rpms/annobin
7
0
Fork 0
Code Issues Pull Requests Releases Activity
528 Commits 7 Branches 60 Tags 6 MiB
01a58912b3
Commit Graph

349 Commits

Author SHA1 Message Date
Nick Clifton
2f21168d4c Annocheck: Add test for binaries built by cross compilers 2022-12-16 08:48:26 +00:00
Nick Clifton
567f2c40ba Add new sources 2022-12-15 11:30:58 +00:00
Nick Clifton
79c88cf669 Avoid using debug filename when parsing notes in a debuginfo file. (#2152280) 2022-12-12 13:36:29 +00:00
Nick Clifton
a943824136 Annocheck: Better detection of binaries which do not contain code. (#2144533) 2022-11-30 10:02:01 +00:00
Nick Clifton
5ed44f97c8 Annocheck: Provide more information when a test is skipped because the file being tested was not compiled. 2022-11-23 14:07:59 +00:00
Nick Clifton
e1f5135ff6 Annocheck: Try harder not to run mutually exclusive tests. 2022-11-07 18:00:03 +00:00
Nick Clifton
48b4264002 Tests: Fix future-test so that it properly handles the situation where the compiler does not support the new options. 2022-10-21 12:41:20 +01:00
Nick Clifton
3ce07632bf Libannocheck: Actually set result fields after tests are run. 2022-10-19 16:11:48 +01:00
Nick Clifton
f85d35312b Libannocheck: Replace libannocheck_version variable with LIBANNOCHECK_VERSION define. 2022-10-17 14:45:49 +01:00
Nick Clifton
0062e138c9 Libannocheck: Remove 'Requires binutils-devel' from libannocheck.pc. 2022-10-11 12:24:53 +01:00
Nick Clifton
5967b15825 libannocheck: Add pkgconfig file 2022-10-04 14:05:30 +01:00
Nick Clifton
b374112889 Libannocheck: Add libannocheck_reinit(). 2022-09-30 15:35:19 +01:00
Nick Clifton
157ed58dce GCC Plugin: Record -ftrivial-auto-var-init and -fzero-call-used-regs. 
Annocheck: Add future tests for  -ftrivial-auto-var-init and -fzero-call-used-regs.
 2022-09-22 16:30:48 +01:00
Nick Clifton
867bb75b55 Clang Plugin: Fix for building with Clang-15. (#2125875) 2022-09-20 13:17:11 +01:00
Nick Clifton
0b1b4157b3 Annocheck: Add a test for the inconsistent use of -Ofast. (#1248744) 2022-09-09 14:51:52 +01:00
Nick Clifton
689378de52 Annocheck: Add a test for the inconsistent use of -Ofast. (#1248744) 2022-09-09 13:47:09 +01:00
Nick Clifton
253c3f05a5 Plugin: Fix top level configuration support for RiscV. 2022-08-11 11:29:10 +01:00
Nick Clifton
8dc50c73e8 Annocheck: Improvements to the size tool. 2022-08-11 10:07:49 +01:00
Nick Clifton
a55206c420 Annocheck: Fixes for libannocheck.h. 2022-07-25 15:44:44 +01:00
Nick Clifton
794d4708ef Annocheck: Add automatic profile selection. 2022-07-05 09:16:59 +01:00
Nick Clifton
4cf5153ba7 Annocheck: Improve gap detection and reporting 2022-07-04 16:18:07 +01:00
Nick Clifton
278aadbc36 Annocheck: Check build-id of separate debuginfo files. 
Annocheck: Add GAPS test replacing --ignore-gaps.
