Skip to content

Commit

Permalink
Merge pull request #7340 from JacobBarthelmeh/github_tests
Browse files Browse the repository at this point in the history
workaround for Ubuntu runner, high entropy + ASLR
  • Loading branch information
dgarske authored Mar 17, 2024
2 parents 99dd8a3 + 5106cb1 commit abd7449
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 3 deletions.
10 changes: 9 additions & 1 deletion .github/workflows/krb5.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,15 @@ jobs:
# This should be a safe limit for the tests to run.
timeout-minutes: 5
steps:
- name: workaround high-entropy ASLR
# not needed after either an update to llvm or runner is done
run: sudo sysctl vm.mmap_rnd_bits=28

- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-krb CFLAGS='-fsanitize=address'
configure: --enable-krb CC='gcc -fsanitize=address'
install: true

- name: Upload built lib
Expand Down Expand Up @@ -61,6 +65,10 @@ jobs:
run: |
patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
- name: workaround high-entropy ASLR
# not needed after either an update to llvm or runner is done
run: sudo sysctl vm.mmap_rnd_bits=28

- name: Build krb5
working-directory: ./krb5/src
run: |
Expand Down
6 changes: 5 additions & 1 deletion .github/workflows/nginx.yml
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,10 @@ jobs:
run: |
echo "nginx_c_flags=-O0" >> $GITHUB_ENV
- name: workaround high-entropy ASLR
# not needed after either an update to llvm or runner is done
run: sudo sysctl vm.mmap_rnd_bits=28

- name: Build nginx with sanitizer
working-directory: nginx
run: |
Expand Down Expand Up @@ -203,4 +207,4 @@ jobs:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
prove ${{ matrix.sanitize-ok }}
6 changes: 5 additions & 1 deletion .github/workflows/openvpn.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,14 @@ jobs:
linux-libc-dev man2html libcmocka-dev python3-docutils \
libtool automake autoconf libnl-genl-3-dev libnl-genl-3-200
- name: workaround high-entropy ASLR
# not needed after either an update to llvm or runner is done
run: sudo sysctl vm.mmap_rnd_bits=28

- if: ${{ matrix.ref != 'master' }}
name: Build and test openvpn with fsanitize
run: |
echo 'extra_c_flags=CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"' >> $GITHUB_ENV
echo 'extra_c_flags=CC="gcc -fsanitize=address" CFLAGS="-fno-omit-frame-pointer -O2"' >> $GITHUB_ENV
- name: Build and test openvpn
uses: wolfSSL/actions-build-autotools-project@v1
Expand Down

0 comments on commit abd7449

Please sign in to comment.