[cfe-dev] Implementing linux randstruct plugin for clang?
Friedman, Eli via cfe-dev
cfe-dev at lists.llvm.org
Thu Sep 21 18:08:27 PDT 2017
Hi all,
Recently our team was asked about the possibility of implementing
functionality equivalent to the Linux kernel's randstruct gcc plugin for
clang. Essentially, what the plugin does is modify the AST to put the
members of structs marked with "__attribute__((randomize_layout))" in a
random order (order chosen at compile-time, and controlled by a provided
seed). The idea is that this provides security hardening by making it
harder for an attacker to guess where a field is stored in memory. See
https://lwn.net/Articles/722293/ for more details.
I can see the following possible approaches for implementing this with
clang:
1. A source-rewriting plugin which generates a new version of the source
code with reordered structs. This probably doesn't require any changes
to clang itself, but it introduces a bunch of complexity interacting
with the build system for a project.
2. Some new kind of plugin which hooks deeply into semantic analysis;
not sure what this would look like.
3. Modifying clang's structure layout code. This is probably easiest to
write the code for, but merging it to the clang repo would require
consensus that this is actually generally useful.
Has anyone else looked at this?
-Eli
--
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project
More information about the cfe-dev
mailing list