Clang 15 Lands Support To Randomize Structure Layout, Linux Prepares To Use It

Written by Michael Larabel in LLVM on 18 April 2022 at 05:49 AM EDT. 16 Comments
LLVM
In matching behavior already provided by the GCC compiler, LLVM/Clang has landed "RandStruct" functionality to allow optionally randomizing the structure layout for C code.

The Clang RandStruct support is implemented similarly to GCC and intended as compile-time hardening to make it harder for attackers to retrieve data from program structures. The support can be enabled via the "-frandomize-layout-seed=" or "-frandomize-layout-seed-file=" options for providing the deterministic random seed for allowing reproducible builds.

The patch was merged last week into what will be LLVM/Clang 15 this autumn.

Meanwhile Google's Kees Cook has prepared for-next/randstruct with the Linux kernel RandStruct integration to be extended to also work with the Clang compiler. To now the Linux kernel's RandStruct support has obviously just worked with the GCC compiler for randomizing the Linux kernel's sensitive structures in the name of greater security. Look for this Clang support in for-next/randstruct to land with the Linux 5.19 kernel this summer.

Making use of the Linux kernel's RandStruct hardening can induce some performance impact but there is also a build-time tunable for trying to limit the randomization of the structure layout to cache line sized groups of members to lessen that performance cost albeit with reduced randomization.
16 Comments
Related News
LLVM 19.1-rc1 Compiler Released With More C23 / C++23 & New Intel Extensions
LLVM Clang Switches MMX Intrinsics To Use SSE2 Instead
LLVM Clang 19 Branched, LLVM 20 Enters Development- No AMD Zen 5 "Znver5" Merged Yet
LLVM Compiler Finally Ends Support For AMD's 3DNow!
LLVM Clang 19 Adds Initial "-std=c2y" Support For The Next C Standard
AMD AI Compiler Engineer Lands A Generic MLIR To SPIR-V Pass In LLVM 19
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
EXT4 Has A Very Nice Performance Optimization For Linux 6.11
systemd Talks Up Automatic Boot Assessment In Light Of The Crowdstrike-Microsoft Outage
XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
New Linux Patches Enable The Snapdragon X1 Elite Powered Lenovo ThinkPad T14s Gen 6
KDE Developers Tackle The Five Most Common Plasma Crashes
USB & Thunderbolt Improvements Land In Linux 6.11
VirtualBox 7.1 Beta Released With Modernized GUI, Wayland Support For Clipboard Sharing
NVIDIA 560 Linux Driver Beta Released - Defaults To Open GPU Kernel Modules