randstruct: Enable Clang support (035f7f87) · Commits · EulixOS / Software / Kernel

scripts/Makefile.randstruct

+3 −0

Original line number	Diff line number	Diff line
		@@ -7,6 +7,9 @@ randstruct-cflags-y \
		+= -fplugin=$(objtree)/scripts/gcc-plugins/randomize_layout_plugin.so
		randstruct-cflags-$(CONFIG_RANDSTRUCT_PERFORMANCE) \
		+= -fplugin-arg-randomize_layout_plugin-performance-mode
		else
		randstruct-cflags-y \
		+= -frandomize-layout-seed-file=$(objtree)/scripts/basic/randstruct.seed
		endif

		export RANDSTRUCT_CFLAGS := $(randstruct-cflags-y)

+12 −2

Original line number	Diff line number	Diff line
		@@ -266,9 +266,12 @@ config ZERO_CALL_USED_REGS

		endmenu

		config CC_HAS_RANDSTRUCT
		def_bool $(cc-option,-frandomize-layout-seed-file=/dev/null)

		choice
		prompt "Randomize layout of sensitive kernel structures"
		default RANDSTRUCT_FULL if COMPILE_TEST && GCC_PLUGINS
		default RANDSTRUCT_FULL if COMPILE_TEST && (GCC_PLUGINS \|\| CC_HAS_RANDSTRUCT)
		default RANDSTRUCT_NONE
		help
		If you enable this, the layouts of structures that are entirely
		@@ -297,13 +300,20 @@ choice

		config RANDSTRUCT_FULL
		bool "Fully randomize structure layout"
		depends on GCC_PLUGINS
		depends on CC_HAS_RANDSTRUCT \|\| GCC_PLUGINS
		select MODVERSIONS if MODULES
		help
		Fully randomize the member layout of sensitive
		structures as much as possible, which may have both a
		memory size and performance impact.

		One difference between the Clang and GCC plugin
		implementations is the handling of bitfields. The GCC
		plugin treats them as fully separate variables,
		introducing sometimes significant padding. Clang tries
		to keep adjacent bitfields together, but with their bit
		ordering randomized.

		config RANDSTRUCT_PERFORMANCE
		bool "Limit randomization of structure layout to cache-lines"
		depends on GCC_PLUGINS