guix: (explicitly) build Linux GCC with `--enable-cet`

fanquake commented at 11:29 am on July 12, 2024: member

Similar to #29695, and in the same vein of explicitly configuring hardening options in our release toolchain.

See https://gcc.gnu.org/install/configure.html:

--enable-cet

Enable building target run-time libraries with control-flow instrumentation, see -fcf-protection option. When –enable-cet is specified target libraries are configured to add -fcf-protection and, if needed, other target specific options to a set of building options.

--enable-cet=auto is default. CET is enabled on Linux/x86 if target binutils supports Intel CET instructions and disabled otherwise. In this case, the target libraries are configured to get additional -fcf-protection option.

DrahtBot commented at 11:29 am on July 12, 2024: contributor

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage

For detailed information about the code coverage, see the test coverage report.

Reviews

See the guideline for information on the review process.

Type	Reviewers
ACK	TheCharlatan

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

No conflicts as of last run.

DrahtBot added the label Build system on Jul 12, 2024

fanquake added the label DrahtBot Guix build requested on Jul 12, 2024

DrahtBot commented at 1:07 am on July 13, 2024: contributor

Guix builds (on x86_64) [untrusted test-only build, possibly unsafe, not for production use]

File	commit 4d6af61d879914a660e73db5c2f2e6c4d0aa8243(master)	commit a8bcf5003c89a1108c3fd949e74a252dd42b34c7(master and this pull)
SHA256SUMS.part	`06a06fc771db01ff...`	`099b97685925816a...`
*-aarch64-linux-gnu-debug.tar.gz	`37dc44b8433afc4c...`	`6115a9e85008b34b...`
*-aarch64-linux-gnu.tar.gz	`11fa7e61058e60de...`	`62e9645b962c0330...`
*-arm-linux-gnueabihf-debug.tar.gz	`814fd7390dca8863...`	`84a81b57325d200d...`
*-arm-linux-gnueabihf.tar.gz	`636d69923f9baf41...`	`ebf36614757de55c...`
*-arm64-apple-darwin-unsigned.tar.gz	`eba3d94e95c565e5...`	`fdb0604378cb4389...`
*-arm64-apple-darwin-unsigned.zip	`a3a6c3e17a032ec2...`	`2d1a5e7787a40c3c...`
*-arm64-apple-darwin.tar.gz	`2edb16e2d3e354ac...`	`efcaf660c504eeda...`
*-powerpc64-linux-gnu-debug.tar.gz	`a2ffe7224f332256...`	`b2d0cd70707e5c01...`
*-powerpc64-linux-gnu.tar.gz	`506e32d31f36fbef...`	`73242b3bad015561...`
*-riscv64-linux-gnu-debug.tar.gz	`804992da8bf986c2...`	`6df20f17b069d6e7...`
*-riscv64-linux-gnu.tar.gz	`c569b966f4797bf9...`	`5c1546343e32be23...`
*-x86_64-apple-darwin-unsigned.tar.gz	`5bf07d29a4cf5831...`	`45eaaac17031cabe...`
*-x86_64-apple-darwin-unsigned.zip	`c1e6904750827e33...`	`11570e7ceab880c1...`
*-x86_64-apple-darwin.tar.gz	`2f4bce63ae7e6d28...`	`0a99e3ce2ae852a6...`
*-x86_64-linux-gnu-debug.tar.gz	`07ce227b1a7b2ded...`	`b08075132ed4d7c7...`
*-x86_64-linux-gnu.tar.gz	`4de446f6e7311ebf...`	`ce5982836461f0d4...`
*.tar.gz	`21c94a8b5a8118c6...`	`a8ecb843223d9445...`
guix_build.log	`b7fef98cfbbb5d4a...`	`7de641c45788d77f...`
guix_build.log.diff		`1b59e835fbce8a0a...`

DrahtBot removed the label DrahtBot Guix build requested on Jul 13, 2024

TheCharlatan commented at 12:28 pm on July 23, 2024: contributor

Guix builds (aarch64)

