Senior Development Project

Good Afternoon Developers,

I’m currently working on educational senior project in computer science attempting to randomize the layout of manually and automatically selected C structures.

I’m currently trying to develop the manual randomization feature and develop an automatic structure selection method (e.G. all function pointers).

Some goals of the project:

1.) Full randomization: All structures marked with “__randomize_layout” have their field positions randomized, including bit fields.

2.) Best Effort: Limit randomization to cache-line (64 byte) size regions, and keep adjacent bit-fields together.

3.) Automatic structure selection: Find structures that should be automatically selected (for example, structures of entirely function pointers), disabled with “__no_randomize_layout”.

We will of course be working on regressions tests to check all corner cases and include it in the implementation.

As the student team is new to this type of development, we hope to ask for any documentation, guidance or items to be on the lookout for. We are curious if a plugin may be capable of doing the listed goals, or within a LLVM pass? How would we target struct layouts in the LLVM pass?

Any and all help would be very appreciated. We are in the beginning stages of planning and look forward to any guidance.

All the best,

Tim

Neither a plugin nor an LLVM pass would work well, probably. The structure layout computation is tightly integrated into clang's semantic analysis, as part of various other computations like constant evaluation. So there are basically two options. One option is to write a tool to perform a source-to-source transform. You can use clang as a library for this; see https://clang.llvm.org/docs/#using-clang-as-a-library . The other option is to modify clang to randomize the structure layout when it's initially computed, in ASTContext::getASTRecordLayout.

This was discussed in http://lists.llvm.org/pipermail/cfe-dev/2017-September/055564.html , but I haven't spent any time on it since then.

-Eli