Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, boklm201811,  |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Note: the HEALSR part for our PTs which are written in `Go` needs to get
 addressed separately. For `obfs4` we have #31716.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, boklm201811,  |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 FWIW the plan here is to switch for the remaining executables/dlls we
 expose to mingw-w64-clang, which is doing The Right Thing for 64bit by
 default.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, boklm201811,  |  Actual Points:
  TorBrowserTeam201901   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 We'll get that with #29318 resolved.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, boklm201807,  |  Actual Points:
  TorBrowserTeam201808   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-security, tbb-rbm, ff60-esr, boklm201807,
 TorBrowserTeam201808 => tbb-security, tbb-rbm, boklm201807,
 TorBrowserTeam201808


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201807, TorBrowserTeam201808  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * parent:  #24631 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201807, TorBrowserTeam201808  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 A comment from the blog about what we ship
 (https://blog.torproject.org/comment/276498#comment-276498):
 {{{
 You've only set the bit in executables, but it's possible to force heaslr
 flag (but not heaslr) on the app even without it. However, you should know
 it is opt-in only. So, no heaslr for now.
 Also, you missed libssp-0.dll.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201807, TorBrowserTeam201808  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by heaslr):

 Replying to [comment:32 gk]:
 > Replying to [comment:16 boklm]:
 > > There is a patch for review in branch `bug_12968`, adding the `-Wl
 ,--high-entropy-va` flag in the Windows x86_64 build:
 Windows has protections from cheaters like you who set that bit in
 executables by linker or by notepad ;)

 Replying to [comment:26 sukhbir]:
 > I tried (today) with `-mcmodel=medium`, `-mcmodel=large` (both with
 boklm's changes above and the GCC patch) and we have a similar if not the
 same error.
 Never try to change something which effect you don't know: we don't want
 executables >2 GiB, even for data. Also for you ->
 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=46125
 > As to why it works for ffmpeg, it seems they are using the same flags so
 I am not sure; I am going to compare the toolchain and see if there is a
 difference there.
 https://sourceware.org/bugzilla/show_bug.cgi?id=15444
 You were asked many times to stop using debug-grade gcc's crap in
 production code ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201807, TorBrowserTeam201808  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:16 boklm]:
 > There is a patch for review in branch `bug_12968`, adding the `-Wl
 ,--high-entropy-va` flag in the Windows x86_64 build:
 > https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_12968=e61271539c985974e95e486b8736dd3a7049516c

 I cherry-picked that one to have it in the upcoming alpha (8.0a10) while
 we still try to solve the remaining issue with our proposed fix. (commit
 f7247cca852ce5f9cce092ca82cb92efbbba611d on `master` has boklm's patch)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201807  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * priority:  High => Very High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sukhbir):

 (EDIT: When I said that they are using the same flags, they are building
 with `--image-base,0x14000` and that works for them. It seemed like I
 said they are building with `mcmodel` but that's not what I meant.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sukhbir):

 Replying to [comment:25 gk]:
 > Replying to [comment:24 sukhbir]:
 > > As an update, I have been trying to build and find a solution for this
 with boklm's changes above, and it fails with a similar error to the one
 boklm had.
 > >
 > > As per the `ffmpeg` commit, they apply `--image-base,0x14000` to
 get a higher entropy for HEASLR. Since that is not working for us, how
 about we just go with `-Wl,--high-entropy-va` for now till we find a
 solution?
 >
 > What prevents us from finding that out now? Did you try to use
 `-mcmodel=medium` or `-mcmodel=large`? Why is ffpmeg not hitting the dwarf
 related problem in the first place? I.e. why is the linker not complaining
 for them?

 I tried (today) with `-mcmodel=medium`, `-mcmodel=large` (both with
 boklm's changes above and the GCC patch) and we have a similar if not the
 same error. As to why it works for ffmpeg, it seems they are using the
 same flags so I am not sure; I am going to compare the toolchain and see
 if there is a difference there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:24 sukhbir]:
 > As an update, I have been trying to build and find a solution for this
 with boklm's changes above, and it fails with a similar error to the one
 boklm had.
 >
 > As per the `ffmpeg` commit, they apply `--image-base,0x14000` to get
 a higher entropy for HEASLR. Since that is not working for us, how about
 we just go with `-Wl,--high-entropy-va` for now till we find a solution?

