import annobin-10.54-2.el9

.annobin.metadata

@@ -1 +1 @@
-638e8de1542d8a62e9765d830b65bd2dd547c348 SOURCES/annobin-10.44.tar.xz
+d05ee3d63e94162fd1ad51b7d79a0c7a8638f47c SOURCES/annobin-10.54.tar.xz

.gitignore

@@ -1 +1 @@
-SOURCES/annobin-10.44.tar.xz
+SOURCES/annobin-10.54.tar.xz

SPECS/annobin.spec

@@ -1,8 +1,8 @@
 
 Name:    annobin
 Summary: Annotate and examine compiled binary files
-Version: 10.44
-Release: 1%{?dist}
+Version: 10.54
+Release: 2%{?dist}
 License: GPLv3+
 # Maintainer: nickc@redhat.com
 # Web Page: https://sourceware.org/annobin/
@@ -161,11 +161,11 @@ of the resulting files.
 %package annocheck
 Summary: A tool for checking the security hardening status of binaries
 
-BuildRequires: gcc elfutils elfutils-devel elfutils-libelf-devel rpm-devel binutils-devel
+BuildRequires: gcc elfutils elfutils-devel elfutils-libelf-devel rpm-devel binutils-devel make
 %if %{with debuginfod}
 BuildRequires: elfutils-debuginfod-client-devel
-BuildRequires: make
 %endif
+Requires: cpio rpm
 
 %description annocheck
 Installs the annocheck program which uses the notes generated by annobin to
@@ -178,9 +178,8 @@ hardening options.
 
 %global ANNOBIN_GCC_PLUGIN_DIR %(gcc --print-file-name=plugin)
 
-%{!?llvm_version:%global llvm_version 12.0.1}
-%{!?llvm_plugin_dir:%global llvm_plugin_dir %{_libdir}/llvm/%{llvm_version}}
-%{!?clang_plugin_dir:%global clang_plugin_dir %{_libdir}/clang/%{llvm_version}}
+%{!?llvm_plugin_dir:%global  llvm_plugin_dir  %{_libdir}/llvm/plugins}
+%{!?clang_plugin_dir:%global clang_plugin_dir %{_libdir}/clang/plugins}
 
 %if %{with gccplugin}
 # The next line has been stolen from redhat-rpm-config.spec.
@@ -190,7 +189,7 @@ hardening options.
 %global rrcdir /usr/lib/rpm/redhat
 
 # Information about the gcc plugin is recorded in this file.
-%global aver %{rrcdir}/annobin-plugin-version-info
+%global aver annobin-plugin-version-info
 %endif
 
 #---------------------------------------------------------------------------------
@@ -268,30 +267,24 @@ make -C gcc-plugin clean
 BUILD_FLAGS="-fplugin=%{_tmppath}/tmp_annobin.so"
 
 # Disable the standard annobin plugin so that we do get conflicts.
-# Note: the "-fplugin=annobin" is here, despite the fact that it will also
-# be automatically added to the gcc command line via
-# "-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1" because of a bug in gcc's
-# plugin command line options handling.  GCC will issue an error saying that
-# there is no plugin called "annobin" matching the -fplugin-arg-annobin-disable
-# option, despite the fact that there patently is.
-BUILD_FLAGS="$BUILD_FLAGS -fplugin=annobin -fplugin-arg-annobin-disable"
+OPTS="$(rpm --eval '%undefine _annotated_build %build_cflags %build_ldflags')"
 
 # If building on RHEL7, enable the next option as the .attach_to_group
 # assembler pseudo op is not available in the assembler.
 # BUILD_FLAGS="$BUILD_FLAGS -fplugin-arg-tmp_annobin-no-attach"
 
-make -C gcc-plugin CXXFLAGS="%{optflags} $BUILD_FLAGS"
+make -C gcc-plugin CXXFLAGS="$OPTS $BUILD_FLAGS"
 rm %{_tmppath}/tmp_annobin.so
 %endif
 
 %if %{with clangplugin}
 cp clang-plugin/annobin-for-clang.so %{_tmppath}/tmp_annobin.so
-make -C clang-plugin all CXXFLAGS="%{optflags} $BUILD_FLAGS"
+make -C clang-plugin all CXXFLAGS="$OPTS $BUILD_FLAGS"
 %endif
 
 %if %{with llvmplugin}
 cp llvm-plugin/annobin-for-llvm.so %{_tmppath}/tmp_annobin.so
-make -C llvm-plugin all CXXFLAGS="%{optflags} $BUILD_FLAGS"
+make -C llvm-plugin all CXXFLAGS="$OPTS $BUILD_FLAGS"
 %endif
 
 %endif
@@ -310,14 +303,10 @@ mv %{buildroot}/%{llvm_plugin_dir}/annobin-for-clang.so %{buildroot}/%{clang_plu
 
 %if %{with gccplugin}
 # Record the version of gcc that built this plugin.
-mkdir -p                      %{buildroot}%{rrcdir}
-rm -f                         %{buildroot}%{aver}
 # Note - we cannot just store %%{gcc_vr} as sometimes the gcc rpm version changes
 # without the NVR being altered.  See BZ #2030671 for more discussion on this.
-echo `rpm --query gcc --queryformat '%{version}-%{release}'` > %{buildroot}%{aver}
-# Provide a more complete version information string on the second line.
-# This is not used by the comparison logic, but makes the file more useful to humans.
-echo "%{ANNOBIN_GCC_PLUGIN_DIR}/annobin.so.0.0.0 was built by gcc version %{gcc_vr} from the %{version} sources" >> %{buildroot}%{aver}
+mkdir -p                             %{buildroot}/%{ANNOBIN_GCC_PLUGIN_DIR}
+cat `gcc --print-file-name=rpmver` > %{buildroot}/%{ANNOBIN_GCC_PLUGIN_DIR}/%{aver}
 
 # Also install a copy of the sources into the build tree.
 mkdir -p                            %{buildroot}%{annobin_source_dir}
@@ -361,8 +350,10 @@ fi
 %endif
 
 %if %{with gccplugin}
-%{ANNOBIN_GCC_PLUGIN_DIR}
-%{aver}
+%{ANNOBIN_GCC_PLUGIN_DIR}/annobin.so
+%{ANNOBIN_GCC_PLUGIN_DIR}/annobin.so.0
+%{ANNOBIN_GCC_PLUGIN_DIR}/annobin.so.0.0.0
+%{ANNOBIN_GCC_PLUGIN_DIR}/%{aver}
 %{annobin_source_dir}/latest-annobin.tar.xz
 %endif
 
@@ -377,6 +368,41 @@ fi
 #---------------------------------------------------------------------------------
 
 %changelog
+* Tue Feb 15 2022 Nick Clifton  <nickc@redhat.com> - 10.54-2
+- Spec File: Use a different method to disable the annobin plugin  (#2054571)
+
+* Mon Feb 14 2022 Nick Clifton  <nickc@redhat.com> - 10.54-1
+- Annocheck: Accept static GO binaries.  (#2053606)
+
+* Fri Feb 11 2022 Nick Clifton  <nickc@redhat.com> - 10.53-2
+- NVR bump to allow rebuilding against latest gcc.  (#2053507)
+
+* Fri Jan 28 2022 Nick Clifton  <nickc@redhat.com> - 10.53-1
+- gcc-plugin: Fix libtool so that extraneous runpaths are not added to the plugin.  (#2047356)
+- gcc-plugin: Use canonical_option field of save_decoded_options array. (#2047148)
+
+* Tue Jan 25 2022 Nick Clifton  <nickc@redhat.com> - 10.51-1
+- Annocheck: Add an option to disable the use of debuginfod (if available).
+- Annocheck: Add more glibc special file names.
+- Annocheck: Skip some tests for BPF binaries.  (#2044897)
+
+* Mon Jan 24 2022 Nick Clifton  <nickc@redhat.com> - 10.50-1
+- Annocheck: Skip property note test for GO binaries.  (#204300)
+- Annocheck: Add another glibc static library symbol.  (#2043047)
+- Spec File: Use gcc --print-file-name=rpmver for the gcc version info.
+    
+* Mon Jan 17 2022 Nick Clifton  <nickc@redhat.com> - 10.48-1
+- GCC Plugin: Do not fail if a section cannot be attached to a group.
+
+* Wed Jan 12 2022 Nick Clifton  <nickc@redhat.com> - 10.47-1
+- Annocheck: Improve detection of kernel modules.
+- GCC Plugin: Only default to link-once when using gcc-12 or later.  (#2039297)
+
+* Wed Jan 12 2022 Nick Clifton  <nickc@redhat.com> - 10.46-1
+- Annocheck: Add option to disable instrumentation test.
+- GCC Plugin: Fix building with gcc-12.
+- Spec file: Add requirement on cpio for annocheck.  (#2039747)
+
 * Fri Jan 07 2022 Nick Clifton  <nickc@redhat.com> - 10.44-1
 - Annocheck: Add even more glibc function names. (#2037333)
 - Annocheck: ARM: Do not fail tests that rely upon annobin notes.