[tor-bugs] #20940 [Applications/Tor Browser Sandbox]: Consider deprecating x86 support.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 10 04:14:44 UTC 2016
#20940: Consider deprecating x86 support.
--------------------------------------------------+---------------------
Reporter: yawning | Owner: yawning
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
--------------------------------------------------+---------------------
There's lots of reasons why this is a good idea:
* Weaker ASLR.
* Seccomp related headaches.
* I wanted to use `gosecco` to do runtime seccomp rule generation, but
it only supports amd64.
* `libseccomp2` shipped on Debian stable generates wrong code on amd64,
so the current workaround of pre-generating compiled bpf at build time
using `libseccomp2` from backports precludes runtime code generation,
degrading sandbox effectiveness across all platforms.
* x86 systems can't effectively filter out arguments to a lot of socket
related system calls because of `socketcall()`.
* Supporting hardware I don't have, running software I don't use, to
ultimately obtain results that are empirically worse than the other
supported platform is a poor use of development time.
* Tails gave up on supporting 32 bit userland
(https://labs.riseup.net/code/issues/8183).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20940>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list