 What prevents us from finding that out now? Did you try to use
 `-mcmodel=medium` or `-mcmodel=large`? Why is ffpmeg not hitting the dwarf
 related problem in the first place? I.e. why is the linker not complaining
 for them?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sukhbir):

 As an update, I have been trying to build and find a solution for this
 with boklm's changes above, and it fails with a similar error to the one
 boklm had.

 As per the `ffmpeg` commit, they apply `--image-base,0x14000` to get a
 higher entropy for HEASLR. Since that is not working for us, how about we
 just go with `-Wl,--high-entropy-va` for now till we find a solution?

 There are other "solutions", that use `-Wl,--image-base,0x1000`
 instead (and rebase the address later?) and that seems to work, for the
 build and for the final EXE as well. However, this comes with its own set
 of caveats: https://www.cygwin.com/ml/cygwin-apps/2013-05/msg00134.html is
 the thread that talks about this.

 For inspecting the binary, as per https://bugs.debian.org/cgi-
 bin/bugreport.cgi?bug=836365, I inspected both with `-Wl,--image-
 base,0x1000` and `-Wl,--high-entropy-va`:

 {{{
 $ readpe firefox.exe | grep DLL
 DLL characteristics: 0x160
 }}}

 Indicates that HEASLR was applied in both cases, so if anything, we lose
 out on the extra entropy?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by sukhbir):

 * cc: sukhbir (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201806, boklm201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 I tried adding `-Wl,--image-base,0x14000` to the flags. However the
 firefox build fails with errors such as:
 {{{
 Executing: /var/tmp/dist/mingw-w64/helpers/x86_64-w64-mingw32-g++
 -std=gnu++11 -mwindows -shared -Wl,--out-implib -Wl,liblgpllibs.a -o
 lgpllibs.dll module.res -specs=/va
 r/tmp/dist/mingw-w64/msvcr100.spec -Wl,--build-id -static
 ../../../../config/external/lgpllibs/lgpllibs.def /var/tmp/build/firefox-
 f8f42fea2af3/obj-mingw/config/external
 /lgpllibs/tmpcCxggc.list ../../../mozglue/build/libmozglue.a -luuid
 -lgdi32 -lwinmm -lwsock32 -luserenv -lsecur32
 /var/tmp/build/firefox-f8f42fea2af3/obj-
 mingw/config/external/lgpllibs/tmpcCxggc.list:
 INPUT("../../../media/libav/avfft.o")
 INPUT("../../../media/libav/fft_fixed.o")
 INPUT("../../../media/libav/dict.o")
 INPUT("../../../media/libav/opt.o")
 INPUT("../../../media/libav/Unified_c_media_libav0.o")
 INPUT("../../../media/libav/Unified_c_media_libav1.o")
 INPUT("../../../media/libav/fft.o")
 INPUT("../../../media/libav/cpuid.o")
 INPUT("../../../media/libav/libavutil/x86/cpu.o")
 INPUT("../../../media/libsoundtouch/src/sse_optimized.o")
 INPUT("../../../media/libsoundtouch/src/Unified_cpp_libsoundtouch_src0.o")
 INPUT("../../../memory/fallible/fallible.o")

 ../../../media/libav/fft.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavcodec/x86/fft.asm:(.debug_info+0x6):
 relocation truncated to fit: R_X86_64_32 against `.d
 ebug_abbrev'
 ../../../media/libav/fft.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavcodec/x86/fft.asm:(.debug_info+0xc):
 relocation truncated to fit: R_X86_64_32 against `.d
 ebug_line'
 ../../../media/libav/fft.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavcodec/x86/fft.asm:(.debug_aranges+0x6):
 relocation truncated to fit: R_X86_64_32 against
 `.debug_info'
 ../../../media/libav/cpuid.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavutil/x86/cpuid.asm:(.debug_info+0x6):
 relocation truncated to fit: R_X86_64_32 against
 `.debug_abbrev'
 ../../../media/libav/cpuid.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavutil/x86/cpuid.asm:(.debug_info+0xc):
 relocation truncated to fit: R_X86_64_32 against
 `.debug_line'
 ../../../media/libav/cpuid.o:/var/tmp/build/firefox-
 f8f42fea2af3/media/libav/libavutil/x86/cpuid.asm:(.debug_aranges+0x6):
 relocation truncated to fit: R_X86_64_32 again
 st `.debug_info'
 collect2: error: ld returned 1 exit status
 /var/tmp/build/firefox-f8f42fea2af3/config/rules.mk:800: recipe for target
 'lgpllibs.dll' failed
 make[5]: *** [lgpllibs.dll] Error 1
 }}}

 It seems the part of the build which fails is not the same every time, but
 with a similar error message. Probably because of the `make -j8`.

