[openssh-commits] [openssh] 01/01: Add test against Graphene hardened malloc.
git+noreply at mindrot.org
git+noreply at mindrot.org
Sat Jan 9 00:45:57 AEDT 2021
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit b744914fcb76d70761f1b667de95841b3fc80a56
Author: Darren Tucker <dtucker at dtucker.net>
Date: Sat Jan 9 00:36:05 2021 +1100
Add test against Graphene hardened malloc.
---
.github/setup_ci.sh | 12 +++++++++++-
.github/workflows/c-cpp.yml | 1 +
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
index 61349be1..2d489b7e 100755
--- a/.github/setup_ci.sh
+++ b/.github/setup_ci.sh
@@ -40,7 +40,10 @@ for TARGET in $TARGETS; do
"--with-selinux")
PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev"
;;
- *) echo "Invalid option"
+ "--with-ldflags=-lhardened_malloc")
+ INSTALL_HARDENED_MALLOC=yes
+ ;;
+ *) echo "Invalid option '${TARGET}'"
exit 1
;;
esac
@@ -56,3 +59,10 @@ if [ "x" != "x$PACKAGES" ]; then
sudo apt update -qq
sudo apt install -qy $PACKAGES
fi
+
+if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then
+ (cd ${HOME} &&
+ git clone https://github.com/GrapheneOS/hardened_malloc.git &&
+ cd ${HOME}/hardened_malloc &&
+ make && sudo cp libhardened_malloc.so /usr/lib/)
+fi
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 5c5dd6bd..c019d96e 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -16,6 +16,7 @@ jobs:
configs:
- ""
- "--with-kerberos5 --with-libedit --with-pam --with-security-key-builtin --with-selinux"
+ - "--with-ldflags=-lhardened_malloc"
steps:
- uses: actions/checkout at v2
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list