rpms/annobin
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:gcc13-test
rpms:epel7
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:f27
...
pull from: rpms:epel7
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:gcc13-test
rpms:epel7
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:f27
Sign in to create a new pull request.

29 commits
rawhide ... epel7

Author SHA1 Message Date
Nick Clifton
0243a53cf1 Rebase to 10.94 2022-12-06 12:45:29 +00:00
Nick Clifton
e14a54023c Annocheck: Reverse AArch64 PAC+BTI check, ie fail if they are enabled. (#1984995) 2021-07-23 13:48:26 +01:00
Nick Clifton
439eb59b5a Annocheck: Add some more test exceptions. 
Tests: Skip glibc-notes test if the assembler does not support --generate-missing-build-notes.  (#1978573)
 Tests: Skip objcopy test if objcopy does not support --merge-notes.
 Annocheck: Fix spelling mistake in -mstack-realign failure message.  (#1977349)
 gcc-plugin: Do not record global versions of stack protection settings in LTO mode, if not set.  (#1958954)
 Annocheck: Remove limit on number of input files.
 clang/llvm plugins: Build with correct security options.
 Annocheck: Better detection of GO compiler version.
 Annocheck: Better support for symbolic links.
 Annocheck: In verbose mode, report the reason for skipping specific tests.  (#1969584)
 Annocheck: Improve detection of shared libraries.  (#1958954)
 Annocheck: Accept 0 as a valid number for gcc minor versions and release numbers.
 gcc-plugin: Add support for ARM and RISCV targets.
 2021-07-13 15:54:45 +01:00
Nick Clifton
271c365301 Rebase to 9.71 2021-05-05 17:13:58 +01:00
Nick Clifton
9b1cf0ac0a Annocheck: Fix detection of special function names. (#1934189) 
Annocheck: FAIL the deliberate use of -fno-stack-protector, but add some exceptions for glibc.  (#1923439)
Annocheck: Add colour to some messages.  Skip the deliberate use of -fno-stack-protector.  (#1923439)
Annocheck: Fix some problems with tests for missing notes.
Add some GO tests to annocheck.
 2021-03-03 10:15:20 +00:00
Nick Clifton
86a3a8bd6c Update to annobin 9.59. 2021-01-20 11:02:37 +00:00
Nick Clifton
a993166697 - Annocheck: Disable reporting future fails by default. 
- GCC plugin: Always record global notes for the .text.startup,
  .text.exit, .text.hot and .text.cold sections.
- Clang plugin: Add -lLLVM to the build command line.
- Annocheck: Improve reporting of missing -D_FORTIFY_SOURCE option.  (#1898075)
- Annocheck: Improve reporting of missing LTO option.
 2020-11-24 10:40:46 +00:00
Nick Clifton
3d3314b171 - Annocheck: Disable reporting future fails by default. 
- GCC plugin: Always record global notes for the .text.startup,
  .text.exit, .text.hot and .text.cold sections.
- Clang plugin: Add -lLLVM to the build command line.
- Annocheck: Improve reporting of missing -D_FORTIFY_SOURCE option.  (#1898075)
- Annocheck: Improve reporting of missing LTO option.
 2020-11-24 10:34:31 +00:00
Nick Clifton
f3a331eebb annocheck: Add handling of gimple compiled files 2020-11-10 16:56:26 +00:00
Nick Clifton
11072fae9d Rebase to 9.39. Might fix 1894849. 2020-11-09 11:50:35 +00:00
Nick Clifton
cc072d4bd7 Annocheck: Detect Fortran compiled programs. (#1824393) 2020-04-16 16:28:16 +01:00
Nick Clifton
855edcbf90 Annobin: If option name mismatch occurs, seach for the real option. (#1817452) 2020-04-01 14:06:02 +01:00
Nick Clifton
26adffdbef Annocheck: Fix a division by zero error when parsing GO binaries. 
Resolves: #1818863
 2020-03-30 17:09:25 +01:00
Nick Clifton
3cafbe58a0 Fix bug in previous delta 2020-03-27 13:05:36 +00:00
Nick Clifton
4663ff1030 Use offsets stored in gcc's cl_option structure to access the global_options array, thus removing the need to check for changes in the size of this structure. 
Rename gcc plugin directory to gcc-plugin.
