GNU bug report logs - #27870
tor: Remove 'expensive-hardening' option.

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 27870 in the body.
You can then email your comments to 27870 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: ng0 <ng0 <at> infotropique.org>
To: guix-patches <at> gnu.org
Subject: tor: Remove 'expensive-hardening' option.
Date: Sat, 29 Jul 2017 17:31:19 +0000

[Message part 1 (text/plain, inline)]

Since no one has vetoed against this, here is my patch to
improve tor again. I had no issues in the 9+ days since
I've been using it like this (didn't expect any) and only
improvement of the current situation with tor.

Patch appended.

> ng0 writes:
> 
> > I noticed this before the contribution entered master, so this message
> > is not really a news.
> >
> > To quote myself from earlier today:
> >
> > <ng0>      I think we should revert one piece of the tor hardened build.. 3 hours
> >            uptime: 684.3 MiB + 753.0 KiB = 685.1 MiB       tor
> >
> > Comparison: my Chromium with 55 tabs open uses 2.2GB.
> >
> >  Private  +   Shared  =  RAM used       Program
> > … 
> >  12.4 MiB +   1.1 MiB =  13.4 MiB       vim
> >  15.5 MiB + 959.0 KiB =  16.4 MiB       Xorg
> >  17.3 MiB +   5.6 MiB =  22.9 MiB       guix substitute
> >  22.8 MiB +   1.3 MiB =  24.1 MiB       shepherd
> >  26.7 MiB + 551.5 KiB =  27.3 MiB       emacs-25.2
> > 131.1 MiB +   6.2 MiB = 137.3 MiB       .guix-real
> > 732.7 MiB + 932.0 KiB = 733.6 MiB       tor
> > …
> > uptime: 6:24h
> >
> > Now I wouldn't consider tor to be problematic when this would be the
> > default for tor. But it isn't, and --enable-expensive-hardening is an
> > experimental function which is not enabled by default from upstream (as
> > all our recently added config options for tor (not sure right now if all
> > are experimental, but they are not standard).
> >
> > Comparison, Debian running for a very long time (months) and using the
> > same config:
> >
> >  40.6 MiB + 486.0 KiB =  41.1 MiB       tor
> >
> >
> > I'm convinced that removing --enable-expensive-hardening will improve
> > the situation, I have watched an VM with tor without this config switch.
> > Whoever needs or wants this switch can make use of the easy way to
> > create custom packages in Guix.
> >
> > If someone else can confirm my observations, I'll prepare an patch.
> 
> The top(1) command tells me that tor is taking up just short of a
> gigabyte of RAM. I haven't tried disabling the --enable-expensive-hardening
> flag, yet.

-- 
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org

[0001-gnu-tor-Remove-enable-expensive-hardening-option.patch (text/plain, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #10 received at 27870-done <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: 27870-done <at> debbugs.gnu.org
Subject: Re: [bug#27870] tor: Remove 'expensive-hardening' option.
Date: Mon, 31 Jul 2017 17:07:55 +0200

ng0 <ng0 <at> infotropique.org> skribis:

> From 4ae53518a53b668d9ac9d0f85771bb8f8645a4f6 Mon Sep 17 00:00:00 2001
> From: ng0 <ng0 <at> infotropique.org>
> Date: Sat, 29 Jul 2017 17:26:04 +0000
> Subject: [PATCH] gnu: tor: Remove '--enable-expensive-hardening' option.
>
> * gnu/packages/tor.scm (tor)[arguments]: Remove '--enable-expensive-hardening' option.

Applied, thanks!

Tor was indeed consuming quite a bit of RAM on my laptop, so this is a
welcome change.  Now we know what they meant with “expensive”.  ;-)

Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.