[tor-bugs] #10281 [Applications/Tor Browser]: Investigate usage of alternate memory allocators and memory hardening options
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Dec 9 09:12:46 UTC 2016
#10281: Investigate usage of alternate memory allocators and memory hardening
options
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner:
| arthuredelstein
Type: enhancement | Status:
| needs_information
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, tbb-hardened, | Actual Points:
TorBrowserTeam201612R |
Parent ID: | Points:
Reviewer: | Sponsor:
| SponsorU
-------------------------------------------------+-------------------------
Comment (by arthuredelstein):
Replying to [comment:40 arthuredelstein]:
> Unfortunately, when I include just the 4 patches from comment:29 and use
`MOZ_JEMALLOC4=1`, I get build errors.
Apparently I was doing something wrong here. When I wiped everything
again, the build worked fine with the 4 patches from comment:29. Sorry for
my confusion!
Here's a new version, using the 4 patches from comment:29 to upgrade to
jemalloc 4.3.1. Then my additional patch enables jemalloc4 as the memory
allocator and activates aborts on redzones.
https://github.com/arthuredelstein/tor-browser/commits/10281+3
And here is the same extra test patch, again. I get the same results as in
comment:39:
https://github.com/arthuredelstein/tor-browser/commit/10281+3_check
Something Yawning pointed out is that redzones will no longer be available
in jemalloc 5:
https://github.com/jemalloc/jemalloc/issues/369
But given that Firefox 52 still uses jemalloc 4.x, we should be OK for all
of 2017. I see redzones as a stopgap while we continue to look for better
options.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10281#comment:41>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list