[tor-bugs] #23357 [Core Tor/Tor]: Build with non-Cross-DSO CFI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 30 02:41:48 UTC 2017
#23357: Build with non-Cross-DSO CFI
----------------------------------------+----------------------------------
Reporter: shawn.webb | Owner: (none)
Type: enhancement | Status: needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: security, defence-in-depth | Actual Points:
Parent ID: | Points: 1.0
Reviewer: | Sponsor:
----------------------------------------+----------------------------------
Comment (by shawn.webb):
CFLAGS isn't set by that point, so autoconf will complain with an error
that `+=` was used instead of `=`.
I would probably leave this as a separate flag, given this needs both
explicit compiler and linker support. CFI is still under development by
the clang/llvm folks, too.
As an FYI, I've committed this patch to the HardenedBSD ports tree in case
anyone wants to play with it on HardenedBSD 12-CURRENT/amd64. I'm about to
deploy it on my public relay, which also serves as a transparent proxy for
my entire home LAN.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23357#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list