[tor-bugs] #23357 [Core Tor/Tor]: Build with non-Cross-DSO CFI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 30 03:02:07 UTC 2017
#23357: Build with non-Cross-DSO CFI
----------------------------------------+----------------------------------
Reporter: shawn.webb | Owner: (none)
Type: enhancement | Status: needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: security, defence-in-depth | Actual Points:
Parent ID: | Points: 1.0
Reviewer: | Sponsor:
----------------------------------------+----------------------------------
Comment (by shawn.webb):
I wouldn't enable CFI across the entire codebase right now. This patch is
specifically for non-Cross-DSO CFI.
Cross-DSO CFI requires a whole heck of a lot more work, including explicit
support from the RTLD. Once I get Cross-DSO CFI support working in
HardenedBSD (an ongoing effort), I'll likely submit a follow-up patch
here.
I don't know of any operating system today that supports Cross-DSO CFI.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23357#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list