|
= Tor supported platforms policy =
|
|
# Tor supported platforms policy
|
|
|
|
|
|
This policy was provisionally adopted by the Network Team on 31 March 2020. It will become non-provisional on 1 August 2020.
|
|
This policy was provisionally adopted by the Network Team on 31 March 2020. It will become non-provisional on 1 August 2020.
|
|
|
|
|
|
[[TOC]]
|
|
|
|
|
|
|
|
Note: This document only applies to "tor", the network daemon program.
|
|
Note: This document only applies to "tor", the network daemon program.
|
|
|
|
|
... | @@ -11,54 +11,54 @@ Also note: This reflects aspiration, not promise. |
... | @@ -11,54 +11,54 @@ Also note: This reflects aspiration, not promise. |
|
And note finally: These categories are not a value judgment on your platform. They are a warning about the Tor team and the resources we have.
|
|
And note finally: These categories are not a value judgment on your platform. They are a warning about the Tor team and the resources we have.
|
|
|
|
|
|
|
|
|
|
== Levels of support ==
|
|
## Levels of support
|
|
|
|
|
|
1: '''Target'''
|
|
1: **Target**
|
|
|
|
|
|
We will make sure this works and works well. CI required, multiple active devs, popular, etc. We try to backport fixes to all supported release series.
|
|
We will make sure this works and works well. CI required, multiple active devs, popular, etc. We try to backport fixes to all supported release series.
|
|
|
|
|
|
2: '''Maintained'''
|
|
2: **Maintained**
|
|
|
|
|
|
When we find out it's broken, we'll try to fix it. To get here, we need at least one person who knows it and is willing to try to help out. We try to backport fixes to all supported release series.
|
|
When we find out it's broken, we'll try to fix it. To get here, we need at least one person who knows it and is willing to try to help out. We try to backport fixes to all supported release series.
|
|
|
|
|
|
3: '''Unsupported'''
|
|
3: **Unsupported**
|
|
|
|
|
|
We'll take a clean patch if you write one and we can find somebody to test it. Everything starts here by default. We might backport fixes to one or two supported release series, if they are simple enough.
|
|
We'll take a clean patch if you write one and we can find somebody to test it. Everything starts here by default. We might backport fixes to one or two supported release series, if they are simple enough.
|
|
|
|
|
|
4: '''Rejected'''
|
|
4: **Rejected**
|
|
|
|
|
|
You need to maintain your own fork if you want this to work. (This is the standard response for hypothetical cpus and operating systems where nobody knows if they exist or nobody has seen one in 20 years. No patches unless somebody can test them somewhere, somehow.)
|
|
You need to maintain your own fork if you want this to work. (This is the standard response for hypothetical cpus and operating systems where nobody knows if they exist or nobody has seen one in 20 years. No patches unless somebody can test them somewhere, somehow.)
|
|
|
|
|
|
=== How to decide support levels ===
|
|
### How to decide support levels
|
|
|
|
|
|
''This is rationale, not policy.''
|
|
_This is rationale, not policy._
|
|
|
|
|
|
If we actually have CI that we respond to very quickly, ''and'' we have active developers who know how to build and test for the platform, ''and'' we would block a stable release if the platform was not working, then we can make it '''Target'''.
|
|
If we actually have CI that we respond to very quickly, _and_ we have active developers who know how to build and test for the platform, _and_ we would block a stable release if the platform was not working, then we can make it **Target**.
|
|
|
|
|
|
A '''Maintained''' platform is like a Target platform, except without good CI, without expertise on the Tor team, or without the resource commitment. Conversely, a '''Maintained''' platform is like an Unsupported one, except that we think that we can sometimes figure out how to write patches for it, and like to do so when we have free time.
|
|
A **Maintained** platform is like a Target platform, except without good CI, without expertise on the Tor team, or without the resource commitment. Conversely, a **Maintained** platform is like an Unsupported one, except that we think that we can sometimes figure out how to write patches for it, and like to do so when we have free time.
|
|
|
|
|
|
If we have no way to test patches, but we'd take a clean obviously-safe patch if somebody wrote one, then it's '''Unsupported'''. Generally, Unsupported is only good for systems that aren't too weird in how they behave.
|
|
If we have no way to test patches, but we'd take a clean obviously-safe patch if somebody wrote one, then it's **Unsupported**. Generally, Unsupported is only good for systems that aren't too weird in how they behave.
|
|
|
|
|
|
We should Reject platforms if supporting them can't be done without lots of unverifiable code, or can't be done without making the code ugly. If we would prefer that developers on a platform should fork Tor, then it's '''Rejected'''. If (nearly?) all users on a platform are insecure, it's also good candidate for '''Rejected'''. So that's the default position for platforms without vendor support.
