Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cc-wrapper hardeningFlags tests: add tests for pacret, shadowstack #331596

Open
wants to merge 1 commit into
base: staging
Choose a base branch
from
Open

cc-wrapper hardeningFlags tests: add tests for pacret, shadowstack #331596

wants to merge 1 commit into from

Conversation

risicle
Copy link
Contributor

@risicle risicle commented Aug 1, 2024

Description of changes

Why aimed at staging? This tests features recently merged to staging in #326819 & #324429 which have not yet made it further.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@risicle risicle added 6.topic: testing Tooling for automated testing of packages and modules 8.has: tests labels Aug 1, 2024
@risicle risicle requested review from emilazy and a team August 1, 2024 20:23
@github-actions github-actions bot removed the 6.topic: testing Tooling for automated testing of packages and modules label Aug 1, 2024
@risicle risicle force-pushed the ris-hardening-tests-pacret-shadowstack branch from 5b7ff5c to 3ce2927 Compare August 5, 2024 21:43
@risicle risicle force-pushed the ris-hardening-tests-pacret-shadowstack branch from 3ce2927 to a9edd09 Compare August 11, 2024 10:10
emilazy
emilazy reviewed Aug 11, 2024
View reviewed changes
Copy link
Member

@emilazy emilazy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, this fell through the cracks. Looks good from a quick skim. staging-next is about to land; perhaps we should wait until it merges and then retarget this on master, so it doesn’t have to wait for another entire cycle?

@risicle
Copy link
Contributor Author

risicle commented Aug 11, 2024

Last I checked the required changes weren't even in staging-next, but indeed could target it at next staging-next at that point.

Big PR that sits on top of this about to drop anyway, so that's where my focus is right now..

@risicle risicle mentioned this pull request Aug 11, 2024
Draft
13 tasks
@emilazy
Copy link
Member

emilazy commented Aug 11, 2024

Unless I’m misunderstanding the UI, GitHub lists 745046d and 0dacfda as being part of #332764, which is due to land in master imminently. So we should be able to target master once that happens.

@risicle
Copy link
Contributor Author

risicle commented Aug 11, 2024

Awesome, I must have been out of date. Will do.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emilazy emilazy emilazy left review comments

Assignees
No one assigned
Labels
8.has: package (new) 8.has: tests 10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@risicle @emilazy