 0find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
 18ac09f23c01b91cd88d3f1329c0d27105f98d31cd1735bba4a0299de18c607c0  guix-build-1d2758f6f044/output/aarch64-linux-gnu/SHA256SUMS.part
 294dc28c726e81bc51df3ca7dba068d74a74828b6e5162f130c7e210e4f4a2eff  guix-build-1d2758f6f044/output/aarch64-linux-gnu/bitcoin-1d2758f6f044-aarch64-linux-gnu-debug.tar.gz
 3101f0a64ea62eb82a060827edac75b71562628520d4d3da2dc796f854e691f89  guix-build-1d2758f6f044/output/aarch64-linux-gnu/bitcoin-1d2758f6f044-aarch64-linux-gnu.tar.gz
 40d6df2ddf4f03aa42f01ddac7caf0d76a1fe5fb27193c6ba3a9db6986778763a  guix-build-1d2758f6f044/output/arm-linux-gnueabihf/SHA256SUMS.part
 5b472c24cb88cfedbef168a3f9b67816e124dd308c7d39b2239143808434d8c39  guix-build-1d2758f6f044/output/arm-linux-gnueabihf/bitcoin-1d2758f6f044-arm-linux-gnueabihf-debug.tar.gz
 6f106f4f719d4185f58f8033c6ea8d71941b5b0339fc537edfce068fb65755d29  guix-build-1d2758f6f044/output/arm-linux-gnueabihf/bitcoin-1d2758f6f044-arm-linux-gnueabihf.tar.gz
 7b0b4c7fea6c8f3bdb35ffe0e64c1c38ab2745e4a14e23cfbe3902a70595f4536  guix-build-1d2758f6f044/output/arm64-apple-darwin/SHA256SUMS.part
 8b67cb97308284fb13568b8bf64fd5d599c7707fbd4b68895537046fc2b28fd24  guix-build-1d2758f6f044/output/arm64-apple-darwin/bitcoin-1d2758f6f044-arm64-apple-darwin-unsigned.tar.gz
 97d8d733037f4c944cffd8ce25797b82d1c0e5c0fd82c8f07c907115b06fba30e  guix-build-1d2758f6f044/output/arm64-apple-darwin/bitcoin-1d2758f6f044-arm64-apple-darwin-unsigned.zip
109a443b2f40856e97937a5693215cd915a623fa82e3c7e381f80b69d2cb788c75  guix-build-1d2758f6f044/output/arm64-apple-darwin/bitcoin-1d2758f6f044-arm64-apple-darwin.tar.gz
11cd5e80bea3f117277f6eecfa6ae623830f4128d6ab2763b946fe847d325eaa11  guix-build-1d2758f6f044/output/dist-archive/bitcoin-1d2758f6f044.tar.gz
120f3ac55b8ccf02cb0dee58c64c74289d2909f43461874080b4d3203e3eb77ab8  guix-build-1d2758f6f044/output/powerpc64-linux-gnu/SHA256SUMS.part
13b58f8844a23e7aae8b6c6bea5cfea03c9915e9ec6a38a33e7315038d588e1c01  guix-build-1d2758f6f044/output/powerpc64-linux-gnu/bitcoin-1d2758f6f044-powerpc64-linux-gnu-debug.tar.gz
1457f7f0278b7666cfe8839147919139f3da01ba18374f708e37d8463eee17be45  guix-build-1d2758f6f044/output/powerpc64-linux-gnu/bitcoin-1d2758f6f044-powerpc64-linux-gnu.tar.gz
