From unknown Thu Aug 14 21:53:40 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#27870 <27870@debbugs.gnu.org> To: bug#27870 <27870@debbugs.gnu.org> Subject: Status: tor: Remove 'expensive-hardening' option. Reply-To: bug#27870 <27870@debbugs.gnu.org> Date: Fri, 15 Aug 2025 04:53:40 +0000 retitle 27870 tor: Remove 'expensive-hardening' option. reassign 27870 guix-patches submitter 27870 ng0 severity 27870 normal thanks From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 29 13:31:55 2017 Received: (at submit) by debbugs.gnu.org; 29 Jul 2017 17:31:55 +0000 Received: from localhost ([127.0.0.1]:33312 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dbVac-0006Gf-DI for submit@debbugs.gnu.org; Sat, 29 Jul 2017 13:31:54 -0400 Received: from eggs.gnu.org ([208.118.235.92]:56124) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dbVaX-0006GN-2j for submit@debbugs.gnu.org; Sat, 29 Jul 2017 13:31:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dbVaQ-0004Ul-Oq for submit@debbugs.gnu.org; Sat, 29 Jul 2017 13:31:35 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:39228) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dbVaQ-0004UM-KB for submit@debbugs.gnu.org; Sat, 29 Jul 2017 13:31:34 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47093) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dbVaP-0006A7-5i for guix-patches@gnu.org; Sat, 29 Jul 2017 13:31:34 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dbVaL-0004Qb-Ue for guix-patches@gnu.org; Sat, 29 Jul 2017 13:31:33 -0400 Received: from aibo.runbox.com ([91.220.196.211]:44062) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dbVaL-0004Oy-Mb for guix-patches@gnu.org; Sat, 29 Jul 2017 13:31:29 -0400 Received: from [10.9.9.210] (helo=mailfront10.runbox.com) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1dbVaJ-00077o-GG for guix-patches@gnu.org; Sat, 29 Jul 2017 19:31:27 +0200 Received: from tor-exit-4.all.de ([212.21.66.6] helo=localhost) by mailfront10.runbox.com with esmtpsa (uid:892961 ) (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) id 1dbVaD-0002eS-Rw for guix-patches@gnu.org; Sat, 29 Jul 2017 19:31:22 +0200 Date: Sat, 29 Jul 2017 17:31:19 +0000 From: ng0 To: guix-patches@gnu.org Subject: tor: Remove 'expensive-hardening' option. Message-ID: <20170729173119.e4tq43z72l6jfy74@abyayala> Mail-Followup-To: guix-patches@gnu.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7o47mwlnpm5qvklb" Content-Disposition: inline X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) --7o47mwlnpm5qvklb Content-Type: multipart/mixed; boundary="ac3rtmvqhigzxfse" Content-Disposition: inline --ac3rtmvqhigzxfse Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Since no one has vetoed against this, here is my patch to improve tor again. I had no issues in the 9+ days since I've been using it like this (didn't expect any) and only improvement of the current situation with tor. Patch appended. > ng0 writes: >=20 > > I noticed this before the contribution entered master, so this message > > is not really a news. > > > > To quote myself from earlier today: > > > > I think we should revert one piece of the tor hardened build= =2E. 3 hours > > uptime: 684.3 MiB + 753.0 KiB =3D 685.1 MiB tor > > > > Comparison: my Chromium with 55 tabs open uses 2.2GB. > > > > Private + Shared =3D RAM used Program > > =E2=80=A6=20 > > 12.4 MiB + 1.1 MiB =3D 13.4 MiB vim > > 15.5 MiB + 959.0 KiB =3D 16.4 MiB Xorg > > 17.3 MiB + 5.6 MiB =3D 22.9 MiB guix substitute > > 22.8 MiB + 1.3 MiB =3D 24.1 MiB shepherd > > 26.7 MiB + 551.5 KiB =3D 27.3 MiB emacs-25.2 > > 131.1 MiB + 6.2 MiB =3D 137.3 MiB .guix-real > > 732.7 MiB + 932.0 KiB =3D 733.6 MiB tor > > =E2=80=A6 > > uptime: 6:24h > > > > Now I wouldn't consider tor to be problematic when this would be the > > default for tor. But it isn't, and --enable-expensive-hardening is an > > experimental function which is not enabled by default from upstream (as > > all our recently added config options for tor (not sure right now if all > > are experimental, but they are not standard). > > > > Comparison, Debian running for a very long time (months) and using the > > same config: > > > > 40.6 MiB + 486.0 KiB =3D 41.1 MiB tor > > > > > > I'm convinced that removing --enable-expensive-hardening will improve > > the situation, I have watched an VM with tor without this config switch. > > Whoever needs or wants this switch can make use of the easy way to > > create custom packages in Guix. > > > > If someone else can confirm my observations, I'll prepare an patch. >=20 > The top(1) command tells me that tor is taking up just short of a > gigabyte of RAM. I haven't tried disabling the --enable-expensive-hardeni= ng > flag, yet. --=20 ng0 GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588 GnuPG: https://n0is.noblogs.org/my-keys https://www.infotropique.org https://krosos.org --ac3rtmvqhigzxfse Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-gnu-tor-Remove-enable-expensive-hardening-option.patch" Content-Transfer-Encoding: quoted-printable =46rom 4ae53518a53b668d9ac9d0f85771bb8f8645a4f6 Mon Sep 17 00:00:00 2001 =46rom: ng0 Date: Sat, 29 Jul 2017 17:26:04 +0000 Subject: [PATCH] gnu: tor: Remove '--enable-expensive-hardening' option. * gnu/packages/tor.scm (tor)[arguments]: Remove '--enable-expensive-hardeni= ng' option. --- gnu/packages/tor.