Re: Porter roll call for Debian Stretch

To: debian-release@lists.debian.org
Subject: Re: Porter roll call for Debian Stretch
From: Frederic Bonnard <frediz@linux.vnet.ibm.com>
Date: Fri, 26 Aug 2016 14:54:37 +0200
Message-id: <[🔎] 20160826145437.GZ15374@kin.test.toulouse-stg.fr.ibm.com>
In-reply-to: <20160817200526.C683188@bendel.debian.org>
References: <20160817200526.C683188@bendel.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

I am an active porter for the following architectures and I intend
to continue this for the lifetime of the Stretchj release (est. end
of 2020):

For ppc64el, I
- - test most packages on this architecture
- - run a Debian testing or unstable system on port that I use regularly
- - fix arch-related bugs
- - triage d-i bugs
- - test d-i regularly
- - fix d-i bugs/issues

I am a DM.

About -fPIE/-pie, I'd say my packages should be ready to have it enabled by
default, even if, for skiboot package, on Ubuntu (with gcc having pie by
default since 16.04) I had to disable (or it crashed) it with -no-pie because
of assembly code being used for some part and that will not be changed soon by
upstream I guess.
In another package, I had another issue where a static test binary was compiled
with -pie because of hardening and -static, which produced a dynamically linked
executable.. which failed at runtime. I'm not an expert but gcc does not seem
to be ready for static+pie and it didn't complain either about both flags being used
( https://gcc.gnu.org/ml/gcc/2015-06/msg00008.html )

I always add DEB_BUILD_MAINT_OPTIONS = hardening=+all to my packages (else
lintian reports about "hardening-no-pie"), but in default hardening there is no pie,
and I'm not sure all packages do so.
Checking https://lintian.debian.org/tags/hardening-no-pie.html, 
59088 packages have "hardening-no-pie" lintian... so pie doesn't not seem really
tested to me.
As I had 3 issues out of ~10 packages I maintain, I'm unsure of the result on the
whole archive, but it's worth trying.

Frédéric Bonnard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXwDvrAAoJEGt0mPy5s1isGhEP/AwlaXn0BhLsFeW7E3L0H75X
B1gqGAbqGYNx4d8KX1uWX56khwwUh2Wt91ENNttYeUqQL5qm4juts03sRINnrUFD
x1kNJ7nrjTF4Ecc2sICLL/viA7wM95r+KDH4vuSwcr4eiQeTqOWp1zFuIOKlez71
l0cJCKZA+Y7Znz1/Q+53OnREk50rtrT/zf41qqMm7/ZIqXxec4fm+40i4BLAMxVT
RtQUp/xRY4sIwqTP/JlDN1PuIq1HqW992j09C1tBb3Kle/WNo/efG4q3Z9uCi9wn
oFbmrnQO9z757G04nyMsy+u9AetHUeu9JFEYxErXXvZvH/j5JSY7Gd+tqIrQqrHY
bNilGAhFFUsL/1cOB6InohAaj+aIwfzoxiDx9KHV7qiP/TKJONZgs83UCo9AUH+M
kSBuLRt/+xP9yKTIBuQb8G52EoXkH1xnJEE6KUfpEwCeee9lifoNvyabEg+/Hs0j
DKSuS0YXA+tikeEP09m4EbTA8g213TrbvPfojG37ODsOVsZ7IxmFrMvPuDUfZICz
1zJ+olgTr1Ym/WpbSBDbklrtEHXc/Z//lyUTl98Mksn1QT+/Sq1QbiSY7wKqE7ky
PgDLtkjnmF6xO+zQ6/oQJjf8994q6SNQ9yFkkPq1Z15AeqWH83FlIV5zkXJizWzN
42VSValqXtOHkpuLr9Zb
=uobB
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: RE: Porter roll call for Debian Stretch
Next by Date: Re: Porter roll call for Debian Stretch
Previous by thread: RE: Porter roll call for Debian Stretch
Next by thread: Re: Porter roll call for Debian Stretch
Index(es):
- Date
- Thread