1558bfa1968a4c108c19acdac5d1fca427d9368e5bf5c5ed77738aa0830bffa966  guix-build-1d2758f6f044/output/riscv64-linux-gnu/SHA256SUMS.part
1615650dcc9b6c4fc3d7f299dcd9870e6f6c6ab0e84bd1a272ca049a4323d4ec01  guix-build-1d2758f6f044/output/riscv64-linux-gnu/bitcoin-1d2758f6f044-riscv64-linux-gnu-debug.tar.gz
177b199ad6f3c450e2239524ab0d45432a28abf501a9b699193a09603c02a30404  guix-build-1d2758f6f044/output/riscv64-linux-gnu/bitcoin-1d2758f6f044-riscv64-linux-gnu.tar.gz
189a518e02cea5a7ea7e1fd0e60c8ad889b02b8f65084581d69db1303b16fd7b24  guix-build-1d2758f6f044/output/x86_64-apple-darwin/SHA256SUMS.part
19c97a0b3dc8bf8388558de565fa55294e9426e8f24413b52e600a01de20f3f7bf  guix-build-1d2758f6f044/output/x86_64-apple-darwin/bitcoin-1d2758f6f044-x86_64-apple-darwin-unsigned.tar.gz
20d3c81025e0d680ab658d11e1961d54c43a0a1eb4217e5fe98657f69c7452e74d  guix-build-1d2758f6f044/output/x86_64-apple-darwin/bitcoin-1d2758f6f044-x86_64-apple-darwin-unsigned.zip
211e20175c07da00baa591f3dcc815c9870006acdd3682c6e1fb29655fe982c02e  guix-build-1d2758f6f044/output/x86_64-apple-darwin/bitcoin-1d2758f6f044-x86_64-apple-darwin.tar.gz
227ea638949908ce5d9bb2e9b6abb7e3fe55aaacb7975fc2e218c06eac57338d31  guix-build-1d2758f6f044/output/x86_64-linux-gnu/SHA256SUMS.part
23d8b2585a3afad179badec7b171fdc4b89b7b8465a7f35ae3c810f4cd597b3981  guix-build-1d2758f6f044/output/x86_64-linux-gnu/bitcoin-1d2758f6f044-x86_64-linux-gnu-debug.tar.gz
2430ded4e767b1edcdaa7e5db8b482db4ea9e03120324ea09548a2f7600c6b1659  guix-build-1d2758f6f044/output/x86_64-linux-gnu/bitcoin-1d2758f6f044-x86_64-linux-gnu.tar.gz
25a38f1763c7e1ccd8f95d6a7ba54c0306d54d004cbebd013678175779153e6402  guix-build-1d2758f6f044/output/x86_64-w64-mingw32/SHA256SUMS.part
2609ab1212c0d21b0abbf719ac24ab08fac529ca9cf5bfed613552a22cfe059bc6  guix-build-1d2758f6f044/output/x86_64-w64-mingw32/bitcoin-1d2758f6f044-win64-debug.zip
27c50dafe56f08babac8fe46520de10d617d392314d3044c445652c16e3fa02359  guix-build-1d2758f6f044/output/x86_64-w64-mingw32/bitcoin-1d2758f6f044-win64-setup-unsigned.exe
28fdd977d4a42ccd6f773aeb9bc26e143ec5442a59439e121d882eaa08d022dc36  guix-build-1d2758f6f044/output/x86_64-w64-mingw32/bitcoin-1d2758f6f044-win64-unsigned.tar.gz
29dfc2c3c62b17d2ab51008df5f9331a0f48d556a1b9a672244a308c68510951f3  guix-build-1d2758f6f044/output/x86_64-w64-mingw32/bitcoin-1d2758f6f044-win64.zip

