[tor-bugs] #23591 [Applications]: Build Tor and Tor Browser with -mmitigate-rop

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Sep 20 04:19:08 UTC 2017


#23591: Build Tor and Tor Browser with -mmitigate-rop
------------------------------+--------------------
     Reporter:  cypherpunks   |      Owner:  (none)
         Type:  enhancement   |     Status:  new
     Priority:  Low           |  Milestone:
    Component:  Applications  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------
 GCC 6 has a new option, `-mmitigate-rop`, which modifies the generated
 code to make finding ROP gadgets a bit harder. This is ''not'' CFI and
 does not provide strong protections, but it's better than nothing and is
 easier to use than alternatives, given that it doesn't require modifying
 source code for compatibility or loading a new runtime.

 >-mmitigate-rop
 >    Try to avoid generating code sequences that contain unintended
 >    return opcodes, to mitigate against certain forms of attack. At the
 >    moment, this option is limited in what it can do and should not be
 >    relied on to provide serious protection.

 I suppose someone should try compiling Tor with this and scan for ROP
 gadgets using popular ROP compilers on it.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23591>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list