|
|
We should Reject platforms if supporting them can't be done without lots of unverifiable code, or can't be done without making the code ugly. If we would prefer that developers on a platform should fork Tor, then it's **Rejected**. If (nearly?) all users on a platform are insecure, it's also good candidate for **Rejected**. So that's the default position for platforms without vendor support.
|
|
|
|
|
|
== CPU support levels ==
|
|
## CPU support levels
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* x86
|
|
* x86
|
|
* x86_64
|
|
* x86_64
|
|
* arm (sufficiently recent)
|
|
* arm (sufficiently recent)
|
|
|
|
|
|
'''Maintained''' or '''unsupported''', can't decide:
|
|
**Maintained** or **unsupported**, can't decide:
|
|
* mips
|
|
* mips
|
|
|
|
|
|
'''Unsupported'''
|
|
**Unsupported**
|
|
* x86 without SSE2. (Should just be a performance thing, because we'll always have portable code)
|
|
* x86 without SSE2. (Should just be a performance thing, because we'll always have portable code)
|
|
* Itanium
|
|
* Itanium
|
|
* SPARC
|
|
* SPARC
|
|
* newer PowerPC (PPE, Power8+) with constant-time multiplications
|
|
* newer PowerPC (PPE, Power8+) with constant-time multiplications
|
|
* Anything else debian builds for
|
|
* Anything else debian builds for
|
|
|
|
|
|
'''Rejected'''
|
|
**Rejected**
|
|
* Processors with non-constant-time `MUL` instructions (many common cryptographic operations on these systems are subject to even the most trivial side-channel attacks):
|
|
* Processors with non-constant-time `MUL` instructions (many common cryptographic operations on these systems are subject to even the most trivial side-channel attacks):
|
|
* Older PowerPC (<= PowerPC 970)
|
|
* Older PowerPC (<= PowerPC 970)
|
|
* Older ARM (<= 9T, <= Cortex M3)
|
|
* Older ARM (<= 9T, <= Cortex M3)
|
... | @@ -70,9 +70,9 @@ We should Reject platforms if supporting them can't be done without lots of unve |
... | @@ -70,9 +70,9 @@ We should Reject platforms if supporting them can't be done without lots of unve |
|
* Anything without virtual address spaces
|
|
* Anything without virtual address spaces
|
|
* Anything middle-endian
|
|
* Anything middle-endian
|
|
|
|
|
|
== OS Support levels ==
|
|
## OS Support levels
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* Supported Windows (>= 7) and Windows Server (>= 2008)
|
|
* Supported Windows (>= 7) and Windows Server (>= 2008)
|
|
* MinGW
|
|
* MinGW
|
|
* MSYS2
|
|
* MSYS2
|
... | @@ -80,7 +80,7 @@ We should Reject platforms if supporting them can't be done without lots of unve |
... | @@ -80,7 +80,7 @@ We should Reject platforms if supporting them can't be done without lots of unve |
|
* except for macOS i386, which is Maintained. Apple will remove support for i386 binaries in macOS 10.15 (2019).
|
|
* except for macOS i386, which is Maintained. Apple will remove support for i386 binaries in macOS 10.15 (2019).
|
|
* Modern Linux
|
|
* Modern Linux
|
|
|
|
|
|
'''Maintained'''
|
|
**Maintained**
|
|
* Android (Should become Target)
|
|
* Android (Should become Target)
|
|
* Unsupported Windows client versions, where the server version is Target:
|
|
* Unsupported Windows client versions, where the server version is Target:
|
|
* Windows Vista
|
|
* Windows Vista
|
... | @@ -93,7 +93,7 @@ We should Reject platforms if supporting them can't be done without lots of unve |
... | @@ -93,7 +93,7 @@ We should Reject platforms if supporting them can't be done without lots of unve |
|
Need to decide:
|
|
Need to decide:
|
|
* Other BSD derivatives
|
|
* Other BSD derivatives
|
|
|
|
|
|
'''Unsupported'''
|
|
**Unsupported**
|
|
* Hurd
|
|
* Hurd
|
|
* Proprietary unix
|
|
* Proprietary unix
|
|
* Very old Linux kernels
|
|
* Very old Linux kernels
|
... | @@ -102,21 +102,21 @@ Need to decide: |
... | @@ -102,21 +102,21 @@ Need to decide: |
|
* Anything completely non-posixy, other than Windows or iOS
|
|
* Anything completely non-posixy, other than Windows or iOS
|
|
* Windows using Cygwin
|
|
* Windows using Cygwin
|
|
|
|
|
|
'''Rejected'''
|
|
**Rejected**
|
|
* Windows past EOL
|
|
* Windows past EOL
|
|
* OS X past EOL
|
|
* OS X past EOL
|
|
* Anything else not receiving security updates
|
|
* Anything else not receiving security updates
|
|
|
|
|
|
== C Compilers ==
|
|
## C Compilers
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* GCC (non-ancient)
|
|
* GCC (non-ancient)
|
|
* clang (non-ancient)
|
|
* clang (non-ancient)
|
|
|
|
|
|
'''Unsupported'''
|
|
**Unsupported**
|
|
* Everything else that's not rejected
|
|
* Everything else that's not rejected
|
|
|
|
|
|
'''Rejected'''
|
|
**Rejected**
|
|
* C before C99.
