[cfe-dev] Implementing linux randstruct plugin for clang?

Friedman, Eli via cfe-dev cfe-dev at lists.llvm.org
Fri Sep 22 14:38:02 PDT 2017 

On 9/22/2017 1:28 PM, Hal Finkel wrote:
>
> On 09/22/2017 02:05 PM, Friedman, Eli via cfe-dev wrote:
>> On 9/22/2017 8:49 AM, Vlad Tsyrklevich wrote:
>>> I thought a little about implementing PAX_RANDSTRUCT for clang a 
>>> couple months back but I didn't get to the point where I implemented 
>>> anything. My notes indicate that my two ideas at the time I left it 
>>> were: (1) see if there's a point between parsing and codegen that a 
>>> clang plugin could insert a TreeTransform to rewrite struct 
>>> definitions, or (2) perform randomization as an LLVM pass that 
>>> rewrites types and the GEPs, GVs, etc. referencing those types.
>>>
>>> For approach #2 you would need to hook into offsetof()--Linux 
>>> defines offsetof() as both __builtin_offsetof() and ((size_t) 
>>> &((TYPE *)0)->MEMBER) in different places. The latter would 
>>> transform into a GEP and shouldn't require special casing, while the 
>>> former might mean it's not doable as an LLVM pass alone. Thinking 
>>> about it now, if you wanted to implement the unoptimized version of 
>>> RANDSTRUCT (where elements are randomized across cache lines) you 
>>> would also need to hook into sizeof() as well. I might be missing 
>>> other code constructs that would further complicate the pass approach.
>>
>> The very latest point you can reorder the members of a struct without 
>> imposing weird restrictions is in RecordLayoutBuilder (which is run 
>> as part of semantic analysis). After that, constant-folding of 
>> sizeof/offsetof/etc. starts happening.
>
> How does this work across translation units?
>

The way the gcc plugin works is that there's a global seed, generated by 
the build system, which is passed to the compiler.  The order of a 
struct only varies based on the global seed and properties of the struct 
itself, so every translation unit will consistently shuffle a given 
struct the same way.

-Eli

-- 
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project

More information about the cfe-dev mailing list