309 313 310 314 config RANDSTRUCT_PERFORMANCE 311 315 bool "Limit randomization of structure layout to cache-lines"