expect_fortify_3 (void)
{
return per_file.profile == PROFILE_EL10
- || per_file.profile == PROFILE_RAWHIDE
- || per_file.profile == PROFILE_RHIVOS;
+ || per_file.profile == PROFILE_RAWHIDE;
}
static bool
is_rhel_10 (void)
{
- return per_file.profile == PROFILE_EL10
- || per_file.profile == PROFILE_RHIVOS;
+ return per_file.profile == PROFILE_EL10;
}
static void
[ PROFILE_RHIVOS ] = { { "rhivos" },
{ },
{ TEST_NOT_BRANCH_PROTECTION, TEST_NOT_DYNAMIC_TAGS },
- { TEST_BRANCH_PROTECTION, TEST_DYNAMIC_TAGS, TEST_OPENSSL_ENGINE, TEST_RHIVOS } },
+ { TEST_BRANCH_PROTECTION, TEST_DYNAMIC_TAGS, TEST_OPENSSL_ENGINE, TEST_RHIVOS, TEST_RUN_PATH } },
};
static bool
break;
case DT_RPATH:
+ // Strictly speaking RHVOS binaries are not supposed to use DT_RPATH, but
+ // too many do. So for now --profile=rhivos enabled TEST_RUN_PATH instead.
+ // fail (data, TEST_RHIVOS, SOURCE_DYNAMIC_SECTION, "the DT_RPATH dynamic tag is present");
if (! skip_test (TEST_RUN_PATH))
{
const char * path = elf_strptr (data->elf, sec->shdr.sh_link, dyn->d_un.d_val);
break;
case DT_RUNPATH:
+ // Strictly speaking RHVOS binaries are not supposed to use DT_RUNRPATH, but
+ // too many do. So for now --profile=rhivos enabled TEST_RUN_PATH instead.
+ // fail (data, TEST_RHIVOS, SOURCE_DYNAMIC_SECTION, "the DT_RUNPATH dynamic tag is present");
if (! skip_test (TEST_RUN_PATH))
{
const char * path = elf_strptr (data->elf, sec->shdr.sh_link, dyn->d_un.d_val);
enable_test (TEST_GNU_RELRO);
enable_test (TEST_GNU_STACK);
enable_test (TEST_RWX_SEG);
+ enable_test (TEST_RUN_PATH);
/* Carry on the enable the rhivos test itself. */
}
these requirements.
Enabling this test automatically enables the ‘--test-bind-now’,
-‘--test-gnu-relro’, ‘--test-gnu-stack’ and ‘--test-rwx-seg’ tests.
+‘--test-gnu-relro’, ‘--test-gnu-stack’. ‘--test-rwx-seg’ and
+‘--test-run-path’ tests.
This test is normally only enabled if the ‘--profile=rhivos’ option
is used to select the RHIVOS profile. But it can be enabled
-independently by the ‘--test-rhivos’ option and disabled via the
-‘--skip-rhivos’ option.
+independently by the ‘--test-rhivos’ option.
\1f
File: annobin.info, Node: Test run path, Next: Test rwx seg, Prev: Test rhivos, Up: The tests
Node: Test production\7f90223
Node: Test property note\7f91063
Node: Test rhivos\7f93551
-Node: Test run path\7f95335
-Node: Test rwx seg\7f97574
-Node: Test short enums\7f98996
-Node: Test stack clash\7f100038
-Node: Test stack prot\7f101528
-Node: Test stack realign\7f102881
-Node: Test textrel\7f104171
-Node: Test threads\7f105482
-Node: Test unicode\7f106314
-Node: Test warnings\7f107850
-Node: Test writable got\7f108706
-Node: Test zero call used regs\7f110004
-Node: Hardened Command Line Options\7f111290
-Node: Waiving Hardened Results\7f118700
-Node: Absence of compiled code\7f120722
-Node: Notes\7f127105
-Node: Size\7f127751
-Node: Timing\7f130469
-Node: Libannocheck\7f131128
-Node: libannocheck_init\7f133083
-Node: libannocheck_finish\7f134009
-Node: libannocheck_get_version\7f134557
-Node: libannocheck_get_error_message\7f134970
-Node: libannocheck_get_known_tests\7f135610
-Node: libannocheck_enable_all_tests\7f136790
-Node: libannocheck_disable_all_tests\7f137273
-Node: libannocheck_enable_test\7f137833
-Node: libannocheck_disable_test\7f138513
-Node: libannocheck_enable_profile\7f139194
-Node: libannocheck_get_known_profiles\7f139716
-Node: libannocheck_run_tests\7f140419
-Node: Configure Options\7f141268
-Node: Legacy Scripts\7f143804
-Node: Who Built Me\7f144587
-Node: ABI Checking\7f147478
-Node: Hardening Checks\7f149725
-Node: Checking Archives\7f154073
-Node: GNU FDL\7f156626
+Node: Test run path\7f95311
+Node: Test rwx seg\7f97550
+Node: Test short enums\7f98972
+Node: Test stack clash\7f100014
+Node: Test stack prot\7f101504
+Node: Test stack realign\7f102857
+Node: Test textrel\7f104147
+Node: Test threads\7f105458
+Node: Test unicode\7f106290
+Node: Test warnings\7f107826
+Node: Test writable got\7f108682
+Node: Test zero call used regs\7f109980
+Node: Hardened Command Line Options\7f111266
+Node: Waiving Hardened Results\7f118676
+Node: Absence of compiled code\7f120698
+Node: Notes\7f127081
+Node: Size\7f127727
+Node: Timing\7f130445
+Node: Libannocheck\7f131104
+Node: libannocheck_init\7f133059
+Node: libannocheck_finish\7f133985
+Node: libannocheck_get_version\7f134533
+Node: libannocheck_get_error_message\7f134946
+Node: libannocheck_get_known_tests\7f135586
+Node: libannocheck_enable_all_tests\7f136766
+Node: libannocheck_disable_all_tests\7f137249
+Node: libannocheck_enable_test\7f137809
+Node: libannocheck_disable_test\7f138489
+Node: libannocheck_enable_profile\7f139170
+Node: libannocheck_get_known_profiles\7f139692
+Node: libannocheck_run_tests\7f140395
+Node: Configure Options\7f141244
+Node: Legacy Scripts\7f143780
+Node: Who Built Me\7f144563
+Node: ABI Checking\7f147454
+Node: Hardening Checks\7f149701
+Node: Checking Archives\7f154049
+Node: GNU FDL\7f156602
\1f
End Tag Table
git://sourceware.org / annobin.git / commitdiff