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm index 314901fa4..1d5a1f161 100644 --- a/gnu/packages/tor.scm +++ b/gnu/packages/tor.scm @@ -2,7 +2,7 @@ ;;; Copyright =C2=A9 2013, 2014, 2015 Ludovic Court=C3=A8s ;;; Copyright =C2=A9 2014, 2015 Mark H Weaver ;;; Copyright =C2=A9 2016, 2017 Efraim Flashner -;;; Copyright =C2=A9 2016, 2017 ng0 +;;; Copyright =C2=A9 2016, 2017 ng0 ;;; Copyright =C2=A9 2017 Tobias Geerinckx-Rice ;;; Copyright =C2=A9 2017 Eric Bavier ;;; Copyright =C2=A9 2017 Rutger Helling @@ -54,8 +54,7 @@ "0hhyb1wil8japynqnm07r1f67w3wdnafdg9amzlrrcfcyq5qim28")))) (build-system gnu-build-system) (arguments - `(#:configure-flags (list "--enable-expensive-hardening" - "--enable-gcc-hardening" + `(#:configure-flags (list "--enable-gcc-hardening" "--enable-linker-hardening"))) (native-inputs `(("python" ,python-2))) ; for tests --=20 2.13.3 --ac3rtmvqhigzxfse-- --7o47mwlnpm5qvklb Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAll8xmcACgkQ4i+bv+40 hYguhg//Ta8Yk97tcS7gacfCXBq7gbJpW1+M6b9fiq11OZI/4PiNkWKNtdYdsf+3 IgKYiGD7lv6sKFL2REzDs7fcGA+TT9BSUvSe5Ec4Yv+tq5Gg76gH/Gm1pnsHwS+m 7qQEZXWCvPnANjF1g5Hm0Vr4qs5SQ7ovME6O43tSzHHan+tpNOttr0erpFt8sOT1 VOZIv6I+VDFFBHOhNuF1hL3CUoGDYKT+kFPGgPz0WdJCkKpeqW4HAwUYNPqTdGJj bUYNSuLa5BtO7DWMGeaLrUDtZuoUo3GZTiG1UvHsvp7RsCHKV5i/TLyjXLz//KNo 2vZA5asDT8MNJ/GrDEptxQ8YOc9+Uh/XpjuK+pk+uOl2tPqfcWjJdWDSEWrB7oxq bsp/ufIQx8sxOm13bZ9j19PjmIBweYfg/d/eNwWKVFN3c2lkcHwepbVGpNUfDFGE UNJ+BrHI5KFAX2RKbsmDWcEHF092wlEOYA/YfJX5huVbnXKvVxFx/JfQskXYq8u5 64UA8M0XK46kJ1XvrapYzFuPfwOf5CpokI6lF1cY1w+X7RfSXHZguZoDWRasHw/e kW+V/WKUmNQ7ZyndxfoEZ8xlJl0Ypof6Tmqv1xpwyqFo/4Tfuw/KEMZjVW0Xsn32 u6jQ6iffh2wtWo1Rcl0bARZjGsgD1WgXUgoatUx4Ln+esi54cyw= =pyCH -----END PGP SIGNATURE----- --7o47mwlnpm5qvklb-- From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 31 11:08:10 2017 Received: (at 27870-done) by debbugs.gnu.org; 31 Jul 2017 15:08:10 +0000 Received: from localhost ([127.0.0.1]:35494 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcCIk-0004JD-CO for submit@debbugs.gnu.org; Mon, 31 Jul 2017 11:08:10 -0400 Received: from eggs.gnu.org ([208.118.235.92]:52430) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcCIi-0004J1-Nc for 27870-done@debbugs.gnu.org; Mon, 31 Jul 2017 11:08:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dcCIY-0006Ir-Dd for 27870-done@debbugs.gnu.org; Mon, 31 Jul 2017 11:08:03 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:54679) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcCIY-0006Im-A4 for 27870-done@debbugs.gnu.org; Mon, 31 Jul 2017 11:07:58 -0400 Received: from [193.50.110.251] (port=37052 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1dcCIX-0007y4-Hr for 27870-done@debbugs.gnu.org; Mon, 31 Jul 2017 11:07:57 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: 27870-done@debbugs.gnu.org Subject: Re: [bug#27870] tor: Remove 'expensive-hardening' option. References: <20170729173119.e4tq43z72l6jfy74@abyayala> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 13 Thermidor an 225 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-unknown-linux-gnu Date: Mon, 31 Jul 2017 17:07:55 +0200 In-Reply-To: <20170729173119.e4tq43z72l6jfy74@abyayala> (ng0@infotropique.org's message of "Sat, 29 Jul 2017 17:31:19 +0000") Message-ID: <87a83k4pbo.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 27870-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) ng0 skribis: > From 4ae53518a53b668d9ac9d0f85771bb8f8645a4f6 Mon Sep 17 00:00:00 2001 > From: ng0 > Date: Sat, 29 Jul 2017 17:26:04 +0000 > Subject: [PATCH] gnu: tor: Remove '--enable-expensive-hardening' option. > > * gnu/packages/tor.scm (tor)[arguments]: Remove '--enable-expensive-harde= ning' option. Applied, thanks! Tor was indeed consuming quite a bit of RAM on my laptop, so this is a welcome change. Now we know what they meant with =E2=80=9Cexpensive=E2=80= =9D. ;-) Ludo=E2=80=99. From unknown Thu Aug 14 21:53:40 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 29 Aug 2017 11:24:03 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator