Clang 15 Lands Support To Randomize Structure Layout, Linux Prepares To Use It

Written by Michael Larabel in LLVM on 18 April 2022 at 05:49 AM EDT. 16 Comments
In matching behavior already provided by the GCC compiler, LLVM/Clang has landed "RandStruct" functionality to allow optionally randomizing the structure layout for C code.

The Clang RandStruct support is implemented similarly to GCC and intended as compile-time hardening to make it harder for attackers to retrieve data from program structures. The support can be enabled via the "-frandomize-layout-seed=" or "-frandomize-layout-seed-file=" options for providing the deterministic random seed for allowing reproducible builds.

The patch was merged last week into what will be LLVM/Clang 15 this autumn.

Meanwhile Google's Kees Cook has prepared for-next/randstruct with the Linux kernel RandStruct integration to be extended to also work with the Clang compiler. To now the Linux kernel's RandStruct support has obviously just worked with the GCC compiler for randomizing the Linux kernel's sensitive structures in the name of greater security. Look for this Clang support in for-next/randstruct to land with the Linux 5.19 kernel this summer.

Making use of the Linux kernel's RandStruct hardening can induce some performance impact but there is also a build-time tunable for trying to limit the randomization of the structure layout to cache line sized groups of members to lessen that performance cost albeit with reduced randomization.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week