Stop annocheck from complaining about missing options when the binary has been built in a mixed environment.
 2020-03-26 15:55:15 +00:00
Nick Clifton
3eef7e6661 oops forgot to attach the new sources 2020-03-04 16:14:18 +00:00
Nick Clifton
d0a036a8b7 Rebase to 9.12: 
- Improve builtby tool.
- Stop annocheck complaining about missing notes when the binary is not compiled by either gcc or clang.
- Skip the check of the ENTRY instruction for binaries not compiled by gcc or clang.  (#1809656)
- Fix infinite loop hangup in annocheck.
- Disable debuginfod support by default.
- Improve parsing of .comment section.
- Fix clang plugin to use hidden symbols.
- Add ability to build clang plugin (disabled by default).
- Annocheck: Fix error printing out the version number.
- Annobin: Add checks of the exact location of the examined switches.
- Annobin: Note when stack clash notes are generated.
- Annocheck: Handle multiple builder IDs in the .comment section.
- Add configure option to suppress building annocheck.
- Fix debuginfod test.
- Correct the build requirement for building with debuginfod support.
- Add debuginfod support.
- Add clang plugin (experimental).
- Have annocheck ignore notes with an end address of 0.
- Improve checking of gcc versions.
 2020-03-04 15:59:46 +00:00
Nick Clifton
47f4a8291b Annocheck: Do not skip positive results. 2019-11-15 15:52:12 +00:00
Nick Clifton
977cc84ccc Generate a WARN result for code compiled with instrumentation enabled. (#1753918) 
Replace address checks with dladdr1.
Use libabigail like checking to ensure variable address consistency.
Skip generation of global notes for hot/cold sections.
Generate FAIL results if -Wall or -Wformat-security are missing.
If notes cannot be found in the executable look for them in the debuginfo file, if available.
Generate a FAIL if notes are missing from the executable/debuginfo file.
Record and report the setting of the AArcht64 specific -mbranch-protection option.
 2019-11-04 11:14:19 +00:00
Nick Clifton
8d3f94b691 Improve detection of GO binaries. 
Add gcc version information to annobin notes.
Do not complain about missing FORTIFY_SOURCE and GLIBCXX_ASSERTIONS in LTO compilations.
 2019-09-23 13:32:26 +01:00
Nick Clifton
377a58266a Fix a memory allocation error in the annobin plugin. 
Resolves: #1737306
 2019-08-06 15:46:48 +01:00
Nick Clifton
4b5387cb51 commit upload of new sources 2019-06-25 11:41:56 +01:00
Nick Clifton
b24746f6fc Another attempt at fixing the detection and reporting of missing -D_FORTIFY_SOURCE options. 
Relates: #1703500
 2019-06-25 11:33:00 +01:00
Nick Clifton
eaa961160a Bump NVR to enable a rebuild. 2019-06-18 12:51:00 +01:00
Nick Clifton
837f125eba Report a missing -D_FORTIFY_SOUCRE option if -D_GLIBCXX_ASSERTIONS was detected. (#1703499) 
Do not report problems with -fstack-protection if the binary was not built by gcc or clang.  (#1703788)
 Add tests of clang command line options recorded in the DW_AT_producer attribute.
 2019-06-18 12:50:02 +01:00
Nick Clifton
135fe88170 Report a missing -D_FORTIFY_SOUCRE option if -D_GLIBCXX_ASSERTIONS was detected. (#1703499) 
Do not report problems with -fstack-protection if the binary was not built by gcc or clang.  (#1703788)
Add tests of clang command line options recorded in the DW_AT_producer attribute.
 2019-05-15 11:50:38 +01:00
Nick Clifton
837a4b187a Fix test for an executable stack segment. 
Resolves: #1700924
 2019-04-24 14:14:53 +01:00
Nick Clifton
90aeb100cd Fixed spec file to build on RHEL 7. 2019-04-12 16:13:18 +01:00
Nick Clifton
3be2dded72 Initial checkin of the annobin package for the EPEL7 branch. Based on annobin 8.71. 2019-04-12 15:00:17 +01:00
4 changed files with 1273 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
.gitignore vendored
View file

