tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

randstruct: Move seed generation into scripts/basic/

To enable Clang randstruct support, move the structure layout
randomization seed generation out of scripts/gcc-plugins/ into
scripts/basic/ so it happens early enough that it can be used by either
compiler implementation. The gcc-plugin still builds its own header file,
but now does so from the common "randstruct.seed" file.

Cc: linux-hardening@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220503205503.3054173-6-keescook@chromium.org

Kees Cook be2b34fa 613f4b3e

+39 -21
+1
Documentation/dontdiff
··· 211 211 r300_reg_safe.h 212 212 r420_reg_safe.h 213 213 r600_reg_safe.h 214 + randstruct.seed 214 215 randomize_layout_hash.h 215 216 randomize_layout_seed.h 216 217 recordmcount
+3 -2
Documentation/kbuild/reproducible-builds.rst
··· 100 100 ----------------------- 101 101 102 102 If you enable ``CONFIG_RANDSTRUCT``, you will need to pre-generate 103 - the random seed in ``scripts/gcc-plugins/randomize_layout_seed.h`` 104 - so the same value is used in rebuilds. 103 + the random seed in ``scripts/basic/randstruct.seed`` so the same 104 + value is used by each build. See ``scripts/gen-randstruct-seed.sh`` 105 + for details. 105 106 106 107 Debug info conflicts 107 108 --------------------
+1 -1
include/linux/vermagic.h
··· 33 33 #define MODULE_VERMAGIC_MODVERSIONS "" 34 34 #endif 35 35 #ifdef RANDSTRUCT 36 - #include <generated/randomize_layout_hash.h> 36 + #include <generated/randstruct_hash.h> 37 37 #define MODULE_RANDSTRUCT "RANDSTRUCT_" RANDSTRUCT_HASHED_SEED 38 38 #else 39 39 #define MODULE_RANDSTRUCT
+1
scripts/basic/.gitignore
··· 1 1 # SPDX-License-Identifier: GPL-2.0-only 2 2 /fixdep 3 + /randstruct.seed
+11
scripts/basic/Makefile
··· 3 3 # fixdep: used to generate dependency information during build process 4 4 5 5 hostprogs-always-y += fixdep 6 + 7 + # randstruct: the seed is needed before building the gcc-plugin or 8 + # before running a Clang kernel build. 9 + gen-randstruct-seed := $(srctree)/scripts/gen-randstruct-seed.sh 10 + quiet_cmd_create_randstruct_seed = GENSEED $@ 11 + cmd_create_randstruct_seed = \ 12 + $(CONFIG_SHELL) $(gen-randstruct-seed) \ 13 + $@ $(objtree)/include/generated/randstruct_hash.h 14 + $(obj)/randstruct.seed: $(gen-randstruct-seed) FORCE 15 + $(call if_changed,create_randstruct_seed) 16 + always-$(CONFIG_RANDSTRUCT) += randstruct.seed
+10 -5
scripts/gcc-plugins/Makefile
··· 1 1 # SPDX-License-Identifier: GPL-2.0 2 2 3 - $(obj)/randomize_layout_plugin.so: $(objtree)/$(obj)/randomize_layout_seed.h 4 - quiet_cmd_create_randomize_layout_seed = GENSEED $@ 3 + $(obj)/randomize_layout_plugin.so: $(obj)/randomize_layout_seed.h 4 + quiet_cmd_create_randomize_layout_seed = SEEDHDR $@ 5 5 cmd_create_randomize_layout_seed = \ 6 - $(CONFIG_SHELL) $(srctree)/$(src)/gen-random-seed.sh $@ $(objtree)/include/generated/randomize_layout_hash.h 7 - $(objtree)/$(obj)/randomize_layout_seed.h: FORCE 6 + SEED=$$(cat $(filter-out FORCE,$^) </dev/null); \ 7 + echo '/*' > $@; \ 8 + echo ' * This file is automatically generated. Keep it private.' >> $@; \ 9 + echo ' * Exposing this value will expose the layout of randomized structures.' >> $@; \ 10 + echo ' */' >> $@; \ 11 + echo "const char *randstruct_seed = \"$$SEED\";" >> $@ 12 + $(obj)/randomize_layout_seed.h: $(objtree)/scripts/basic/randstruct.seed FORCE 8 13 $(call if_changed,create_randomize_layout_seed) 9 - targets += randomize_layout_seed.h randomize_layout_hash.h 14 + targets += randomize_layout_seed.h 10 15 11 16 # Build rules for plugins 12 17 #
-9
scripts/gcc-plugins/gen-random-seed.sh
··· 1 - #!/bin/sh 2 - # SPDX-License-Identifier: GPL-2.0 3 - 4 - if [ ! -f "$1" ]; then 5 - SEED=`od -A n -t x8 -N 32 /dev/urandom | tr -d ' \n'` 6 - echo "const char *randstruct_seed = \"$SEED\";" > "$1" 7 - HASH=`echo -n "$SEED" | sha256sum | cut -d" " -f1 | tr -d ' \n'` 8 - echo "#define RANDSTRUCT_HASHED_SEED \"$HASH\"" > "$2" 9 - fi
+7
scripts/gen-randstruct-seed.sh
··· 1 + #!/bin/sh 2 + # SPDX-License-Identifier: GPL-2.0 3 + 4 + SEED=$(od -A n -t x8 -N 32 /dev/urandom | tr -d ' \n') 5 + echo "$SEED" > "$1" 6 + HASH=$(echo -n "$SEED" | sha256sum | cut -d" " -f1) 7 + echo "#define RANDSTRUCT_HASHED_SEED \"$HASH\"" > "$2"
+5 -4
security/Kconfig.hardening
··· 284 284 tools like Volatility against the system (unless the kernel 285 285 source tree isn't cleaned after kernel installation). 286 286 287 - The seed used for compilation is located at 288 - scripts/randomize_layout_seed.h. It remains after a "make clean" 289 - to allow for external modules to be compiled with the existing 290 - seed and will be removed by a "make mrproper" or "make distclean". 287 + The seed used for compilation is in scripts/basic/randomize.seed. 288 + It remains after a "make clean" to allow for external modules to 289 + be compiled with the existing seed and will be removed by a 290 + "make mrproper" or "make distclean". This file should not be made 291 + public, or the structure layout can be determined. 291 292 292 293 config RANDSTRUCT_NONE 293 294 bool "Disable structure layout randomization"