Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

Mozilla patched mingw-w64 to allow the specification of "high-entropy" ASLR, which is an extra hardened ASLR option on Windows. Not sure if this flag only applies to 64bit builds. I think it might.

Here's their ticket: https://github.com/rust-lang/rust/issues/16593 and the patch: https://sourceware.org/ml/binutils/2014-08/msg00167.html and it's approval by the Binutils team: https://sourceware.org/ml/binutils/2014-08/msg00177.html

added TorBrowserTeam201908 boklm201811 component::applications/tor browser gitlab-tb-tor-browser-build owner::tbb-team priority::very high severity::normal status::needs-revision tbb-rbm tbb-security type::enhancement labels

Trac:
Cc: N/A to tom@ritter.vg

Trac:
Cc: tom@ritter.vg to tom@ritter.vg, gk

Trac:
Keywords: N/A deleted, tbb-security added
Parent: #10065 (moved) to N/A

Trac:
Keywords: N/A deleted, tbb-hardening added

Trac:
Keywords: tbb-hardening deleted, tbb-hardened added

High Entropy is achievable with 64-bit address space only: http://blogs.technet.com/b/srd/archive/2013/12/11/software-defense-mitigating-common-exploitation-techniques.aspx binutils 2.25: https://ffmpeg.org/pipermail/ffmpeg-cvslog/2015-September/094027.html

Trac:
Severity: N/A to Normal
Sponsor: N/A to N/A

It's not related to tbb-hardened at all. Also don't forget to fulfil all its requirements, or its protection might be reduced.

Trac:
Reviewer: N/A to N/A
Owner: erinn to tbb-team
Status: new to assigned
Component: Applications/Tor bundles/installation to Applications/Tor Browser
Keywords: tbb-hardened deleted, ff52-esr added
Summary: Specify high-entropy ASLR in MinGW-W64 to Specify HEASLR (High Entropy Address Space Layout Randomization) in MinGW-w64

Trac:
Keywords: ff52-esr deleted, tbb-hardened added

Trac:
Keywords: tbb-hardened deleted, tbb-rbm added

Assuming we have 64bit builds for Windows ready when switching to esr59 set the proper keyword to put it on that radar.

Trac:
Keywords: N/A deleted, ff59-esr added

Firefox 60 is the new ESR.

Trac:
Keywords: ff59-esr deleted, ff60-esr added

Trac:
Cc: tom@ritter.vg, gk to tom@ritter.vg, gk, boklm
Keywords: N/A deleted, TorBrowserTeam201804, boklm201804 added
Priority: Medium to High

boklm201804 -> boklm201805

Trac:
Keywords: boklm201804 deleted, boklm201805 added

Move our roadmap tickets to May.

Trac:
Keywords: TorBrowserTeam201804 deleted, TorBrowserTeam201805 added

Trac:
Parent: N/A to #24631 (moved)

There is a patch for review in branch bug_12968, adding the -Wl,--high-entropy-va flag in the Windows x86_64 build: https://gitweb.torproject.org/user/boklm/tor-browser-build.git/commit/?h=bug_12968&id=e61271539c985974e95e486b8736dd3a7049516c

Trac:
Status: assigned to needs_review
Keywords: TorBrowserTeam201805 deleted, TorBrowserTeam201805R added

Replying to boklm:

There is a patch for review in branch bug_12968, adding the -Wl,--high-entropy-va flag in the Windows x86_64 build:

That might not be enough, see the ffmpeg link in comment:6. I guess we need at least -Wl,--image-base,0x140000000 additionally?

Is there some way to check that we are good by inspecting the binary?

Replying to gk:

Replying to boklm:

There is a patch for review in branch bug_12968, adding the -Wl,--high-entropy-va flag in the Windows x86_64 build:

That might not be enough, see the ffmpeg link in comment:6. I guess we need at least -Wl,--image-base,0x140000000 additionally?

Oh, and if that breaks compilation we might need to backport https://github.com/gcc-mirror/gcc/commit/f47fc7ef7f52cd095e636d4f93cca052427f3f0a.patch

Moving review tickets to June.

Trac:
Keywords: TorBrowserTeam201805R deleted, TorBrowserTeam201806R added