diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2021-01-09 00:36:05 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2021-01-09 00:36:05 +1100 |
| commit | b744914fcb76d70761f1b667de95841b3fc80a56 (patch) | |
| tree | 0182e1a0ca5d7f18144b73506626ec63f768f573 | |
| parent | 6cb52d5bf771f6769b630fce35a8e9b8e433044f (diff) | |
Add test against Graphene hardened malloc.
| -rwxr-xr-x | .github/setup_ci.sh | 12 | ||||
| -rw-r--r-- | .github/workflows/c-cpp.yml | 1 |
2 files changed, 12 insertions, 1 deletions
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 61349be1..2d489b7e 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -40,7 +40,10 @@ for TARGET in $TARGETS; do "--with-selinux") PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev" ;; - *) echo "Invalid option" + "--with-ldflags=-lhardened_malloc") + INSTALL_HARDENED_MALLOC=yes + ;; + *) echo "Invalid option '${TARGET}'" exit 1 ;; esac @@ -56,3 +59,10 @@ if [ "x" != "x$PACKAGES" ]; then sudo apt update -qq sudo apt install -qy $PACKAGES fi + +if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then + (cd ${HOME} && + git clone https://github.com/GrapheneOS/hardened_malloc.git && + cd ${HOME}/hardened_malloc && + make && sudo cp libhardened_malloc.so /usr/lib/) +fi diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 5c5dd6bd..c019d96e 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -16,6 +16,7 @@ jobs: configs: - "" - "--with-kerberos5 --with-libedit --with-pam --with-security-key-builtin --with-selinux" + - "--with-ldflags=-lhardened_malloc" steps: - uses: actions/checkout@v2 |