summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'hardened')
-rw-r--r--hardened/toolchain/branches/pieworld/pieworld.README45
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest16
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/digest-glibc-2.56
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild12
4 files changed, 31 insertions, 48 deletions
diff --git a/hardened/toolchain/branches/pieworld/pieworld.README b/hardened/toolchain/branches/pieworld/pieworld.README
index 8547bde..e514a69 100644
--- a/hardened/toolchain/branches/pieworld/pieworld.README
+++ b/hardened/toolchain/branches/pieworld/pieworld.README
@@ -33,25 +33,29 @@ Upgrade path
2) emerge --oneshot =sys-devel/binutils-2.17
3) Switch to 2.17 binutils (binutils-config)
4) USE="-hardened" emerge --oneshot =sys-libs/glibc-2.5
-5) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.1-r3
+5) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.22
6) switch to hardened compiler
7) emerge --oneshot =sys-libs/glibc-2.5
-8) emerge --oneshot =sys-devel/gcc-4.1.1-r3
+8) emerge --oneshot =sys-devel/gcc-4.1.2
9) emerge -e world :)
-There maybe quicker/shorter ways - but the above should always work. Care has to be taken
-because the specs handling has changed a little from gcc-3, and may cause odd breakages
-along the way.
+There maybe quicker/shorter ways - but the above should always work. Care has
+to be taken for several reasons, but mostly because mixing gcc-3/glibc-2.3 with
+the new gcc-4/glibc-2.5 approach during the build of those packages can cause
+odd breakages.
Things that can trip up in pieworld
-----------------------------------
* non-PIC assembler. Common in x86 media applications; occurs also in x86 media libraries
- although the latter should really be PIC.
+ although the latter should really be PIC. This is nothing new.
* local-exec thread-local storage (TLS). On x86, causes textrels with PIC - most arches
don't allow textrels so don't permit local-exec at all in PIC (including PIE).
+ We've not come across this before, probably because very little has actually used it
+ until recently. It may become necessary in the future to modify how gcc deals with
+ local-exec TLS in the PIE case.
@@ -146,38 +150,14 @@ libio/tst-wmemstream2 --- -.. .X- .-. .-. (? segfault)
libio/bug-wmemstream1 --- -.. .X- .-. .-. (? segfault)
malloc/tst-mtrace --- -.. .-X .-. .-. (? x86_64-only)
grp/tst_fgetgrent --- -.. .-X .-. .-. (? x86_64-only)
-math/test-fenv --- -.. .-- .X. .-. (?)
+math/test-fenv --- -.. .-- .X. .-. (? sparc64 only - never sets UNDERFLOW)
dlfcn/default XX- X.. .X- .X. .X. (? dladdr returns empty string)
posix/globtest --- -.. .-X .-. .-. (? x86_64-only)
posix/annexc XXX X.. .XX .X. .X. (expected)
io/ftwtest --- -.. .-X .-. .-. (? x86_64-only)
nptl/tst-mutex5 --X -.. .-- .-. .-. (? vanilla x86-only; not always)
-nptl/tst-mutexpi4 X-- -.. .-- .-. .-. (? hardened x86-only)
- hmm - fails if child gets PTHREAD_BARRIER_SERIAL_THREAD from the barrier; inserting a sleep()
- to encourage a different barrier sequence demonstrates this.
- note it must be something to do with the inherited priority stuff; tst-mutex4 passes...
- - missing UDEREF handling in futex.h
-nptl/tst-mutexpi5 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-mutexpi5a X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-mutexpi6 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-mutexpi9 X-- -.. .-- .-. .-. (? hardened x86-only)
nptl/tst-cond10 --X -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust1 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust2 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust3 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust4 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust5 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust6 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust7 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robust8 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi1 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi2 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi3 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi4 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi5 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi6 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-robustpi7 X-- -.. .-- .-. .-. (? hardened x86-only)
-nptl/tst-tls2 X-- -.. .X- .-. .-. (local-exec TLS?)
+nptl/tst-tls2 X-- X.. .X- .-. .-. (local-exec TLS?)
nptl/tst-cancel1 XXX -.. .XX .-. .-. (expected on x86/x86_64)
nptl/tst-cancelx4 XX- -.. .-- .-. .-. (? x86-only)
nptl/tst-cancelx5 XX- -.. .-- .-. .-. (? x86-only)
@@ -237,6 +217,7 @@ Things to work out:
Investigation ongoing...