fanquake force-pushed on Aug 9, 2024

hebasto commented at 9:44 am on August 21, 2024: member

I don’t think that enabling CET for GCC alone will work. Shouldn’t binutils and glibc also be CET-enabled?

fanquake commented at 9:51 am on August 21, 2024: member

will work.

What do you mean by “work” here? This PR is just explicitly turning on one option in the compiler.

Shouldn’t binutils … also be CET-enabled?

What is a CET-enbled binutils? If you mean it supporting CET functionality, then it is new enough.

glibc also be CET-enabled?

Last time I looked, glibc will autodetect this based on the compiler (we could still enable it explictly, but it’s not clear that is required).

hebasto commented at 10:18 am on August 21, 2024: member

will work.

What do you mean by “work” here?

By “work” I mean producing x86_64 binaries with the IBT and SHSTK markers in the .note.gnu.property section.

hebasto commented at 11:24 am on August 21, 2024: member

Shouldn’t binutils … also be CET-enabled?

What is a CET-enbled binutils?

Configured with --enable-cet option.

If you mean it supporting CET functionality, then it is new enough.

As for commit 7bf1d7aeaffba15c4f680f93ae88fbef25427252, Guix provides binutils versions 2.38 and 2.33.1. According to the upstream commit history, both versions support Intel CET.

fanquake commented at 11:32 am on August 21, 2024: member

Configured with –enable-cet option.

Similar to glibc, I’m pretty sure this autodetected for some time, but has has been the default behaviour for at least the last ~5 years; so I don’t think we need to do anything here (further evidenced by the fact that there is no binutils such change in #30685).

hebasto commented at 12:32 pm on August 21, 2024: member

I don’t think we need to do anything here

In the current state, the statement from the PR description:

CET is enabled on Linux/x86

is not accurate.

fanquake commented at 10:56 am on August 23, 2024: member

the statement from the PR description: is not accurate.

