= Proposed System Wide Change: Annobin = https://fedoraproject.org/wiki/Changes/Annobin Change owner(s): * Nick Clifton <nickc AT redhat DOT com> This change causes extra information to be stored in binary files compiled by gcc. This information can be used by scripts to check on various features of the file, such as the hardening options used of potential ABI conflicts. == Detailed Description == The plan is to use a plugin to gcc to record extra information in the object files it creates. This information can then be examined by static analysis tools. The information is recorded in a compact, extensible format, described here: https://fedoraproject.org/wiki/Toolchain/Watermark The Fedora annobin package is an implementation of the plugin for gcc. It also includes some example scripts that demonstrate how the recorded information can be used to, for example, check that an executable has been compiled with the correct hardening options, or detect if any conflicting ABI options have been used when compiling various parts of the executable. To enable this change it is proposed that the redhat-rpm-config package should be extended to add the "-fplugin=annobin" option to the __global_compiler-flags macro. In theory such a change will be completely invisible to Fedora users but should prove to be very helpful to Fedora Release Management, assuming that they like the idea of these annotated binaries. == Scope == * Proposal owners: Make sure the annobin plugin is ready. * Other developers: An update is needed to the redhat-rpm-config package in order for the plugin to be invoked when gcc is used to compile programs, and to add a dependency upon the annobin package. * Release engineering: https://pagure.io/releng/issue/7069 - Coordination with release engineering is needed. - A mass rebuild will be required. * List of deliverables: All delivered images are affected, however there no changes to the list it self. * Policies and guidelines: No updates needed * Trademark approval: N/A (not needed for this Change) -- Jan Kuřík Platform & Fedora Program Manager Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
