[tor-bugs] #12523 [Applications/Tor Browser]: Backport Firefox patch to mark JIT pages as non-writable

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 3 21:35:43 UTC 2016


#12523: Backport Firefox patch to mark JIT pages as non-writable
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  mcs
     Type:  enhancement                          |         Status:
 Priority:  Medium                               |  needs_review
Component:  Applications/Tor Browser             |      Milestone:
 Severity:  Normal                               |        Version:
 Keywords:  tbb-security, tbb-firefox-patch,     |     Resolution:
  tbb-hardened, TorBrowserTeam201606R            |  Actual Points:
Parent ID:  #12653                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by mcs):

 Replying to [comment:20 arthuredelstein]:
 > I frankly don't understand the JIT code at all, but the backports here
 don't have any errors that I can see. If I understand correctly, we need
 to add a --non-writable-jitcode flag to our mozconfigs for this to take
 effect.

 At first I agreed with you, but now I do not think we need to add anything
 to our mozconfigs. Because of the following statement inside
 js/src/jit/ExecutableAllocator.cpp, this feature is always turned on:
  bool ExecutableAllocator::nonWritableJitCode = true;
 This is the patch that makes that always so:
  https://gitweb.torproject.org/user/brade/tor-
 browser.git/commit/?h=bug12523-01&id=da628e779cfcbc70e6dde45b09bdc2495d10570a

 Or -- I am misunderstanding something.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12523#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list