Bug 1904479
| Summary: | annobin: Missing _FORTIFY_SOURCE macro results in MAYBE | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Martin Cermak <mcermak> |
| Component: | annobin | Assignee: | Nick Clifton <nickc> |
| annobin sub component: | system-version | QA Contact: | Martin Cermak <mcermak> |
| Status: | CLOSED WONTFIX | Docs Contact: | |
| Severity: | low | ||
| Priority: | low | CC: | fweimer, law, mcermak, nickc |
| Version: | 8.4 | Keywords: | Triaged |
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
| Target Release: | 8.4 | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1703500 | Environment: | |
| Last Closed: | 2021-01-13 09:39:15 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 1
Nick Clifton
2020-12-08 11:40:14 UTC
OK. lets try annobin-9.49-1.el8... Fixed in annobin-9.52-1.el9 Right - I do not think that it is possible to achieve the desired result with this test, if LTO compilation is enabled. Essentially the LTO compiler is not told about preprocessor options like -D_FORTIFY_SOURCE, so the annobin plugin run during LTO compilation cannot know if it was defined or not. The annobin plugin that is run before LTO compilation happens does know, but it has no way of communicating with the other plugin. (I have tried lots of methods of solving this problem, none have worked).
In theory annocheck could examine the built binary to see if it invokes any of the functions that are affected by _FORTIFY_SOURCE, eg strcpy. If the fortified version of the function is used then all is well, and if the unfortified version is used then there might be a problem. But this will not work for the test case, since it does not use any of these functions. Nor will it work for programs where the fortified functions cannot be used, even when -D_FORTIFY_SOURCE=2 is used. (Fortification only works for certain categories of algorithm).
So instead I have implemented the following:
* If LTO is not enabled, the annobin plugin records the notes correctly and annocheck will correctly generate PASS or FAIL results.
* If LTO is enabled but -D_FORTIFY_SOURCE is not enabled then the pre-LTO annobin plugin will generate a warning message.
(Prior to annobin 9.55 this was just a message on stdout. From 9.55 onwards this is a real gcc warning message).
* If LTO is enabled then the LTO plugin will generate a special note telling annocheck that the fortify level is unknown because of LTO. In turn annocheck will SKIP this test, since it has no reliable way to determine the level, and in most cases the user will have done the right thing.
Can I suggest that in order for the test to work you change this line:
gcc `rpm --eval "%build_cflags %build_ldflags" | sed s/-Wp,-D_FORTIFY_SOURCE=2//` u.c
to:
gcc `rpm --eval "%build_cflags %build_ldflags" | sed s/-Wp,-D_FORTIFY_SOURCE=2//` u.c -fno-lto
If this is satisfactory then I would like to set this BZ to CLOSE/WONTFIX.
Nick, I've updated the testcase. Thank you for looking into this. |