[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #18901 [Core Tor/Tor]: Should we stop appling --enable-expensive-hardening to constant-time code ?
#18901: Should we stop appling --enable-expensive-hardening to constant-time code ?
------------------------------+---------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: 029-backport 029-proposed
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+---------------------------------------
The ubsan and asan options introduce branch instructions all over the
place. Although these branches are never actually taken in by code that
doesn't immediately crash, I'm concerned that they might make our
constant-time code less constant-time, with a suitably weird branch
predictor.
(I have no evidence that this is actually happening, but the whole
situation is a confusing mess.)
Out of an abundance of caution, I'd suggest that we make those options
apply only to the non-constant-time code
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18901>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs