From 26ba227b0b9a9215efc8e0810fa4738950316504 Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Thu, 4 Jan 2018 10:05:29 +0000 Subject: [PATCH] Rebase on 3.1 annobin sources: v3 annobin notes - include ranges so that gaps can be detected. Add recoding of -fstack-clash-protection and -D_GLIBCXX_ASSERTIONS. --- .gitignore | 2 + annobin-empty-input-filename.patch | 19 ---- annobin-lto-filename.patch | 60 ---------- annobin.spec | 39 +++---- funname.patch | 169 ----------------------------- sources | 2 +- 6 files changed, 20 insertions(+), 271 deletions(-) delete mode 100644 annobin-empty-input-filename.patch delete mode 100644 annobin-lto-filename.patch delete mode 100644 funname.patch diff --git a/.gitignore b/.gitignore index 0e4d3df..194876d 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ /annobin-2.4.tar.xz /annobin-2.5.tar.xz /annobin-2.5.1.tar.xz +/annobin-3.0.tar.xz +/annobin-3.1.tar.xz diff --git a/annobin-empty-input-filename.patch b/annobin-empty-input-filename.patch deleted file mode 100644 index fa95df6..0000000 --- a/annobin-empty-input-filename.patch +++ /dev/null @@ -1,19 +0,0 @@ -Binary files annobin.orig/.git/index and annobin-2.5.1/.git/index differ -diff -rup annobin.orig/plugin/annobin.cc annobin-2.5.1/plugin/annobin.cc ---- annobin.orig/plugin/annobin.cc 2017-12-08 10:57:16.555154143 +0000 -+++ annobin-2.5.1/plugin/annobin.cc 2017-12-08 11:00:15.105903652 +0000 -@@ -103,6 +103,14 @@ init_annobin_current_filename (void) - return; - - name = (char *) lbasename (main_input_filename); -+ -+ if (strlen (name) == 0) -+ { -+ /* The name can be empty if we are receiving the source code -+ from a pipe. In this case, we invent our own name. */ -+ name = (char *) "piped_input"; -+ } -+ - if (global_file_name_symbols) - name = strcpy ((char *) xmalloc (strlen (name) + 20), name); - else diff --git a/annobin-lto-filename.patch b/annobin-lto-filename.patch deleted file mode 100644 index ca56954..0000000 --- a/annobin-lto-filename.patch +++ /dev/null @@ -1,60 +0,0 @@ ---- annobin.orig/plugin/annobin.cc 2017-12-11 10:25:28.034276686 +0000 -+++ annobin-2.5.1/plugin/annobin.cc 2017-12-11 10:26:40.964423113 +0000 -@@ -179,6 +179,9 @@ annobin_output_note (const void * name, - { - unsigned i; - -+ if (asm_out_file == NULL) -+ return; -+ - if (type == NT_GNU_BUILD_ATTRIBUTE_FUNC - || type == NT_GNU_BUILD_ATTRIBUTE_OPEN) - { -@@ -512,6 +515,9 @@ annobin_create_function_notes (void * gc - if (! annobin_enable_static_notes) - return; - -+ if (asm_out_file == NULL) -+ return; -+ - annobin_target_specific_function_notes (); - - if (global_stack_prot_option != flag_stack_protect) -@@ -592,7 +598,18 @@ annobin_create_global_notes (void * gcc_ - - if (! annobin_enable_static_notes) - return; -- -+ -+ if (asm_out_file == NULL) -+ { -+ /* This happens during LTO compilation. Compilation is triggered -+ before any output file has been opened. Since we do not have -+ the file handle we cannot emit any notes. On the other hand, -+ the recompilation process will repeat later on with a real -+ output file and so the notes can be generated then. */ -+ annobin_inform (1, "Output file not available - unable to generate notes"); -+ return; -+ } -+ - /* Record global information. - Note - we do this here, rather than in plugin_init() as some - information, PIC status or POINTER_SIZE, may not be initialised -@@ -629,6 +646,7 @@ annobin_create_global_notes (void * gcc_ - /* We need a filename, so invent one. */ - annobin_current_filename = (char *) "unknown_source"; - } -+ - if (global_file_name_symbols) - fprintf (asm_out_file, ".global %s\n", annobin_current_filename); - fprintf (asm_out_file, ".type %s STT_OBJECT\n", annobin_current_filename); -@@ -718,6 +736,9 @@ annobin_create_loader_notes (void * gcc_ - if (! annobin_enable_dynamic_notes) - return; - -+ if (asm_out_file == NULL) -+ return; -+ - if (annobin_enable_stack_size_notes && annobin_total_static_stack_usage) - { - annobin_inform (1, "Recording total static usage of %ld", annobin_total_static_stack_usage); diff --git a/annobin.spec b/annobin.spec index 9fec592..05bfa0a 100644 --- a/annobin.spec +++ b/annobin.spec @@ -1,7 +1,7 @@ Name: annobin Summary: Binary annotation plugin for GCC -Version: 2.5.1 -Release: 5%{?dist} +Version: 3.1 +Release: 1%{?dist} License: GPLv3+ URL: https://fedoraproject.org/wiki/Toolchain/Watermark @@ -13,31 +13,20 @@ URL: https://fedoraproject.org/wiki/Toolchain/Watermark Source: https://nickc.fedorapeople.org/annobin-%{version}.tar.xz # For