 2022-06-14 10:18:00 +01:00
Nick Clifton
6af1867f17 Annocheck: Fix covscan detected race condition between stat() and open(). 2022-06-09 15:12:55 +01:00
Nick Clifton
d9744eac07 Annocheck: Handle binaries created by Rust 1.18. (#2094420) 
Annocheck: Add optional function name to --skip arguments.  (PR 29229)
 2022-06-07 16:56:59 +01:00
Nick Clifton
6aaecc9f93 Annocheck: Fix handling of command line options that take arguments. (#2086850) 2022-05-17 12:34:14 +01:00
Nick Clifton
f271cd9920 Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64 binaries. (#2078909) 2022-05-16 15:53:08 +01:00
Nick Clifton
1f57bcbc2c gcc-plugin: Fix typo in configure.ac 2022-05-11 14:35:10 +01:00
Nick Clifton
f0bfd1e41e Annocheck: Add another special case for glibc rpms. (#2083070) 2022-05-09 11:07:02 +01:00
Nick Clifton
67f8a8d11a Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64 binaries if compiled using LTO. (#2082146) 2022-05-06 15:00:55 +01:00
Nick Clifton
75736750e6 Annocheck: Add more glibc exceptions + check PT_TLS segments. (#2081131) 2022-05-03 14:09:23 +01:00
Nick Clifton
b464395c19 Annocheck: Do not complain about missing -mbranch-protection option in AArch64 binaries if compiled by golang. 2022-04-22 08:22:06 +01:00
Nick Clifton
2e205722fd Annocheck: Do not complain about missing -mbranch-protection option in AArch64 binaries if compiled in LTO mode. 2022-04-13 09:35:37 +01:00
Nick Clifton
e0ddeb63a3 10.65: gcc-plugin: Add support for CLVC_INTEGER 2022-04-12 17:53:12 +01:00
Nick Clifton
098cf0d690 Annocheck: Even more special cases for AArch64 glibc on RHEL-8. (#2072082) 2022-04-06 12:58:19 +01:00
Nick Clifton
3de80672fa Annocheck: Add more special cases for AArch64 glibc on RHEL-8. (#2072082) 2022-04-06 12:19:52 +01:00
Nick Clifton
d4466f7406 Fix thinko in llvm plugin sources 2022-04-05 14:04:16 +01:00
Nick Clifton
eceb178173 remap OPT_Wall 2022-04-02 09:31:20 +01:00
Nick Clifton
c2186bc772 10.60: Add support for building using meson+ninja. 2022-03-31 13:41:14 +01:00
Nick Clifton
8ee18a899b Fix bug in annocheck's AArch64 property note test. 2022-03-30 11:49:43 +01:00
Nick Clifton
14685185f1 gcc-plugin: Do not issue warning messages for autoconf generated source files. (#2009958) 2022-03-14 11:53:08 +00:00
Nick Clifton
c712a9f799 Annocheck: Update documentation and fix typo in annocheck. (#2061291) 2022-03-07 12:30:17 +00:00
Nick Clifton
c9b3e0dcfe Annocheck: Add option to enable/disable following symbolic links. 2022-03-04 17:29:15 +00:00
Nick Clifton
d6d59a73a8 Always identify Rust binaries, even if built on a host that does not know about Rust. 
Resolves: #2057737
 2022-02-28 11:53:01 +00:00
Nick Clifton
41efc42594 annocheck: skip PIE and PIC tests for GO binaries 2022-02-11 15:26:15 +00:00
Nick Clifton
21338bea37 Borrow a patch from the GCC package to stop libtool from inserting needless runpaths into binaries. (#2030667) 2022-01-27 16:56:19 +00:00
Nick Clifton
9cdecda9e3 gcc-plugin: Use canonical_option field of save_decoded_options array. (#2047148) 2022-01-27 13:09:45 +00:00
Nick Clifton
8e76478b1d Annocheck: Add an option to disable the use of debuginfod (if available). 
Annocheck: Add more glibc special file names.
Annocheck: Skip some tests for BPF binaries.
 2022-01-25 15:42:19 +00:00
Nick Clifton
a6710fda16 Annocheck: Add another glibc static library symbol. (#2043047) 2022-01-20 16:20:57 +00:00
Nick Clifton
4852d3d782 Annocheck: Skip property note test for GO binaries. (#204300) 2022-01-20 15:18:08 +00:00
Nick Clifton
557b866dd0 GCC Plugin: Do not fail if a section cannot be attached to a group. 2022-01-17 14:38:17 +00:00
Nick Clifton
a6ef977e8b GCC Plugin: Only default to link-once when using gcc-12 or later. (#2039297) 2022-01-14 09:48:30 +00:00
Nick Clifton
244433eec3 GCC Plugin: Replace CLVC_BOOLEAN with CLVC_BIT_SET/CLVC_BIT_CLEAR. 2022-01-10 09:33:18 +00:00
Nick Clifton
a14426ce95 Annocheck: Add even more glibc function names. (#2037333) 2022-01-07 15:09:37 +00:00
Nick Clifton
ee78766bff Annocheck: ARM: Do not fail tests that rely upon annobin notes. 2022-01-07 14:10:23 +00:00
Nick Clifton
0000a56eab Annocheck: Extend list of known glibc functions. (#2037333) 2022-01-05 15:38:48 +00:00
Nick Clifton
1e262d15b3 - Annocheck: Ignore gaps that contain the _start symbol (for AArch64). (#1995224) 
- Annocheck: Ignore more glibc special binaries.  (#2037220)
 2022-01-05 12:06:02 +00:00
Nick Clifton
b4ba4e0d3c Annocheck: Do not complaining about missing stack clash notes if the compilation used LTO. (#2034946) 2022-01-04 11:42:27 +00:00
Nick Clifton
ec8f2b145d - Annocheck: Add /usr/lib/ld-linux-aarch64.so.1 to the list of known glibc binaries. (#2033255) 
- Doc: Note that ENDBR is only needed as the landing pad for indirect branches/calls.  (#28705)
- Spec File: Store full	gcc version release string in plugin info file.  (#2030671)
 2021-12-17 15:46:16 +00:00
Nick Clifton
15b34fde9c Fix for RHEL-7 2021-12-14 17:55:37 +00:00
Nick Clifton
7c94cb66cc Annocheck: Do not complaining about missing -mstackrealign notes in LTO mode. (#2030298) 2021-12-14 10:04:35 +00:00
Nick Clifton
0c278a5d73 GCC Plugin: Do not record missing -mstackrealign in LTO mode. (#2030298) 2021-12-13 17:54:33 +00:00
Nick Clifton
0e6be40a3c Tests: Fix fortify and debuginfod tests to use newly built annobin plugin. 2021-12-13 13:41:04 +00:00
Nick Clifton
d83b796c87 Tests: Fix gaps and stat tests to use newly built annobin plugin. (#2028063) 2021-12-06 17:49:41 +00:00
Nick Clifton
ce231f4bd9 Tests: Fix gaps and stat tests to use newly built annobin plugin. (#2028063) 2021-12-06 14:43:50 +00:00
Nick Clifton
c7d76e06c2 Annocheck: Ignore gaps in binaries at least partial built by golang. 
Resolves: #2028583
 2021-12-06 12:19:06 +00:00
Nick Clifton
c99cca3ac4 Annocheck: Allow spaces in golang symbols. 2021-12-02 15:38:52 +00:00
Nick Clifton
3bf68f34bb Initial checkin of libannocheck 2021-12-01 15:53:49 +00:00
Nick Clifton
14b9ff320e gcc-plugin: Fix bug creating empty attachments. 
Annocheck: Change MAYB result to SKIP for DT_RPATH.  (#2026300)
 2021-11-24 14:03:50 +00:00
Nick Clifton
9fd7a9a7dc Annocheck: Skip missing fortify/warning notes for ARM32. 2021-11-19 12:25:11 +00:00
Nick Clifton
ddf58cca97 gcc-plugin: Try another fix for ppc64le section grouping. (#2023437) 2021-11-18 13:29:22 +00:00
Nick Clifton
cfbdb08f28 gcc-plugin: Revert 10.22 change. (#2023437) 2021-11-16 17:01:20 +00:00
Nick Clifton
5faade2ad7 Add support for more special glibc functions. 
Fix building LLVM and Clang plugins for the ARM architecture.
 2021-11-16 11:14:14 +00:00
Nick Clifton
92c34892f6 Annocheck: Add a test for unicode characters in identifiers. 2021-11-08 13:47:26 +00:00
Nick Clifton
18219884f1 gcc-plugin: Default to link-order grouping for PPC64LE. (#2016458) 2021-10-27 11:10:47 +01:00
Nick Clifton
ee53f9336e Annocheck: Do not fail if a --skip-<name> option does not match a known test. 
ldconfig-test: Skip the LTO check.
 2021-10-26 15:58:02 +01:00
Nick Clifton
7add09b73e Annocheck: Add more glibc function names. 2021-10-26 08:28:59 +01:00
Nick Clifton
7f58204567 gcc-plugin: Fix attaching the .text section to the .text.group section. 2021-10-21 13:48:54 +01:00
Nick Clifton
0bd26e8615 Complain about DT_RPATH for Fedora binaries. 2021-10-20 17:49:04 +01:00
Nick Clifton
3f7c00bf57 Better reporting of problems in object files. 
Resolves: #2013708
 2021-10-18 16:17:25 +01:00
Nick Clifton
0c5b1fec47 Fix configuring annocheck without gcc-plugin. 
