[0/6] randstruct: Enable Clang support

Message ID	20220503205503.3054173-1-keescook@chromium.org (mailing list archive)
Headers	show Return-Path: <linux-kbuild-owner@kernel.org> From: Kees Cook <keescook@chromium.org> To: Bill Wendling <morbo@google.com> Cc: Kees Cook <keescook@chromium.org>, Masahiro Yamada <masahiroy@kernel.org>, Nick Desaulniers <ndesaulniers@google.com>, David Howells <dhowells@redhat.com>, Jeff Layton <jlayton@kernel.org>, linux-kernel@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-hardening@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 0/6] randstruct: Enable Clang support Date: Tue, 3 May 2022 13:54:57 -0700 Message-Id: <20220503205503.3054173-1-keescook@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	randstruct: Enable Clang support \| expand [0/6] randstruct: Enable Clang support [1/6] netfs: Eliminate Clang randstruct warning [2/6] sancov: Split plugin build from plugin CFLAGS [3/6] randstruct: Reorganize Kconfigs and attribute macros [4/6] randstruct: Split randstruct Makefile and CFLAGS [5/6] randstruct: Move seed generation into scripts/basic/ [6/6] randstruct: Enable Clang support

Message ID

20220503205503.3054173-1-keescook@chromium.org (mailing list archive)

Headers

From: Kees Cook <keescook@chromium.org>
To: Bill Wendling <morbo@google.com>
Cc: Kees Cook <keescook@chromium.org>,
        Masahiro Yamada <masahiroy@kernel.org>,
        Nick Desaulniers <ndesaulniers@google.com>,
        David Howells <dhowells@redhat.com>,
        Jeff Layton <jlayton@kernel.org>, linux-kernel@vger.kernel.org,
        linux-kbuild@vger.kernel.org, linux-hardening@vger.kernel.org,
        llvm@lists.linux.dev
Subject: [PATCH 0/6] randstruct: Enable Clang support
Date: Tue,  3 May 2022 13:54:57 -0700
Message-Id: <20220503205503.3054173-1-keescook@chromium.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

randstruct: Enable Clang support | expand

Message

Kees Cook May 3, 2022, 8:54 p.m. UTC

Hi,

This enables Clang's recently added structure layout randomization
support, similar to the existing kernel-specific GCC plugin. The general
Makefile and Kconfig changes are mainly mechanical (moving options
around), but the random seed generation changes are a bit fiddly because
it needs to be created very early. I think I did this reasonably, but
I'd love some more eyes on it.

Thanks!

-Kees

Kees Cook (6):
  netfs: Eliminate Clang randstruct warning
  sancov: Split plugin build from plugin CFLAGS
  randstruct: Reorganize Kconfigs and attribute macros
  randstruct: Split randstruct Makefile and CFLAGS
  randstruct: Move seed generation into scripts/basic/
  randstruct: Enable Clang support

 Documentation/dontdiff                       |  1 +
 Documentation/kbuild/reproducible-builds.rst |  8 +--
 Makefile                                     |  1 +
 arch/arm/vdso/Makefile                       |  2 +-
 arch/arm64/kernel/vdso/Makefile              |  3 +-
 arch/riscv/Kconfig                           |  2 +-
 arch/sparc/vdso/Makefile                     |  3 +-
 arch/x86/entry/vdso/Makefile                 |  3 +-
 arch/x86/mm/pti.c                            |  2 +-
 include/linux/compiler-gcc.h                 |  8 ---
 include/linux/compiler_types.h               | 14 ++--
 include/linux/netfs.h                        |  4 +-
 include/linux/vermagic.h                     | 10 +--
 kernel/panic.c                               |  2 +-
 scripts/Makefile.gcc-plugins                 | 22 +++---
 scripts/Makefile.randstruct                  | 17 +++++
 scripts/basic/.gitignore                     |  1 +
 scripts/basic/Makefile                       | 11 +++
 scripts/gcc-plugins/Kconfig                  | 38 ----------
 scripts/gcc-plugins/Makefile                 | 15 ++--
 scripts/gcc-plugins/gen-random-seed.sh       |  9 ---
 scripts/gen-randstruct-seed.sh               |  7 ++
 security/Kconfig.hardening                   | 73 ++++++++++++++++++++
 23 files changed, 159 insertions(+), 97 deletions(-)
 create mode 100644 scripts/Makefile.randstruct
 delete mode 100755 scripts/gcc-plugins/gen-random-seed.sh
 create mode 100755 scripts/gen-randstruct-seed.sh