the latest sources use: git clone git://sourceware.org/git/annobin.git -# Purpose: Fixes the generation of illegal assembler symbol names when -# working with unmangled function names. -# Lifetime: Fixed in 2.5.2 -Patch1: funname.patch - -# Purpose: Fixes a bug where an empty string would be used as an assembler -# symbol name because the source input was being read from a pipe. -# Lifetime: Fixed in 2.5.2 -Patch2: annobin-empty-input-filename.patch - -# Purpose: Fixes a bug where compiling with LTO enabled would result in the -# plugin being called with no output file handle available. -# Lifetime: Fixed in 2.5.2 -Patch3: annobin-lto-filename.patch - - # This is a gcc plugin, hence gcc is required. Requires: gcc BuildRequires: gcc-plugin-devel pkgconfig %description -A plugin for GCC that records extra information in the files that it compiles. -This information can be used to analyze the files, and provide the loader -with extra information about the requirements of the loaded file. +A plugin for GCC that records extra information in the files that it compiles, +and a set of scripts that analyze the recorded information. These scripts can +determine things ABI clashes in compiled binaries, or the absence of required +hardening options. + +Note - the plugin is enabled in gcc builds via flags provided by the +redhat-rpm-macros package, and the analysis tools rely upon the readelf program +from the binutils package. #--------------------------------------------------------------------------------- %if %{with tests} @@ -58,7 +47,10 @@ of the resulting files. %prep %autosetup -p1 -# Touch the configure files so that they are not regenerated. +# The plugin has to be configured with the same arcane configure +# scripts used by gcc. Hence we must not allow the Fedora build +# system to regenerate any of the configure files. +touch aclocal.m4 plugin/config.h.in touch configure */configure Makefile.in */Makefile.in %build @@ -86,6 +78,9 @@ make check #--------------------------------------------------------------------------------- %changelog +* Thu Jan 04 2018 Nick Clifton - 3.1-1 +- Rebase on version 3.1 sources. + * Mon Dec 11 2017 Nick Clifton - 2.5.1-5 - Do not generate notes when there is no output file. (#1523875) diff --git a/funname.patch b/funname.patch deleted file mode 100644 index 948453e..0000000 --- a/funname.patch +++ /dev/null @@ -1,169 +0,0 @@ -diff --git a/plugin/aarch64.annobin.cc b/plugin/aarch64.annobin.cc -index ce06b1c..b88ea59 100644 ---- a/plugin/aarch64.annobin.cc -+++ b/plugin/aarch64.annobin.cc -@@ -45,9 +45,11 @@ annobin_target_specific_function_notes (void) - annobin_inform (1, "TLS dialect has changed from %d to %d for %s", - saved_tls_dialect, aarch64_tls_dialect, current_function_name ()); - -- annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_ABI, aarch64_tls_dialect, -- "numeric: ABI: TLS dialect", current_function_name (), -- NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_ABI, aarch64_tls_dialect, -+ "numeric: ABI: TLS dialect", name, -+ NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - - typedef struct -diff --git a/plugin/annobin.cc b/plugin/annobin.cc -index 8e73b24..bb4282f 100644 ---- a/plugin/annobin.cc -+++ b/plugin/annobin.cc -@@ -484,9 +484,11 @@ record_GOW_settings (unsigned int gow, bool local) - if (local) - { - annobin_inform (1, "Record a change in -g/-O/-Wall status for %s", current_function_name ()); -- annobin_output_note (buffer, i + 1, false, "numeric: -g/-O/-Wall", -- current_function_name (), annobin_is_64bit ? 8 : 4, true, -- NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_note (buffer, i + 1, false, "numeric: -g/-O/-Wall", -+ name, annobin_is_64bit ? 8 : 4, true, -+ NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - else - { -@@ -509,17 +511,21 @@ annobin_create_function_notes (void * gcc_data, void * user_data) - annobin_inform (1, "Recording change in stack protection status for %s (from %d to %d)", - current_function_name (), global_stack_prot_option, flag_stack_protect); - -- annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_STACK_PROT, flag_stack_protect, -- "numeric: -fstack-protector status", -- current_function_name (), NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_STACK_PROT, flag_stack_protect, -+ "numeric: -fstack-protector status", -+ name, NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - - if (global_pic_option != compute_pic_option ()) - { - annobin_inform (1, "Recording change in PIC status for %s", current_function_name ()); -- annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_PIC, compute_pic_option (), -- "numeric: pic type", current_function_name (), -- NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_PIC, compute_pic_option (), -+ "numeric: pic type", name, -+ NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - - if (global_GOWall_options != compute_GOWall_options ()) -@@ -528,9 +534,11 @@ annobin_create_function_notes (void * gcc_data, void * user_data) - if (global_short_enums != flag_short_enums) - { - annobin_inform (1, "Recording change in enum size for %s", current_function_name ()); -- annobin_output_bool_note (GNU_BUILD_ATTRIBUTE_SHORT_ENUM, flag_short_enums, -- flag_short_enums ? "bool: short-enums: on" : "bool: short-enums: off", -- current_function_name (), NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_bool_note (GNU_BUILD_ATTRIBUTE_SHORT_ENUM, flag_short_enums, -+ flag_short_enums ? "bool: short-enums: on" : "bool: short-enums: off", -+ name, NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - - -@@ -541,9 +549,11 @@ annobin_create_function_notes (void * gcc_data, void * user_data) - annobin_inform (1, "Recording stack usage of %lu for %s", - current_function_static_stack_size, current_function_name ()); - -- annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_STACK_SIZE, current_function_static_stack_size, -- "numeric: stack-size", current_function_name (), -- NT_GNU_BUILD_ATTRIBUTE_FUNC); -+ const char *name = function_asm_name (); -+ if (name != NULL) -+ annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_STACK_SIZE, current_function_static_stack_size, -+ "numeric: stack-size", name, -+ NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - - annobin_total_static_stack_usage += current_function_static_stack_size; -diff --git a/plugin/annobin.h b/plugin/annobin.h -index 5f8bd64..1957c94 100644 ---- a/plugin/annobin.h -+++ b/plugin/annobin.h -@@ -35,6 +35,7 @@ extern struct plugin_gcc_version gcc_version ATTRIBUTE_UNUSED; - #include - #include - #include -+#include - - #include - -@@ -97,3 +98,15 @@ extern bool annobin_is_64bit; - extern bool annobin_enable_stack_size_notes; - extern unsigned long annobin_total_static_stack_usage; - extern unsigned long annobin_max_stack_size; -+ -+inline const char * -+function_asm_name (void) -+{ -+ if (current_function_decl) -+ { -+ tree name = DECL_ASSEMBLER_NAME (current_function_decl); -+ if (name) -+ return IDENTIFIER_POINTER (name); -+ } -+ return NULL; -+} -diff --git a/plugin/powerpc.annobin.cc b/plugin/powerpc.annobin.cc -index ba85d2d..0057920 100644 ---- a/plugin/powerpc.annobin.cc -+++ b/plugin/powerpc.annobin.cc -@@ -41,11 +41,15 @@ annobin_target_specific_function_notes (void) - if (saved_tls_size == rs6000_tls_size) - return; - -+ const char *name = function_asm_name (); -+ if (name == NULL) -+ return; -+ - annobin_inform (1, "TLS size has changed from %d to %d for %s", -- saved_tls_size, rs6000_tls_size, current_function_name ()); -+ saved_tls_size, rs6000_tls_size, name); - - annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_ABI, rs6000_tls_size, -- "numeric: ABI: TLS size", current_function_name (), -+ "numeric: ABI: TLS size", name, - NT_GNU_BUILD_ATTRIBUTE_FUNC); - } - -diff --git a/plugin/x86_64.annobin.cc b/plugin/x86_64.annobin.cc -index f9c5b03..a03fe94 100644 ---- a/plugin/x86_64.annobin.cc -+++ b/plugin/x86_64.annobin.cc -@@ -63,13 +63,16 @@ annobin_record_global_target_notes (void) - void - annobin_target_specific_function_notes (void) - { -+ const char *name = function_asm_name (); -+ if (name == NULL) -+ return; - if ((unsigned long) ix86_isa_flags != global_x86_isa) - { - annobin_inform (1, "ISA value has changed from %lx to %lx for %s", -- global_x86_isa, ix86_isa_flags, current_function_name ()); -+ global_x86_isa, ix86_isa_flags, name); - - annobin_output_numeric_note (GNU_BUILD_ATTRIBUTE_ABI, ix86_isa_flags, -- "numeric: ABI", current_function_name (), -+ "numeric: ABI", name, - NT_GNU_BUILD_ATTRIBUTE_FUNC); - - if ((unsigned long) ix86_isa_flags < min_x86_isa) diff --git a/sources b/sources index 2f961f9..2bcc04c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (annobin-2.5.1.tar.xz) = 6a276d1adacd699816bd1646a42ced8a73869ee11e91b83672448955a16140ed31e1de05b4075b6493b13f17faf04bd0f0e3196e40a787042639f5047a98336c +SHA512 (annobin-3.1.tar.xz) = 995f7bd7d625d63394c7bddd6ec829146a3329b622f2fc40fca39d3c3d558f4e03980a4b919cbf68f52d7c8944ba0396965f9f2b7acdaf8dc2cc5dbbe8a8bbe3