|
|
* C before C99.
|
|
* Systems where pointer size is something other than 32 or 64 bits.
|
|
* Systems where pointer size is something other than 32 or 64 bits.
|
|
* Systems where int is something other than 32 or 64 bits.
|
|
* Systems where int is something other than 32 or 64 bits.
|
... | @@ -127,30 +127,30 @@ Need to decide: |
... | @@ -127,30 +127,30 @@ Need to decide: |
|
* Anything that can't process the the headers for our dependencies and link with them.
|
|
* Anything that can't process the the headers for our dependencies and link with them.
|
|
* All compilers that are only hypothetically permitted by the C standard.
|
|
* All compilers that are only hypothetically permitted by the C standard.
|
|
|
|
|
|
== Other dependencies ==
|
|
## Other dependencies
|
|
|
|
|
|
=== TLS / Cryptographic Libraries ===
|
|
### TLS / Cryptographic Libraries
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* LibreSSL (which ones?)
|
|
* LibreSSL (which ones?)
|
|
* OpenSSL (stable supported releases, 1.0.1 or later)
|
|
* OpenSSL (stable supported releases, 1.0.1 or later)
|
|
|
|
|
|
'''Maintained'''
|
|
**Maintained**
|
|
* NSS (Should become Target in 0.3.6 or later, if it works well enough)
|
|
* NSS (Should become Target in 0.3.6 or later, if it works well enough)
|
|
|
|
|
|
=== Rust ===
|
|
### Rust
|
|
|
|
|
|
Rust is currently optional.
|
|
Rust is currently optional.
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* Rust nightly, beta, stable
|
|
* Rust nightly, beta, stable
|
|
|
|
|
|
'''Maintained'''
|
|
**Maintained**
|
|
* Currently, all versions from stable back to 1.31
|
|
* Currently, all versions from stable back to 1.31
|
|
* The minimum Rust version may change over time as needed for new features, but will always be less than or equal to stable.
|
|
* The minimum Rust version may change over time as needed for new features, but will always be less than or equal to stable.
|
|
* Need to decide on a support policy for old rust versions
|
|
* Need to decide on a support policy for old rust versions
|
|
|
|
|
|
=== Python ===
|
|
### Python
|
|
|
|
|
|
Python is optional in Tor: it is used to run some of Tor's tests.
|
|
Python is optional in Tor: it is used to run some of Tor's tests.
|
|
|
|
|
... | @@ -161,14 +161,14 @@ Some other network team products are written in python, for example: |
... | @@ -161,14 +161,14 @@ Some other network team products are written in python, for example: |
|
* sbws (Simple Bandwidth Scanner)
|
|
* sbws (Simple Bandwidth Scanner)
|
|
Their support policies may vary, depending on our available resources.
|
|
Their support policies may vary, depending on our available resources.
|
|
|
|
|
|
'''Target'''
|
|
**Target**
|
|
* Supported Python 3 Stable Releases
|
|
* Supported Python 3 Stable Releases
|
|
|
|
|
|
'''Maintained'''
|
|
**Maintained**
|
|
* Python 3 Unstable and Nightly Releases
|
|
* Python 3 Unstable and Nightly Releases
|
|
* Python 2.7
|
|
* Python 2.7
|
|
* Note: Between 1 January and 1 April 2020, Python 2.7 is transitioning to Unsupported.
|
|
* Note: Between 1 January and 1 April 2020, Python 2.7 is transitioning to Unsupported.
|
|
|
|
|
|
'''Unsupported'''
|
|
**Unsupported**
|
|
* Unsupported Python Releases
|
|
* Unsupported Python Releases
|
|
* All Other Python Implementations (PyPy, Tauthon, etc.) |
|
* All Other Python Implementations (PyPy, Tauthon, etc.) |
|
|
|
\ No newline at end of file |