0bd26e8615
Complain about DT_RPATH for Fedora binaries.
2021-10-20 17:49:04 +01:00
3f7c00bf57
Better reporting of problems in object files.
...
Resolves : #2013708
2021-10-18 16:17:25 +01:00
7bc94a3f7c
Add a requirement on llvm-libs for clang and llvm plugins.
...
Resolves : #2014573
2021-10-18 14:24:09 +01:00
0c5b1fec47
Fix configuring annocheck without gcc-plugin.
...
- Annocheck: Better reporting of debuginfod problems.
- Tests: Fix bugs in debuginfod test.
2021-10-14 20:04:48 +01:00
ab631794b6
Fix merge issues.
2021-10-13 11:56:58 +01:00
8477e1751d
Annocheck: Add tests based upon recent bug fixes.
2021-10-13 11:55:02 +01:00
825be9a6a2
Rebuild for llvm-13.0.0
2021-10-12 16:29:18 +00:00
f1b2a85f11
Annocheck: Fix memory corruptions when using --debug-path and when a corrupt note is found.
...
Resolves : #2011438
2021-10-08 16:25:13 +01:00
f25c7c2336
Annocheck: Fix MAYB results for mixed GO/C files.
...
Annocheck: Move some messages from VERBOSE to VERBOSE2.
Annocheck: Scan zero-length tool notes.
2021-10-08 14:15:39 +01:00
efe8b5622b
Annocheck: Fix covscan detected flaws.
...
plugins: Add more required build options.
2021-10-06 10:59:43 +01:00
c27947f871
Annocheck: Fix cf-prot test to fail if the CET notes are missing.
...
Annocheck: Skip gaps in the .plt section.
Plugins: Add -g option when building LLVM and Clang.
2021-10-05 14:28:09 +01:00
37b5de8c9b
Annocheck: Add more cases of glibc startup functions.
2021-10-04 15:26:35 +01:00
5f79645f58
- Annocheck: Fix covscan detected problems.
...
- Annocheck: Add --profile=el8.
- gcc-plugin: Conditionalize generation of branch protection note.
2021-10-01 13:11:12 +01:00
da3ba09492
Annocheck: Ignore gaps containing NOP instructions.
2021-09-29 13:12:12 +01:00
c62bd663ec
GCC Plugin: Fix detection of running inside the LTO compiler. ( #2004917 )
2021-09-16 15:06:57 +01:00
ee93527317
Annocheck: Do not insist on the DT_AARCH64_PAC_PLT flag being present in AArch64 binaries.
2021-09-15 15:00:18 +01:00
0aa5d1ce55
Annocheck: With gaps at the start/end of the .text section, check for special symbols before displaying a MAYB result.
2021-09-15 12:09:38 +01:00
a99d618d38
Annocheck: Do not set CFLAGS/LDFLAGS when building. Take from environment instead.
2021-09-15 10:43:42 +01:00
92cb681581
Annocheck: Fix exit code when tests PASS.
2021-09-10 11:08:17 +01:00
fe496281b3
- Documentation: Add node for each hardening test.
...
- Documentation: Install online.
- Annocheck: Annote FAIL and MAYB results with URL to documentation
- Annocheck: Add --no-urls and --provide-urls options
- Annocheck: Add --help-<tool> option.
2021-09-09 14:18:24 +01:00
9d82370d42
- Annocheck: Fix fuzzing detected failures.
...
- Annocheck: Added --profile option.
- Docs: Documented --profile option and rpminspect.yaml.
2021-09-03 17:55:06 +01:00
ba44d58e22
Annocheck: Skip GO/CET checks. Fix fuzzing detected failures.
2021-08-31 15:18:09 +01:00
29d70de971
LLVM Plugin: Automatically choose the correct tests to run, based upon the version of Clang installed. ( #1997444 )
...
spec file: Add the installation of the annobon sources into /usr/src/annobin.
2021-08-25 13:38:58 +01:00
1d5918a750
Annocheck: Fix memory corruption. ( #1996963 )
...
spec file: Add the creation of a gcc-plugin version info file in /usr/lib/rpm/redhat.
2021-08-24 17:16:30 +01:00
5e4c738a8f
CI Gating: Test cover bz1991931
2021-08-20 15:25:33 +02:00
be3e1af704
CI Gating: Test cover bz1988715
2021-08-20 14:43:36 +02:00
ced3a24210
CI gating: Test cover bz1988714
2021-08-20 14:04:14 +02:00
7a0769e513
Annocheck: Add linker generated function for ppc64le exceptions. ( #1981410 )
...
LLVM Plugin: Allow checks to be selected from the command line.
Annocheck: Examine DW_AT_producer for -flto.
2021-08-18 11:28:24 +01:00
5d4d27dda9
Annocheck: Conditionalize detection of AArch64's PAC+BTI protection.
...
Annocheck: Add linker generated function for s390x exceptions. (#1981410 )
2021-08-17 15:03:42 +01:00
6d69597433
Annocheck: Generate MAYB results for gaps in notes covering the .text section. ( #1991943 )
...
Annocheck: Close DWARF file descriptors once the debug info is no longer needed. (#1981410 )
LLVM Plugin: Update to build with Clang v13. (Thanks to: Tom Stellard <tstellar@redhat.com>)
2021-08-17 12:10:03 +01:00
438dd33afc
Rebuild for LLVM 13.0.0-rc1
2021-08-16 20:04:41 +00:00
c76d8664da
Annocheck: Fix memory corruption. ( #1988715 )
2021-08-16 12:41:17 +01:00
75a23fb883
Annocheck: Skip certain tests for kernel modules.
2021-08-11 17:23:33 +01:00
71f8485e39
Annocheck: Detect a missing CET note. ( #1991931 )
...
Annocheck: Do not report future fails for AArch64 notes.
Annocheck: Warn about multiple --debug-file, --debug-rpm and --debug-dir options.
2021-08-10 15:14:48 +01:00
4af05b1261
Annocheck: Process files in command line order. ( #1988714 )
2021-08-09 11:14:43 +01:00
0394c1d928
Annocheck: Reverse AArch64 PAC+BTI check, ie fail if they are enabled.
...
Resolves : #1984995
2021-07-23 13:36:44 +01:00
8155573258
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 17:34:53 +00:00
dd22b2eaf4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 12:39:14 +00:00
80ffabd2a3
Test cover bz1973981
2021-07-20 11:28:05 +00:00
8adc17e68b
Annocheck: Add another test exceptions.
2021-07-13 17:15:00 +01:00
5bbd4f5f31
Annocheck: Add some more test exceptions.
2021-07-13 15:39:21 +01:00
a978ea49fa
Tests: Skip glibc-notes test if the assembler does not support --generate-missing-build-notes.
...
Resolves : #1978573
2021-07-05 12:49:37 +01:00
dfddf61cdd
Annocheck: Fix spelling mistake in -,stack-realign failure message. ( #1977349 )
2021-06-29 16:06:16 +01:00
76947e83c2
gcc-plugin: Do not record global versions of stack protection settings in LTO mode, if not set. ( #1958954 )
2021-06-22 16:05:21 +01:00
14c8067c11
annocheck: Remove limit on number of input files.
2021-06-21 16:16:26 +01:00
a9360e73d9
CI testing: Add test covering rhbz1969584
2021-06-18 16:53:30 +00:00
f1a1007e43
clang/llvm plugins: Build with correct security options.
2021-06-15 14:48:49 +01:00
96f1a8a19f
Annocheck: Better detection of GO compiler version.
2021-06-15 12:10:19 +01:00
55304ea386
Annocheck: Better support for symbolic links. In verbose mode, report the reason for skipping specific tests.
...
Resolves : #1969584
2021-06-09 16:49:05 +01:00
524ebdae25
Rebuild for LLVM 12.0.1
2021-06-04 01:39:25 +00:00
Nick Clifton
Tom Stellard
Martin Cermak
Fedora Release Engineering