Turns out it was PAX_UDEREF - which I had failed to switch off even in my 'non-hardened' kernels :/
+ This'll be fixed in later kernels (certainly by 2.16.20)
2) Why x86 passes elf/tst-tls{1,2}-static when all other arches fail it
3) What's different about x86_64 that it fails a whole bunch that are ok for other arches
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
index 9254775..ca67798 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
@@ -30,15 +30,15 @@ AUX nsswitch.conf 503 RMD160 f375f92f6b41029c93382c39cef896261b140cfc SHA1 42f7f
MD5 8d58079469aedb014a800101ef60558f files/nsswitch.conf 503
RMD160 f375f92f6b41029c93382c39cef896261b140cfc files/nsswitch.conf 503
SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d files/nsswitch.conf 503
-DIST glibc-2.5-patches-1.3.1.tar.bz2 182061 RMD160 47de64e40452b42e43ab6d736ed9794668d38ad2 SHA1 87d2df7115141d04062a2f17c0df0caa2ed278bb SHA256 e0028abaa2b97cb4dbf4217ba66ebc110f74e04ae05703b5ddda0b3f53a28df0
+DIST glibc-2.5-patches-1.3.2.tar.bz2 182152 RMD160 af497b417d05c0e8c26174d3db053f3192936ef6 SHA1 f1b5dff0659bd3dc02e44186948f9f05a6b6e9cc SHA256 20fa70f908011a5c9c0fade0e4489263550153722938a730669fad93c81865ff
DIST glibc-2.5.tar.bz2 15321839 RMD160 25a0a460c0db1e5b7c570e5087461696f2096fd2 SHA1 ec9a007c4875062099a4701ac9137fcdb5a71447 SHA256 9b2e12bb1eafb55ab2e5a868532b8e6ec39216c66c25b8998d7474bc4d4eb529
DIST glibc-libidn-2.5.tar.bz2 102330 RMD160 e10e85e0ee7cdab2e5518a93978cb688ccabee88 SHA1 ee7e019e01aa338e28db1eeb34abb2cb09d2f30a SHA256 de77e49e0beee6061d4c6e480f322566ba25d4e5e018c456a18ea4a8da5c0ede
DIST glibc-linuxthreads-2.5.tar.bz2 242445 RMD160 788484d035d53ac39aac18f6e3409a912eea1cfa SHA1 eb7765e5c0a14c7475f1c8b92cbe1f625a8fd76f SHA256 ee27aeba6124a8b351c720eb898917f0f8874d9a384cc2f17aa111a3d679bd2c
DIST glibc-ports-2.5.tar.bz2 409372 RMD160 e7e29df135a5f0f72760d10e5ad46de038e40725 SHA1 7da6257e641759ed29c4d316700fce6f604bc812 SHA256 80c38a005325e7539012bd665fb8e06af9ee9bfc74efb236ebff121265bfd463
-EBUILD glibc-2.5.ebuild 40042 RMD160 8ca0ea2406008bb0f26627a25983981f3a849d8c SHA1 b708f0f37c966f21726b6b3da7283369b6f6f754 SHA256 203f4ff6a365b905553fe649b498291a43a9f2879da57037863f77bb8a878663
-MD5 bdeb4c3f965e00d8daa11612f32b180f glibc-2.5.ebuild 40042
-RMD160 8ca0ea2406008bb0f26627a25983981f3a849d8c glibc-2.5.ebuild 40042
-SHA256 203f4ff6a365b905553fe649b498291a43a9f2879da57037863f77bb8a878663 glibc-2.5.ebuild 40042
-MD5 932be0453d928552fa24d590453bc0cd files/digest-glibc-2.5 1286
-RMD160 ffa1a53d76e1ffb602701f2919ecb63db3e36275 files/digest-glibc-2.5 1286
-SHA256 834a359d2717ef8252d541b9440c91681efc3248bb7f75a2abec96798d862359 files/digest-glibc-2.5 1286
+EBUILD glibc-2.5.ebuild 40151 RMD160 635e19207990c16d4c15683bac0aa7fb1ac453f4 SHA1 4d532562cacd15178520da887687b88680a357e4 SHA256 f5a98a69306171b42443e5b78916ff82f0b4b596b7fa85a3b243a2ddfcdb260d
+MD5 9b2045b68b03d5242846c45845cd7cb9 glibc-2.5.ebuild 40151
+RMD160 635e19207990c16d4c15683bac0aa7fb1ac453f4 glibc-2.5.ebuild 40151
+SHA256 f5a98a69306171b42443e5b78916ff82f0b4b596b7fa85a3b243a2ddfcdb260d glibc-2.5.ebuild 40151
+MD5 5b7e320e8b8b1a96ace60aa95385c122 files/digest-glibc-2.5 1286
+RMD160 6302561abceb3a88449dfe74bd6f2e373f00dec3 files/digest-glibc-2.5 1286
+SHA256 c20b8f42085597085e3589fbfd2dc5351f0c63a5492a55f82b59a1481b2a28f3 files/digest-glibc-2.5 1286
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/digest-glibc-2.5 b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/digest-glibc-2.5
index f97bb90..3a8d8d5 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/digest-glibc-2.5
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/digest-glibc-2.5
@@ -1,6 +1,6 @@
-MD5 82875d233db221666b1abf26e7cf6e98 glibc-2.5-patches-1.3.1.tar.bz2 182061
-RMD160 47de64e40452b42e43ab6d736ed9794668d38ad2 glibc-2.5-patches-1.3.1.tar.bz2 182061
-SHA256 e0028abaa2b97cb4dbf4217ba66ebc110f74e04ae05703b5ddda0b3f53a28df0 glibc-2.5-patches-1.3.1.tar.bz2 182061
+MD5 44d6ca4466391666849fbc175bdb7c86 glibc-2.5-patches-1.3.2.tar.bz2 182152
+RMD160 af497b417d05c0e8c26174d3db053f3192936ef6 glibc-2.5-patches-1.3.2.tar.bz2 182152
+SHA256 20fa70f908011a5c9c0fade0e4489263550153722938a730669fad93c81865ff glibc-2.5-patches-1.3.2.tar.bz2 182152
MD5 1fb29764a6a650a4d5b409dda227ac9f glibc-2.5.tar.bz2 15321839
RMD160 25a0a460c0db1e5b7c570e5087461696f2096fd2 glibc-2.5.tar.bz2 15321839
SHA256 9b2e12bb1eafb55ab2e5a868532b8e6ec39216c66c25b8998d7474bc4d4eb529 glibc-2.5.tar.bz2 15321839
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
index 7f9a399..0d9e50a 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.5.ebuild,v 1.31 2007/02/12 20:18:10 kloeri Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.5.ebuild,v 1.35 2007/02/17 00:29:58 vapier Exp $
# Here's how the cross-compile logic breaks down ...
# CTARGET - machine that will target the binaries
@@ -16,7 +16,7 @@
# CHOST = CTARGET - install into /
# CHOST != CTARGET - install into /usr/CTARGET/
-KEYWORDS="-* alpha amd64 arm ~ia64 ppc ppc64 sh ~sparc x86"
+KEYWORDS="-* alpha amd64 arm ia64 ppc ppc64 sh sparc x86"
BRANCH_UPDATE=""
@@ -27,7 +27,7 @@ GLIBC_MANPAGE_VERSION="none"
GLIBC_INFOPAGE_VERSION="none"
# Gentoo patchset
-PATCH_VER="1.3.1"
+PATCH_VER="1.3.2"
GENTOO_TOOLCHAIN_BASE_URI="mirror://gentoo"
GENTOO_TOOLCHAIN_DEV_URI="http://dev.gentoo.org/~azarah/glibc/XXX http://dev.gentoo.org/~vapier/dist/XXX"
@@ -1073,8 +1073,10 @@ pkg_setup() {
fi
fi
- if want_nptl && [[ ${CTARGET} == i386-* ]] ; then
- eerror "NPTL requires a CHOST of i486 or better"
+ if [[ ${CTARGET} == i386-* ]] ; then
+ eerror "i386 CHOSTs are no longer supported."
+ eerror "Chances are you don't actually want/need i386."
+ eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml"
die "please fix your CHOST"
fi