< Changes
(→Scope) |
(→Scope) |
||
| Line 136: | Line 136: | ||
parts of the distribution or is it a very isolated change? What are | parts of the distribution or is it a very isolated change? What are | ||
those changes?--> | those changes?--> | ||
Make sure the annobin plugin is ready. | Make sure the annobin plugin is ready. | ||
* Other developers: | * Other developers: | ||
<!-- What work do other developers have to accomplish to complete the | <!-- What work do other developers have to accomplish to complete the | ||
feature in time for release? Is it a large change affecting many | feature in time for release? Is it a large change affecting many | ||
parts of the distribution or is it a very isolated change? What are | parts of the distribution or is it a very isolated change? What are | ||
those changes?--> | those changes?--> | ||
An update is needed to the redhat-rpm-config package in order for the | An update is needed to the redhat-rpm-config package in order for the | ||
plugin to be invoked when gcc is used to compile programs, and to add | plugin to be invoked when gcc is used to compile programs, and to add | ||
| Line 151: | Line 148: | ||
* Release engineering: [https://pagure.io/releng/issue/7069] <!-- REQUIRED FOR SYSTEM WIDE AS WELL AS FOR SELF CONTAINED CHANGES --> | * Release engineering: [https://pagure.io/releng/issue/7069] <!-- REQUIRED FOR SYSTEM WIDE AS WELL AS FOR SELF CONTAINED CHANGES --> | ||
<!-- Does this feature require coordination with release engineering | <!-- Does this feature require coordination with release engineering | ||
(e.g. changes to installer image generation or update package | (e.g. changes to installer image generation or update package | ||
| Line 161: | Line 157: | ||
testing, and that all changes make it into the pipeline; a bullet | testing, and that all changes make it into the pipeline; a bullet | ||
point in a change is not sufficient communication --> | point in a change is not sufficient communication --> | ||
** Coordination with release engineering is needed. | |||
** A mass rebuild will be required. | |||
* [https://fedoraproject.org/wiki/Releases/27/ReleaseBlocking List of deliverables]: All delivered images are affected, however there no changes to the list it self. <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | |||
<!-- Please check the list of Fedora release deliverables and list all | <!-- Please check the list of Fedora release deliverables and list all | ||
the differences the feature brings --> | the differences the feature brings --> | ||
Revision as of 12:43, 27 September 2017
= Changes/Annotated Binaries
Summary
This change causes extra information to be stored in binary files compiled by gcc. This information can be used by scripts to check on various features of the file, such as the hardening options used of potential ABI conflicts.
Owner
- Name: Nick Clifton
- Email: nickc@redhat.com
- Release notes owner:
Current status
- Targeted release: Fedora 28
- Last updated: 2017-09-27
- Tracker bug: <will be assigned by the Wrangler>
Detailed Description
The plan is to use a plugin to gcc to record extra information in the object files it creates. This information can then be examined by static analysis tools. The information is recorded in a compact, extensible format, described here:
https://fedoraproject.org/wiki/Toolchain/Watermark
The Fedora annobin package is an implementation of the plugin for gcc. It also includes some example scripts that demonstrate how the recorded information can be used to, for example, check that an executable has been compiled with the correct hardening options, or detect if any conflicting ABI options have been used when compiling various parts of the executable.
To enable this change it is proposed that the redhat-rpm-config package should be extended to add the "-fplugin=annobin" option to the __global_compiler-flags macro. In theory such a change will be completely invisible to Fedora users but should prove to be very helpful to Fedora Release Management, assuming that they like the idea of these annotated binaries.
Benefit to Fedora
The main improvement is the ability to record extra information in a binary file, beyond the actual code and data needed to make it work.
Whilst this proposal focuses on enhancement that help release engineering, the scheme is not limited to this area. Internally the project has already been used to record gcc unit test results in a binary, so that it is possible to determine which parts of the compiler ran when the binary was created.
Scope
- Proposal owners:
Make sure the annobin plugin is ready.
- Other developers:
An update is needed to the redhat-rpm-config package in order for the plugin to be invoked when gcc is used to compile programs, and to add a dependency upon the annobin package.
- Release engineering: [1]
- Coordination with release engineering is needed.
- A mass rebuild will be required.
- List of deliverables: All delivered images are affected, however there no changes to the list it self.
- Policies and guidelines: No updates needed
- Trademark approval: N/A (not needed for this Change)
Upgrade/compatibility impact
On systems where the redhat-rpm-config package is installed the annobin package will now be a requirement.
There should be no other migration issues, apart from the possible issue of the size of rpms increasing, due to the extra information being recorded.
How To Test
Special hardware is not needed, but the plugin used to record the information is architecture specific. Thus it would be a good idea to run the tests on as many different architectures as are available.
In order to run tests the annobin package will need to be installed. You will also need to be able to compile files, so the gcc package will also be needed. There should be no need to edit any config files.
To check that the feature is working, compile the file(s) (or build the packages) that form the basis of your test. Make sure that the -fplugin=annobin gcc command line option is being used when the files are compiled. Then check the compiled files to see what information has been recorded. The command line:
readelf --notes --wide <name-of-file>
should achieve this aim.
The annobin package does include some tests of its own, and these can be used as examples of how to create more tests.
User Experience
N/A (This is a system wide change, but it should have no user visible impact apart from slightly larger rpms).
Dependencies
annobin, gcc, gcc-plugin-devel, pkgconfig, redhat-rpm-config
Contingency Plan
- Contingency mechanism: Revert change to redhat-rpm-macros
- Contingency deadline: beta Freeze
- Blocks release? No
- Blocks product? None
Documentation
The annotation scheme is documented here:
https://fedoraproject.org/wiki/Toolchain/Watermark
Release Notes
In theory no release notes are needed as this is not a user visible change.