That text is from the GCC documentation, and in this context, of, the compiler being configured for CET, after configuring with --enable-cet, as far as I’m aware, it is accurate. If you think it isn’t, can you file an issue upstream, and link it here it?

The point of this PR has never been to add any additional metadata to the binaries/make any other changes, the point is just to explictly use the hardening option when configuring our compiler (like we do with other options).

hebasto commented at 12:11 pm on August 26, 2024: member

The point of this PR has never been to add any additional metadata to the binaries/make any other changes, the point is just to explictly use the hardening option when configuring our compiler (like we do with other options).

I see. Perhaps mention in the PR description that the resulting release binaries are not affected?

fanquake force-pushed on Aug 28, 2024

fanquake marked this as a draft on Aug 28, 2024

fanquake force-pushed on Aug 30, 2024

fanquake force-pushed on Sep 3, 2024

fanquake marked this as ready for review on Sep 3, 2024

fanquake added the label DrahtBot Guix build requested on Sep 3, 2024

DrahtBot commented at 3:10 am on September 4, 2024: contributor

Guix builds (on x86_64) [untrusted test-only build, possibly unsafe, not for production use]

File	commit 9cb9651d92ddb5d92724f6a52440601c7a0bbcf8(master)	commit ceb97e80c2ca1ad591754357bda5e7e7770680c9(master and this pull)
SHA256SUMS.part	`f4a2fd47833712e5...`	`a825ff0bcb7f4d96...`
*-aarch64-linux-gnu-debug.tar.gz	`1627798869ce4fc4...`	`e623f4eda03f0c44...`
*-aarch64-linux-gnu.tar.gz	`d1cd4d3c768b53d3...`	`0e6391b89454ba2f...`
*-arm-linux-gnueabihf-debug.tar.gz	`082f7ef3ff9c7698...`	`5491f161cf2d8b11...`
*-arm-linux-gnueabihf.tar.gz	`59722e72ac220a03...`	`cc7bc6faba57dee9...`
*-arm64-apple-darwin-unsigned.tar.gz	`883550fa4abc1b81...`	`9831eec91bc6e115...`
*-arm64-apple-darwin-unsigned.zip	`2eb0d0515d856ade...`	`c62ccb791f8333ca...`
*-arm64-apple-darwin.tar.gz	`14e4af54519f1daa...`	`23c0c0d7513027a0...`
*-powerpc64-linux-gnu-debug.tar.gz	`c21a636b6183c799...`	`fde859b67cff31e4...`
*-powerpc64-linux-gnu.tar.gz	`7fb652d34f82ca40...`	`142cee7e851bf9db...`
*-riscv64-linux-gnu-debug.tar.gz	`e6c6f2d6929dbbcb...`	`1cedee85d6a3dd71...`
*-riscv64-linux-gnu.tar.gz	`d5c81a8b3420f113...`	`9dcc7890e42bdb11...`
*-x86_64-apple-darwin-unsigned.tar.gz	`eb5c89ec2be882f3...`	`f7ab318956ba394e...`
*-x86_64-apple-darwin-unsigned.zip	`dd1dd44181945b36...`	`7650c4fb9453b3dd...`
*-x86_64-apple-darwin.tar.gz	`5d12ea02496af1aa...`	`f648c2b30c78be2b...`
*-x86_64-linux-gnu-debug.tar.gz	`97528f1f3dfd521f...`	`0039834a2b4942cc...`
*-x86_64-linux-gnu.tar.gz	`6b27b650327df233...`	`f1f37d2206cde451...`
*.tar.gz	`267e5b847e6ce416...`	`9c29981ee0e87bde...`
guix_build.log	`67cdab8226b17daa...`	`d83c638276ecdd58...`
guix_build.log.diff		`6144b1985bc9c7d9...`

DrahtBot removed the label DrahtBot Guix build requested on Sep 4, 2024

guix: build Linux GCC with --enable-cet

Similar to #29695, and in the same vein of explicitly configuring
hardening options in our release toolchain.

See https://gcc.gnu.org/install/configure.html:

> Enable building target run-time libraries with control-flow instrumentation,
> see `-fcf-protection option`. When --enable-cet is specified target
> libraries are configured to add `-fcf-protection` and, if needed,
> other target specific options to a set of building options.

