#23357: Build with non-Cross-DSO CFI ----------------------------------------+---------------------------------- Reporter: shawn.webb | Owner: (none) Type: enhancement | Status: needs_revision Priority: Medium | Milestone: Tor: | 0.3.2.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: security, defence-in-depth | Actual Points: Parent ID: | Points: 1.0 Reviewer: | Sponsor: ----------------------------------------+----------------------------------
Comment (by shawn.webb): > When we configure with a recent clang/llvm and --enable-cfi, then compile .o files and link them together into the tor binary, does non- Cross-DSO CFI work for that binary? Yup. One problem with trying to use CFI with both static and dynamic libraries is that you need to use llvm-ar, llvm-nm, and llvm-objdump as your ar, nm, and objdump applications. This is because compiling with CFI will cause clang to output intermediate object files as LLVM bitcode files instead of ELF object files. The ar, nm, and objdump applications that come on most (all?) operating systems only support ELF. Essentially, the whole compiler toolchain must be switched over to the entire llvm tool suite. So, what I can do, is expand the patch to apply the CFLAGS and LDFLAGS to more of the applications (rather than just tor). This way, we skip applying CFI to the library code (even though the libraries in the codebase get statically linked). -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23357#comment:11> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs