Commit 595b893e authored by Kees Cook's avatar Kees Cook
Browse files

randstruct: Reorganize Kconfigs and attribute macros 



In preparation for Clang supporting randstruct, reorganize the Kconfigs,
move the attribute macros, and generalize the feature to be named
CONFIG_RANDSTRUCT for on/off, CONFIG_RANDSTRUCT_FULL for the full
randomization mode, and CONFIG_RANDSTRUCT_PERFORMANCE for the cache-line
sized mode.

Cc: linux-hardening@vger.kernel.org
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220503205503.3054173-4-keescook@chromium.org
parent d3646589

Documentation/kbuild/reproducible-builds.rst

+3 −4
Original line number Diff line number Diff line
@@ -99,10 +99,9 @@ unreproducible parts can be treated as sources: 
Structure randomisation

-----------------------



If you enable ``CONFIG_GCC_PLUGIN_RANDSTRUCT``, you will need to

pre-generate the random seed in

``scripts/gcc-plugins/randomize_layout_seed.h`` so the same value

is used in rebuilds.

If you enable ``CONFIG_RANDSTRUCT``, you will need to pre-generate

the random seed in ``scripts/gcc-plugins/randomize_layout_seed.h``

so the same value is used in rebuilds.



Debug info conflicts

--------------------

arch/riscv/Kconfig

+1 −1
Original line number Diff line number Diff line
@@ -468,7 +468,7 @@ config CC_HAVE_STACKPROTECTOR_TLS 


config STACKPROTECTOR_PER_TASK

	def_bool y

	depends on !GCC_PLUGIN_RANDSTRUCT

	depends on !RANDSTRUCT

	depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_TLS



config PHYS_RAM_BASE_FIXED

arch/x86/mm/pti.c

+1 −1
Original line number Diff line number Diff line
@@ -540,7 +540,7 @@ static inline bool pti_kernel_image_global_ok(void) 
	 * cases where RANDSTRUCT is in use to help keep the layout a

	 * secret.

	 */

	if (IS_ENABLED(CONFIG_GCC_PLUGIN_RANDSTRUCT))

	if (IS_ENABLED(CONFIG_RANDSTRUCT))

		return false;



	return true;

include/linux/compiler-gcc.h

+0 −8
Original line number Diff line number Diff line
@@ -66,14 +66,6 @@ 
		__builtin_unreachable();	\

	} while (0)



#if defined(RANDSTRUCT_PLUGIN) && !defined(__CHECKER__)

#define __randomize_layout __attribute__((randomize_layout))

#define __no_randomize_layout __attribute__((no_randomize_layout))

/* This anon struct can add padding, so only enable it under randstruct. */

#define randomized_struct_fields_start	struct {

#define randomized_struct_fields_end	} __randomize_layout;

#endif



/*

 * GCC 'asm goto' miscompiles certain code sequences:

 *

include/linux/compiler_types.h

+7 −7
Original line number Diff line number Diff line
@@ -242,15 +242,15 @@ struct ftrace_likely_data { 
# define __latent_entropy

#endif



#ifndef __randomize_layout

#if defined(RANDSTRUCT) && !defined(__CHECKER__)

# define __randomize_layout __designated_init __attribute__((randomize_layout))

# define __no_randomize_layout __attribute__((no_randomize_layout))

/* This anon struct can add padding, so only enable it under randstruct. */

# define randomized_struct_fields_start	struct {

# define randomized_struct_fields_end	} __randomize_layout;

#else

# define __randomize_layout __designated_init

#endif



#ifndef __no_randomize_layout

# define __no_randomize_layout

#endif



#ifndef randomized_struct_fields_start

# define randomized_struct_fields_start

# define randomized_struct_fields_end

#endif