- Annocheck: Better reporting of debuginfod problems.
- Tests: Fix bugs in debuginfod test.
 2021-10-14 20:04:48 +01:00
Nick Clifton
8477e1751d Annocheck: Add tests based upon recent bug fixes. 2021-10-13 11:55:02 +01:00
Nick Clifton
f1b2a85f11 Annocheck: Fix memory corruptions when using --debug-path and when a corrupt note is found. 
Resolves: #2011438
 2021-10-08 16:25:13 +01:00
Nick Clifton
f25c7c2336 Annocheck: Fix MAYB results for mixed GO/C files. 
Annocheck: Move some messages from VERBOSE to VERBOSE2.
Annocheck: Scan zero-length tool notes.
 2021-10-08 14:15:39 +01:00
Nick Clifton
efe8b5622b Annocheck: Fix covscan detected flaws. 
plugins: Add more required build options.
 2021-10-06 10:59:43 +01:00
Nick Clifton
c27947f871 Annocheck: Fix cf-prot test to fail if the CET notes are missing. 
Annocheck: Skip gaps in the .plt section.
Plugins: Add -g option when building LLVM and Clang.
 2021-10-05 14:28:09 +01:00
Nick Clifton
37b5de8c9b Annocheck: Add more cases of glibc startup functions. 2021-10-04 15:26:35 +01:00
Nick Clifton
5f79645f58 - Annocheck: Fix covscan detected problems. 
- Annocheck: Add --profile=el8.
- gcc-plugin: Conditionalize generation of branch protection note.
 2021-10-01 13:11:12 +01:00
Nick Clifton
da3ba09492 Annocheck: Ignore gaps containing NOP instructions. 2021-09-29 13:12:12 +01:00
Nick Clifton
c62bd663ec GCC Plugin: Fix detection of running inside the LTO compiler. (#2004917) 2021-09-16 15:06:57 +01:00
Nick Clifton
ee93527317 Annocheck: Do not insist on the DT_AARCH64_PAC_PLT flag being present in AArch64 binaries. 2021-09-15 15:00:18 +01:00
Nick Clifton
0aa5d1ce55 Annocheck: With gaps at the start/end of the .text section, check for special symbols before displaying a MAYB result. 2021-09-15 12:09:38 +01:00
Nick Clifton
a99d618d38 Annocheck: Do not set CFLAGS/LDFLAGS when building. Take from environment instead. 2021-09-15 10:43:42 +01:00
Nick Clifton
92cb681581 Annocheck: Fix exit code when tests PASS. 2021-09-10 11:08:17 +01:00
Nick Clifton
fe496281b3 - Documentation: Add node for each hardening test. 
- Documentation: Install online.
- Annocheck: Annote FAIL and MAYB results with URL to documentation
- Annocheck: Add --no-urls and --provide-urls options
- Annocheck: Add --help-<tool> option.
 2021-09-09 14:18:24 +01:00
Nick Clifton
9d82370d42 - Annocheck: Fix fuzzing detected failures. 
- Annocheck: Added --profile option.
- Docs: Documented --profile option and rpminspect.yaml.
 2021-09-03 17:55:06 +01:00
Nick Clifton
ba44d58e22 Annocheck: Skip GO/CET checks. Fix fuzzing detected failures. 2021-08-31 15:18:09 +01:00
Nick Clifton
29d70de971 LLVM Plugin: Automatically choose the correct tests to run, based upon the version of Clang installed. (#1997444) 
spec file: Add the installation of the annobon sources into /usr/src/annobin.
 2021-08-25 13:38:58 +01:00
Nick Clifton
1d5918a750 Annocheck: Fix memory corruption. (#1996963) 
spec file: Add the creation of a gcc-plugin version info file in /usr/lib/rpm/redhat.
 2021-08-24 17:16:30 +01:00
Nick Clifton
7a0769e513 Annocheck: Add linker generated function for ppc64le exceptions. (#1981410) 
LLVM Plugin: Allow checks to be selected from the command line.
Annocheck: Examine DW_AT_producer for -flto.
 2021-08-18 11:28:24 +01:00
Nick Clifton
5d4d27dda9 Annocheck: Conditionalize detection of AArch64's PAC+BTI protection. 
Annocheck: Add linker generated function for s390x exceptions.  (#1981410)
 2021-08-17 15:03:42 +01:00