@ -0,0 +1,23 @@
/annobin-8.71.tar.xz
/annobin-8.73.tar.xz
/annobin-8.76.tar.xz
/annobin-8.77.tar.xz
/annobin-8.78.tar.xz
/annobin-8.81.tar.xz
/annobin-8.89.tar.xz
/annobin-8.90.tar.xz
/annobin-9.12.tar.xz
/annobin-9.14.tar.xz
/annobin-9.17.tar.xz
/annobin-9.18.tar.xz
/annobin-9.19.tar.xz
/annobin-9.20.tar.xz
/annobin-9.39.tar.xz
/annobin-9.41.tar.xz
/annobin-9.46.tar.xz
/annobin-9.59.tar.xz
/annobin-9.64.tar.xz
/annobin-9.71.tar.xz
/annobin-9.81.tar.xz
/annobin-9.83.tar.xz
/annobin-10.94.tar.xz

1228
annobin.spec Normal file
View file

File diff suppressed because it is too large Load diff

21
annocheck-no-build-with-plugin.patch Normal file
View file

@ -0,0 +1,21 @@
diff -rup annobin.orig/annocheck/Makefile.am annobin-9.81/annocheck/Makefile.am
--- annobin.orig/annocheck/Makefile.am 2021-07-13 15:47:16.345084083 +0100
+++ annobin-9.81/annocheck/Makefile.am 2021-07-13 15:48:12.145778656 +0100
@@ -9,4 +9,4 @@ bin_PROGRAMS = annocheck
annocheck_SOURCES = annocheck.c timing.c size.c notes.c hardened.c built-by.c annocheck.h ../annobin-global.h
annocheck_LDADD = -lelf -ldw $(RPMLIBS) -liberty $(LIBDEBUGINFOD)
annocheck_LDFLAGS = -Wl,-z,now
-annocheck_CFLAGS = -O2 -ansi -g -Wall -Werror -fpie -D_FORTIFY_SOURCE=2 -fplugin=annobin -fstack-protector-strong
+annocheck_CFLAGS = -O2 -ansi -g -Wall -Werror -fpie -D_FORTIFY_SOURCE=2 -fstack-protector-strong
diff -rup annobin.orig/annocheck/Makefile.in annobin-9.81/annocheck/Makefile.in
--- annobin.orig/annocheck/Makefile.in 2021-07-13 15:47:16.345084083 +0100
+++ annobin-9.81/annocheck/Makefile.in 2021-07-13 15:48:24.098713222 +0100
@@ -334,7 +334,7 @@ AUTOMAKE_OPTIONS = no-dependencies
annocheck_SOURCES = annocheck.c timing.c size.c notes.c hardened.c built-by.c annocheck.h ../annobin-global.h
annocheck_LDADD = -lelf -ldw $(RPMLIBS) -liberty $(LIBDEBUGINFOD)
annocheck_LDFLAGS = -Wl,-z,now
-annocheck_CFLAGS = -O2 -ansi -g -Wall -Werror -fpie -D_FORTIFY_SOURCE=2 -fplugin=annobin -fstack-protector-strong
+annocheck_CFLAGS = -O2 -ansi -g -Wall -Werror -fpie -D_FORTIFY_SOURCE=2 -fstack-protector-strong
all: all-am
.SUFFIXES:

1
sources
View file

@ -0,0 +1 @@
SHA512 (annobin-10.94.tar.xz) = da6cee60c5640ed30ee8c359e0f0450cafd41164a0136144350216403347de90e8ed417b370007f444eba202dcd45e13639c4defcf4e6da90337d4d65f3e2187