diff options
author | Robert Scott <code@humanleg.org.uk> | 2023-02-12 21:53:08 +0000 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2023-09-02 15:01:54 +0100 |
commit | e0f6367446d8f3f2f37acb27f9e2fc0f51768721 (patch) | |
tree | 14ccd691311827e4cfd09b7dc36f52e35be7c69d /pkgs/test/default.nix | |
parent | 2428000c6691d5126b82e1738f3d7b4d0c14fe5d (diff) | |
download | nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar.gz nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar.bz2 nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar.lz nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar.xz nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.tar.zst nixpkgs-e0f6367446d8f3f2f37acb27f9e2fc0f51768721.zip |
cc-wrapper, binutils-wrapper: add tests hardening-flags-handling
most tests use debian-devscripts' hardening-check, so only work on ELF systems and can only detect a limited subset of flags. some extra tests actually execute fortify-protected programs and should be slightly more universally applicable.
Diffstat (limited to 'pkgs/test/default.nix')
-rw-r--r-- | pkgs/test/default.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/pkgs/test/default.nix b/pkgs/test/default.nix index d6fd75359fc..c479070c607 100644 --- a/pkgs/test/default.nix +++ b/pkgs/test/default.nix @@ -23,6 +23,14 @@ with pkgs; stdenv-inputs = callPackage ./stdenv-inputs { }; stdenv = callPackage ./stdenv { }; + hardeningFlags = recurseIntoAttrs (callPackage ./cc-wrapper/hardening.nix {}); + hardeningFlags-gcc = recurseIntoAttrs (callPackage ./cc-wrapper/hardening.nix { + stdenv = gccStdenv; + }); + hardeningFlags-clang = recurseIntoAttrs (callPackage ./cc-wrapper/hardening.nix { + stdenv = llvmPackages.stdenv; + }); + config = callPackage ./config.nix { }; haskell = callPackage ./haskell { }; |