> `--enable-cet=auto` is default. CET is enabled on Linux/x86 if target
> binutils supports Intel CET instructions and disabled otherwise.
> In this case, the target libraries are configured to get additional
> `-fcf-protection` option.

89bf11b807

fanquake force-pushed on Sep 13, 2024

fanquake commented at 12:05 pm on September 13, 2024: member

Guix Build:

 094142f4399e6b57ae5d95364685cf545a20e1974eb3e6061e62b77af57e59a6b  guix-build-89bf11b80725/output/aarch64-linux-gnu/SHA256SUMS.part
 11bbbbc9c2818eb6c87a7d7164afc61eee299d8417d986832eb0d503484994f4b  guix-build-89bf11b80725/output/aarch64-linux-gnu/bitcoin-89bf11b80725-aarch64-linux-gnu-debug.tar.gz
 20601f57454694181473f03bc8ff6c6f23f6ff50f38190a9ff42bd351ff739460  guix-build-89bf11b80725/output/aarch64-linux-gnu/bitcoin-89bf11b80725-aarch64-linux-gnu.tar.gz
 310ce23a32f6a21e4dd37cf770fdb20fd7e839b93093e53e54daa081e17f48a68  guix-build-89bf11b80725/output/arm-linux-gnueabihf/SHA256SUMS.part
 4d61682531134d253d6d6e60a2ede9aca4dd1fcbbfc5c5fe5164ccd5c22db13ea  guix-build-89bf11b80725/output/arm-linux-gnueabihf/bitcoin-89bf11b80725-arm-linux-gnueabihf-debug.tar.gz
 51c7ecbe79cd08a5627c6365a40911df248b03a1c54e08657dc5cf047f8c76a25  guix-build-89bf11b80725/output/arm-linux-gnueabihf/bitcoin-89bf11b80725-arm-linux-gnueabihf.tar.gz
 6b03639a4c3ee52797832da2b4013f2bb5264bf27c4f3bd70b08fc83f4167520f  guix-build-89bf11b80725/output/arm64-apple-darwin/SHA256SUMS.part
 7e43604c72c6611386c19eb4a2bde70813938a509ccc94c040725cd93797b9e3d  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin-unsigned.tar.gz
 8e640e9da6b4c1fdf19216e6f3a051b03de7cc9800e08ea80452db964177dc59a  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin-unsigned.zip
 908fb35f409538d588f1e68fe33a6421c65d39ebd0072ec648ebfa0a831dbfc11  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin.tar.gz
1018bd25fb50f2143285102c8e7bcb158da066b634791fcb4cbb4abef4bdaed592  guix-build-89bf11b80725/output/dist-archive/bitcoin-89bf11b80725.tar.gz
11432282fa224f441e681bc8f9f8c8d6d7c03f822a4ff11bf5d5d9b8e91b75f4dd  guix-build-89bf11b80725/output/powerpc64-linux-gnu/SHA256SUMS.part
12fad4bef69045be2b8c976d4762143bbf8473276368dcc73109226b6e44cea76a  guix-build-89bf11b80725/output/powerpc64-linux-gnu/bitcoin-89bf11b80725-powerpc64-linux-gnu-debug.tar.gz
1329a3068abdfb0a6ce6d81c8fef5fc175f7949076dade3edd0e5577b798e7f326  guix-build-89bf11b80725/output/powerpc64-linux-gnu/bitcoin-89bf11b80725-powerpc64-linux-gnu.tar.gz
14e8b029a1aaefd0fec467da6a6065925d846cbc37c7cf096d071d005cf4e1dfb4  guix-build-89bf11b80725/output/riscv64-linux-gnu/SHA256SUMS.part
15c127a343908811b73d5afd819d42bda87cefe597c78532f77da92e79607c57a0  guix-build-89bf11b80725/output/riscv64-linux-gnu/bitcoin-89bf11b80725-riscv64-linux-gnu-debug.tar.gz
16a53290520b66e4b3d5ebf3990ba450c5e0e816dd514fa813536bc0b09e2801c2  guix-build-89bf11b80725/output/riscv64-linux-gnu/bitcoin-89bf11b80725-riscv64-linux-gnu.tar.gz
17c3fa795806d453c5964a675819861be06a36c79141b9fd87f0ae4c17c4dfc652  guix-build-89bf11b80725/output/x86_64-apple-darwin/SHA256SUMS.part
18e379e3ed22697de8e84676d638239af6bf6416c9369c9abb4e0ea247ff7fe8bf  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin-unsigned.tar.gz
19d3eaadf70348f079a3109fabd5e916c4c317c870f9fa0e2886445f78c4e79d18  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin-unsigned.zip
202a36500084f43c73c230755d8af87bbf1f4517f85c706e8398ca10339f0673f6  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin.tar.gz
21281c414f439ccb87f3e312980dc61386133dde7211d795b91c3e634c14625c6a  guix-build-89bf11b80725/output/x86_64-linux-gnu/SHA256SUMS.part
223c9fcb62c1ae11d0357fc944c41be0b8232239aec3d0450108f9b4581cbbf818  guix-build-89bf11b80725/output/x86_64-linux-gnu/bitcoin-89bf11b80725-x86_64-linux-gnu-debug.tar.gz
23c80a51ec513bceb4c8f386a08b19934e0716eb997d3accb04a51901b658c27a0  guix-build-89bf11b80725/output/x86_64-linux-gnu/bitcoin-89bf11b80725-x86_64-linux-gnu.tar.gz
243cd891a700e8e52def38623d6d47e46c349ce39c9db0e97544ddd28e4e891024  guix-build-89bf11b80725/output/x86_64-w64-mingw32/SHA256SUMS.part
2549354ec57dd106709122bfdd440e5b99ee9bcfc25fb0c8933c44bf90b7f7a418  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-debug.zip
267180b305665fbf6a966552df5da5d7b71747a06fabcea45e8707201dfe2a6967  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-setup-unsigned.exe
275378e21154bef8f0f01aaac1042464d6d31d3ef38107d8eb62f28e89772ba76b  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-unsigned.tar.gz
28b69e7431f96a0979bec552cf3d9598d26426810e289916e44697341aef6e2fea  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64.zip

TheCharlatan approved

TheCharlatan commented at 3:47 pm on September 16, 2024: contributor

ACK 89bf11b807252fe5839b5b18742e24568dfe7bbd

Guix build (aarch64)

 094142f4399e6b57ae5d95364685cf545a20e1974eb3e6061e62b77af57e59a6b  guix-build-89bf11b80725/output/aarch64-linux-gnu/SHA256SUMS.part
 11bbbbc9c2818eb6c87a7d7164afc61eee299d8417d986832eb0d503484994f4b  guix-build-89bf11b80725/output/aarch64-linux-gnu/bitcoin-89bf11b80725-aarch64-linux-gnu-debug.tar.gz
 20601f57454694181473f03bc8ff6c6f23f6ff50f38190a9ff42bd351ff739460  guix-build-89bf11b80725/output/aarch64-linux-gnu/bitcoin-89bf11b80725-aarch64-linux-gnu.tar.gz
 310ce23a32f6a21e4dd37cf770fdb20fd7e839b93093e53e54daa081e17f48a68  guix-build-89bf11b80725/output/arm-linux-gnueabihf/SHA256SUMS.part
 4d61682531134d253d6d6e60a2ede9aca4dd1fcbbfc5c5fe5164ccd5c22db13ea  guix-build-89bf11b80725/output/arm-linux-gnueabihf/bitcoin-89bf11b80725-arm-linux-gnueabihf-debug.tar.gz
 51c7ecbe79cd08a5627c6365a40911df248b03a1c54e08657dc5cf047f8c76a25  guix-build-89bf11b80725/output/arm-linux-gnueabihf/bitcoin-89bf11b80725-arm-linux-gnueabihf.tar.gz
 6b03639a4c3ee52797832da2b4013f2bb5264bf27c4f3bd70b08fc83f4167520f  guix-build-89bf11b80725/output/arm64-apple-darwin/SHA256SUMS.part
 7e43604c72c6611386c19eb4a2bde70813938a509ccc94c040725cd93797b9e3d  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin-unsigned.tar.gz
 8e640e9da6b4c1fdf19216e6f3a051b03de7cc9800e08ea80452db964177dc59a  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin-unsigned.zip
 908fb35f409538d588f1e68fe33a6421c65d39ebd0072ec648ebfa0a831dbfc11  guix-build-89bf11b80725/output/arm64-apple-darwin/bitcoin-89bf11b80725-arm64-apple-darwin.tar.gz
1018bd25fb50f2143285102c8e7bcb158da066b634791fcb4cbb4abef4bdaed592  guix-build-89bf11b80725/output/dist-archive/bitcoin-89bf11b80725.tar.gz
11432282fa224f441e681bc8f9f8c8d6d7c03f822a4ff11bf5d5d9b8e91b75f4dd  guix-build-89bf11b80725/output/powerpc64-linux-gnu/SHA256SUMS.part
12fad4bef69045be2b8c976d4762143bbf8473276368dcc73109226b6e44cea76a  guix-build-89bf11b80725/output/powerpc64-linux-gnu/bitcoin-89bf11b80725-powerpc64-linux-gnu-debug.tar.gz
1329a3068abdfb0a6ce6d81c8fef5fc175f7949076dade3edd0e5577b798e7f326  guix-build-89bf11b80725/output/powerpc64-linux-gnu/bitcoin-89bf11b80725-powerpc64-linux-gnu.tar.gz
14e8b029a1aaefd0fec467da6a6065925d846cbc37c7cf096d071d005cf4e1dfb4  guix-build-89bf11b80725/output/riscv64-linux-gnu/SHA256SUMS.part
15c127a343908811b73d5afd819d42bda87cefe597c78532f77da92e79607c57a0  guix-build-89bf11b80725/output/riscv64-linux-gnu/bitcoin-89bf11b80725-riscv64-linux-gnu-debug.tar.gz
16a53290520b66e4b3d5ebf3990ba450c5e0e816dd514fa813536bc0b09e2801c2  guix-build-89bf11b80725/output/riscv64-linux-gnu/bitcoin-89bf11b80725-riscv64-linux-gnu.tar.gz
17c3fa795806d453c5964a675819861be06a36c79141b9fd87f0ae4c17c4dfc652  guix-build-89bf11b80725/output/x86_64-apple-darwin/SHA256SUMS.part
18e379e3ed22697de8e84676d638239af6bf6416c9369c9abb4e0ea247ff7fe8bf  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin-unsigned.tar.gz
19d3eaadf70348f079a3109fabd5e916c4c317c870f9fa0e2886445f78c4e79d18  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin-unsigned.zip
202a36500084f43c73c230755d8af87bbf1f4517f85c706e8398ca10339f0673f6  guix-build-89bf11b80725/output/x86_64-apple-darwin/bitcoin-89bf11b80725-x86_64-apple-darwin.tar.gz
21281c414f439ccb87f3e312980dc61386133dde7211d795b91c3e634c14625c6a  guix-build-89bf11b80725/output/x86_64-linux-gnu/SHA256SUMS.part
223c9fcb62c1ae11d0357fc944c41be0b8232239aec3d0450108f9b4581cbbf818  guix-build-89bf11b80725/output/x86_64-linux-gnu/bitcoin-89bf11b80725-x86_64-linux-gnu-debug.tar.gz
23c80a51ec513bceb4c8f386a08b19934e0716eb997d3accb04a51901b658c27a0  guix-build-89bf11b80725/output/x86_64-linux-gnu/bitcoin-89bf11b80725-x86_64-linux-gnu.tar.gz
243cd891a700e8e52def38623d6d47e46c349ce39c9db0e97544ddd28e4e891024  guix-build-89bf11b80725/output/x86_64-w64-mingw32/SHA256SUMS.part
2549354ec57dd106709122bfdd440e5b99ee9bcfc25fb0c8933c44bf90b7f7a418  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-debug.zip
267180b305665fbf6a966552df5da5d7b71747a06fabcea45e8707201dfe2a6967  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-setup-unsigned.exe
275378e21154bef8f0f01aaac1042464d6d31d3ef38107d8eb62f28e89772ba76b  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64-unsigned.tar.gz
28b69e7431f96a0979bec552cf3d9598d26426810e289916e44697341aef6e2fea  guix-build-89bf11b80725/output/x86_64-w64-mingw32/bitcoin-89bf11b80725-win64.zip

fanquake merged this on Sep 17, 2024

fanquake closed this on Sep 17, 2024

fanquake deleted the branch on Sep 17, 2024

guix: (explicitly) build Linux GCC with --enable-cet #30438

Code Coverage

Reviews

Conflicts

Guix builds (on x86_64) [untrusted test-only build, possibly unsafe, not for production use]

Guix builds (on x86_64) [untrusted test-only build, possibly unsafe, not for production use]

guix: (explicitly) build Linux GCC with `--enable-cet` #30438