[tor-bugs] #23357 [Core Tor/Tor]: Build with non-Cross-DSO CFI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 30 03:35:33 UTC 2017
#23357: Build with non-Cross-DSO CFI
----------------------------------------+----------------------------------
Reporter: shawn.webb | Owner: (none)
Type: enhancement | Status: needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: security, defence-in-depth | Actual Points:
Parent ID: | Points: 1.0
Reviewer: | Sponsor:
----------------------------------------+----------------------------------
Comment (by teor):
I'm going to drop the discussion about DSOs, because it doesn't answer my
question, or move us towards getting this patch revised and merged.
Here is my original question:
Replying to [comment:1 teor]:
> Why do we only enable this feature for tor itself?
> I think it would also be useful to have it enabled for:
> * fuzzing
> * unit tests
Let me try to clarify what I meant:
When we configure with a recent clang/llvm and `--enable-cfi`, then
compile `.o` files and link them together into the `tor` binary, does non-
Cross-DSO CFI work for that binary?
If so, how do we get non-Cross-DSO CFI working for the other binaries that
the tor makefiles generate? In particular, how can we get them working for
the `test` and `fuzz_*` binaries?
Is it simpler just to enable non-Cross-DSO CFI for all the binaries that
the tor makefiles generate, so we don't miss any?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23357#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list