 I tried the gcc patch adding `#define _GLIBCXX_USE_WEAK_REF 0`, however it
 does not solve the issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201805, TorBrowserTeam201806  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-security, tbb-rbm, ff60-esr, boklm201805,
 TorBrowserTeam201806R => tbb-security, tbb-rbm, ff60-esr, boklm201805,
 TorBrowserTeam201806
 * status:  needs_review => needs_revision


Comment:

 I am inclined to assume this needs actually revision.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201805, TorBrowserTeam201805R |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:17 gk]:
 > Replying to [comment:16 boklm]:
 > > There is a patch for review in branch `bug_12968`, adding the `-Wl
 ,--high-entropy-va` flag in the Windows x86_64 build:
 >
 > That might not be enough, see the ffmpeg link in comment:6. I guess we
 need at least `-Wl,--image-base,0x14000` additionally?

 Oh, and if that breaks compilation we might need to backport
 https://github.com/gcc-
 mirror/gcc/commit/f47fc7ef7f52cd095e636d4f93cca052427f3f0a.patch

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201805, TorBrowserTeam201805R |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:16 boklm]:
 > There is a patch for review in branch `bug_12968`, adding the `-Wl
 ,--high-entropy-va` flag in the Windows x86_64 build:

 That might not be enough, see the ffmpeg link in comment:6. I guess we
 need at least `-Wl,--image-base,0x14000` additionally?

 Is there some way to check that we are good by inspecting the binary?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201805, TorBrowserTeam201805R |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-security, tbb-rbm, ff60-esr, boklm201805,
 TorBrowserTeam201805 => tbb-security, tbb-rbm, ff60-esr, boklm201805,
 TorBrowserTeam201805R
 * status:  assigned => needs_review


Comment:

 There is a patch for review in branch `bug_12968`, adding the `-Wl,--high-
 entropy-va` flag in the Windows x86_64 build:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_12968=e61271539c985974e95e486b8736dd3a7049516c

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  boklm201805, TorBrowserTeam201805  |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * parent:   => #24631


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+-
 Reporter:  mikeperry|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff60-esr, |  Actual Points:
  TorBrowserTeam201804, boklm201804  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-security, tbb-rbm, ff60-esr => tbb-security, tbb-rbm,
 ff60-esr, TorBrowserTeam201804, boklm201804
 * priority:  Medium => High
 * cc: boklm (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
-+--
 Reporter:  mikeperry|  Owner:  tbb-team
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, tbb-rbm, ff59-esr  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by gk):

 * keywords:  tbb-security, tbb-rbm => tbb-security, tbb-rbm, ff59-esr


Comment:

 Assuming we have 64bit builds for Windows ready when switching to esr59
 set the proper keyword to put it on that radar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
--+--
 Reporter:  mikeperry |  Owner:  tbb-team
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security, tbb-rbm |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  tbb-security, tbb-hardened => tbb-security, tbb-rbm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
+--
 Reporter:  mikeperry   |  Owner:  tbb-team
 Type:  enhancement | Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, tbb-hardened  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * keywords:  tbb-security, ff52-esr => tbb-security, tbb-hardened


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12968 [Applications/Tor Browser]: Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64 (was: Specify high-entropy ASLR in MinGW-W64)

[Tor Bug Tracker & Wiki]

#12968: Specify HEASLR (High Entropy Address Space Layout Randomization) in
MinGW-w64
--+--
 Reporter:  mikeperry |  Owner:  tbb-team
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security, ff52-esr|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by bugzilla):

 * status:  new => assigned
 * owner:  erinn => tbb-team
 * component:  Applications/Tor bundles/installation => Applications/Tor
 Browser
 * keywords:  tbb-security, tbb-hardened => tbb-security, ff52-esr


Comment:

 It's not related to tbb-hardened at all.
 Also don't forget to fulfil all its requirements, or its protection might
 be reduced.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs