-
Notifications
You must be signed in to change notification settings - Fork 1
Clang randstruct Requirements
Jordan Cantrell edited this page Nov 19, 2018
·
3 revisions
-
Introductions
- Tim Pugh
- Jeff Takahashi
- Connor Kuehl
- Kees Cook
-
Background
-
Capacity
- Availability still 1pm-5pm
- Teams schedule varies
-
Announce project on mailing list?
- Avoid duplicated labor
- Possibly solicit advice
-
Full Randomization
- All structures marked with "__randomize_layout" have their field positions randomized, including bit fields.
- Reproducible random number (same seed needs to be saved as part of the build)
- Programs report field location manually (structure layout in gcc happens before plugin invocation)
- Keep an eye out for sassy gdb
- All structures marked with "__randomize_layout" have their field positions randomized, including bit fields.
-
Performance-sensitive randomization (possible stretch)
- Best-effort limit randomization to cache-line (64 byte) size regions, keep adjacent bit-fields together.
-
Automatic structure selection (possible stretch)
- Find structures that should be automatically selected (for example, structures of entirely function pointers), disabled with "__no_randomize_layout".
-
Regression tests
- Since the randomization must be stable from source-to-source, the randomization seed needs to be externally recorded (i.e. it is a build artifact).
- Regression tests to check all the corner cases should be built and included in the implementation (i.e. hooked to the standard LLVM/Clang regression tests)
-
Publish this, regardless of upstream acceptance
-
Goal: upstream in LLVM/Clang!
- Submit work upstream for review
- Implement changes based on feedback
- Repeat until accepted into LLVM/Clang upstream
-
Kees -- possibly assist in finding right person to ask a question to in the event of us getting blocked
Full Random → Regression testing → upstream Automatic structure selection → performance randomization
Sign off:
Sponsor: Kees Cook
Team lead: Tim Pugh
Member: Connor Kuehl
Member: Jeff Takahashi