[randstruct] Add randomize structure layout support
The Randstruct feature is a compile-time hardening technique that randomizes the field layout for designated structures of a code base. Admittedly, this is mostly useful for closed-source releases of code, since the randomization seed would need to be available for public and open source applications. Why implement it? This patch set enhances Clang’s feature parity with that of GCC which already has the Randstruct feature. It's used by the Linux kernel in certain structures to help thwart attacks that depend on structure layouts in memory. This patch set is a from-scratch reimplementation of the Randstruct feature that was originally ported to GCC. The patches for the GCC implementation can be found here: https://www.openwall.com/lists/kernel-hardening/2017/04/06/14 Link: https://lists.llvm.org/pipermail/cfe-dev/2019-March/061607.html Co-authored-by:Cole Nixon <nixontcole@gmail.com> Co-authored-by:
Connor Kuehl <cipkuehl@gmail.com> Co-authored-by:
James Foster <jafosterja@gmail.com> Co-authored-by:
Jeff Takahashi <jeffrey.takahashi@gmail.com> Co-authored-by:
Jordan Cantrell <jordan.cantrell@mail.com> Co-authored-by:
Nikk Forbus <nicholas.forbus@gmail.com> Co-authored-by:
Tim Pugh <nwtpugh@gmail.com> Co-authored-by:
Bill Wendling <isanbard@gmail.com> Signed-off-by:
Loading
Please sign in to comment