[tor-bugs] #17815 [Tor]: [PATCH] eliminate modulo bias in OpenBSD's malloc

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Dec 11 22:39:46 UTC 2015 

#17815: [PATCH] eliminate modulo bias in OpenBSD's malloc
--------------------+------------------------------------
 Reporter:  logan   |          Owner:
     Type:  defect  |         Status:  needs_information
 Priority:  Medium  |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor     |        Version:
 Severity:  Normal  |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------
Changes (by teor):

 * status:  needs_revision => needs_information


Comment:

 Replying to [comment:4 logan]:
 > Uploading my latest patch. I am hitting a build issue. I don't have any
 of the "warning: implicit declaration", as I'm using "crypto.h", but at
 link time, it has issues:
 >
 > src/common/libor.a(OpenBSD_malloc_Linux.o): In function `malloc_bytes':
 > /home/logan/tor/src/ext/OpenBSD_malloc_Linux.c:1191: undefined reference
 to `crypto_rand_int_range'
 > collect2: error: ld returned 1 exit status
 > Makefile:2880: recipe for target 'src/tools/tor-resolve' failed
 > make[1]: *** [src/tools/tor-resolve] Error 1
 > make[1]: Leaving directory '/home/logan/tor'
 > Makefile:1868: recipe for target 'all' failed
 > make: *** [all] Error 2

 tor-resolve doesn't link in crypto.o.

 I'm not sure how to proceed with this patch:
 * I am concerned that calling crypto_rand_int() every time we allocate
 bytes might slow down performance dramatically. Are there malloc() tests
 in src/test/bench you could use to verify this?
 * I don't think we want to make every tor tool depend on OpenSSL (crypto.o
 depends on OpenSSL).

 Alternately:
 * If we simply call rand(), there's no point in removing modulo bias,
 because many rand() implementations have significant biases.

 I think we need to answer these questions before proceeding:

 Does tor operate with guarded memory allocations by default (or is it a
 commonly used feature)?

 Do we need the random locations of guard pages (and guarded allocations)
 to be cryptographically random and/or unbiased?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17815#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list