-
Notifications
You must be signed in to change notification settings - Fork 36.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add security/export checks to gitian and fix current failures #7424
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These are not added to the default checks because some of them depend on release-build configs.
glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to link in anyway for back-compat. Fixes bitcoin#7420
Note that I was actually testing these changes cherry-picked into the 0.12 branch. They should move with no conflicts. |
Concept ACK. |
Yay, thanks |
laanwj
added a commit
that referenced
this pull request
Jan 27, 2016
…lures a81c87f release: add security/symbol checks to gitian (Cory Fields) a8ce872 release: always link librt for glibc back-compat builds (Cory Fields) f3d3eaf release: add check-symbols and check-security make targets (Cory Fields) 475813b release: add _IO_stdin_used to ignored exports (Cory Fields) cd27bf5 release: fix parsing of BIND_NOW with older readelf (Cory Fields)
laanwj
pushed a commit
that referenced
this pull request
Jan 27, 2016
- fix parsing of BIND_NOW with older readelf - add _IO_stdin_used to ignored exports For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109 - add check-symbols and check-security make targets These are not added to the default checks because some of them depend on release-build configs. - always link librt for glibc back-compat builds glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to link in anyway for back-compat. Fixes #7420 - add security/symbol checks to gitian Github-Pull: #7424 Rebased-From: cd27bf5 475813b f3d3eaf a8ce872 a81c87f
Backported to 0.12 as aa26ee0. |
zkbot
pushed a commit
to zcash/zcash
that referenced
this pull request
Oct 17, 2016
Upstream gitian updates This PR pulls in all gitian-related PRs that have been merged upstream since 0.11.2. The only ones I left out were documentation-only PRs, because we removed `doc/gitian-building.md` at some point. Here are the commits applied here, in the order shown in `git log` (ie. last to first): - bitcoin/bitcoin#7283 - fa42a67 - fa58c76 - bitcoin/bitcoin#8175 - 74c1347 - bitcoin/bitcoin#8167 - 7e7eb27 - ad38204 - b676f38 - bitcoin/bitcoin#7776 - f063863 - bitcoin/bitcoin#7424 - a81c87f ~ we already partly applied - a8ce872 - f3d3eaf ~ we already partly applied - 475813b - ~~cd27bf5~~ X we already applied - bitcoin/bitcoin#7060 - 3b468a0 ~ we removed doc/gitian-building.md - ~~99fda26~~ X we removed doc/gitian-building.md - bitcoin/bitcoin#7251 - fa09562 - bitcoin/bitcoin#6900 - ~~2cecb24~~ X we removed doc/gitian-building.md - 957c0fd - 2e31d74 - ~~0b416c6~~ X we removed QT - 9f251b7 - bitcoin/bitcoin#6854 - 579b863 ~ we already partly applied Part of #540
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #7420. This was discussed and agreed upon a long time ago, but I never got around to actually doing it. Sorry to do this during the rc stage, @laanwj, but at least it was discovered before final release.
Thanks very much to @dlogemann for testing the rcs and reporting the issue.
This fixes glibc back-compat issues with the current toolchain, and adds the checks to gitian so that breakage won't go unnoticed again. With a few more tweaks, it should be safe enough to add to 'make check' so that Travis tests with each build, but not quite yet.
I've verified that Gitian builds for Linux/Win are successful, OSX should be unchanged.