[tor-bugs] #23357 [Core Tor/Tor]: Build with non-Cross-DSO CFI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 30 02:21:23 UTC 2017
#23357: Build with non-Cross-DSO CFI
------------------------------+--------------------
Reporter: shawn.webb | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------
Control Flow Integrity is an exploit mitigation. clang/llvm has a CFI
implementation that can be used on hardened operating systems like
HardenedBSD.
When lld is the compiler, non-Cross-DSO CFI from clang/llvm can be used.
I've tested this on HardenedBSD with a very basic configuration.
Attached is a candidate patch for enabling non-Cross-DSO CFI for the core
Tor application.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23357>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list