Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/hardened
diff options
context:
space:
mode:
Diffstat (limited to 'hardened')
-rw-r--r--hardened/toolchain/branches/pieworld/pieworld.README140
-rw-r--r--hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest16
-rw-r--r--hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.1-r3.ebuild4
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest16
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-testfailobvious.patch23
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.5/glibc-2.5-hardened-tests.patch79
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild7
7 files changed, 86 insertions, 199 deletions
diff --git a/hardened/toolchain/branches/pieworld/pieworld.README b/hardened/toolchain/branches/pieworld/pieworld.README
index 7811ba4..ada2e54 100644
--- a/hardened/toolchain/branches/pieworld/pieworld.README
+++ b/hardened/toolchain/branches/pieworld/pieworld.README
@@ -96,82 +96,82 @@ Investigations
2) glibc-2.5 failures:
-For reference, on vanilla x86 the following fail:
+For reference, on vanilla x86 the following fail (both in and out of a chroot):
+
+ linuxthreads/posix/annexc
+ Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html
linuxthreads/linuxthreads/tst-clock1
+ Time between threads is too short - expected 1 sec, got a fraction.
linuxthreads/rt/tst-aio9
+ Limitation of linuxthreads? (ok on nptl) Hints to that effect http://sourceware.org/ml/libc-ports/2006-08/msg00016.html
linuxthreads/rt/tst-aio10
-so are ignored for the purposes of analysing failures on hardened.
+ Limitation of linuxthreads? (ok on nptl) http://sourceware.org/ml/libc-ports/2006-08/msg00016.html
+ linuxthreads/elf/check-localplt
+ bunch of stuff appears, mostly from libpthread.so, that isn't expected
+ linuxthreads/c++-types-check
+ pthread_attr_t and pthread_rwlock_t are different from expected.
+
+ ok nptl/posix/annexc
+ Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html
+ ok nptl/nptl/tst-cancel1
+ Requires >=gcc-4.2 http://sourceware.org/ml/libc-alpha/2006-09/msg00039.html
+
+and on vanilla amd64 (nptlonly) the following fail:
+ nptl/iconvdata/iconv-test
+ nptl/malloc/tst-mtrace
+ nptl/grp/tst_fgetgrent
+ nptl/posix/tst-nice
+ nptl/posix/globtest
+ ok nptl/posix/annexc
+ nptl/io/ftwtest
+ ok nptl/nptl/tst-cancel1
+ nptl/rt/tst-cpuclock2
-Some of these may be down to being run in a chroot.
+so are ignored for the purposes of analysing failures on hardened.
Note also - ppc64 and sparc64 can't have linuxthreads as it doesn't
compile (some changes that are in for nptl have not been back-ported).
-x86 (non-hardened kernel):
-
-amd64 (non-hardened kernel):
- linuxthreads/libio/tst-wmemstream1
- linuxthreads/libio/tst-wmemstream2
- linuxthreads/libio/bug-wmemstream1
- linuxthreads/dlfcn/default
- linuxthreads/linuxthreads/tststatic
- linuxthreads/linuxthreads/tst-cancel-static
- linuxthreads/linuxthreads/tst-stackguard1-static
- linuxthreads/elf/tst-tls1
- linuxthreads/elf/tst-tls2
- linuxthreads/elf/tst-tls1-static
- linuxthreads/elf/tst-tls2-static
- linuxthreads/elf/resolvfail
- linuxthreads/elf/constload1
- nptl/libio/tst-wmemstream1
- nptl/libio/tst-wmemstream2
- nptl/libio/bug-wmemstream1
- nptl/dlfcn/default
- nptl/nptl/tst-cancel1
- nptl/elf/tst-tls1
- nptl/elf/tst-tls2
- nptl/elf/tst-tls1-static
- nptl/elf/tst-tls2-static
- nptl/elf/resolvfail
- nptl/elf/constload1
-
-ppc (luna, hardened):
- linuxthreads/dlfcn/default
- linuxthreads/linuxthreads/tst-context
- linuxthreads/rt/tst-mqueue6
- linuxthreads/rt/tst-mqueue8
- linuxthreads/elf/tst-tls1
- linuxthreads/elf/tst-tls2
- linuxthreads/elf/resolvfail
- linuxthreads/elf/constload1
- nptl/dlfcn/default
- nptl/nptl/tst-tls2
-PaX nptl/nptl/tst-execstack
- nptl/rt/tst-cputimer1
- nptl/elf/tst-tls1
- nptl/elf/tst-tls2
- nptl/elf/resolvfail
- nptl/elf/constload1
-
-ppc64 (cottonwoord, non-hardened):
- nptl/dlfcn/default
- nptl/misc/tst-pselect
- nptl/nptl/tst-robust7
- nptl/nptl/tst-tls2
- nptl/elf/tst-tls1
- nptl/elf/tst-tls2
- nptl/elf/resolvfail
- nptl/elf/constload1
-
-sparc64 (bender, non-hardened - linuxthreads not available):
- nptl/math/test-fenv
- nptl/dlfcn/default
- nptl/nptl/tst-eintr1
- nptl/nptl/tst-cancel20
- nptl/nptl/tst-cancelx20
- nptl/elf/tst-tls1
- nptl/elf/tst-tls2
- nptl/elf/resolvfail
- nptl/elf/constload1
-
+Kernel -> x86 x86h ppc ppch amd64 amd64h sparc sparch ppc64 ppc64h Reason
+NPTL Test v (? segfault)
+libio/tst-wmemstream1 X (? segfault)
+libio/tst-wmemstream2 X (? segfault)
+libio/bug-wmemstream1 X (? segfault)
+math/test-fenv X (?)
+dlfcn/default X X X X (?)
+posix/annexc X X X X (expected)
+misc/tst-pselect X (?)
+nptl/tst-execstack X (PaX)
+nptl/tst-cancel1 X (expected)
+nptl/rt/tst-cpuclock2 X (?)
+nptl/tst-eintr1 X (?)
+nptl/tst-cancel20 X (?)
+nptl/tst-cancelx20 X (?)
+elf/tst-tls1 X X X X (local-exec TLS)
+elf/tst-tls2 X X X X (local-exec TLS)
+elf/tst-tls1-static X X X X (local-exec TLS)
+elf/tst-tls2-static X X X X (local-exec TLS)
+elf/resolvfail X X X X (BIND_NOW)
+elf/constload1 X X X X (BIND_NOW)
+elf/order X X X X (BIND_NOW)
+elf/lateglobal X X X X (BIND_NOW)
+elf/dblload X X X X (BIND_NOW)
+elf/dblunload X X X X (BIND_NOW)
+elf/reldep6 X X X X (BIND_NOW)
+elf/circleload1 X X X X (BIND_NOW) elf/tst-tls3 X X (?)
+elf/tst-tls10 X X X (local-exec TLS)
+elf/tst-tls14 X (local-exec TLS)
+elf/tst-execstack X (PaX)
+elf/tst-execstack-needed X (PaX)
+elf//tst-execstack-prog X (PaX)
+elf/tst-global1 X X X X (BIND_NOW)
+elf/tst-audit2 X X X (local-exec TLS)
+
+PaX: PaX kernel causes execstack behaviour to fail (a good thing, where PaX is concerned).
+BIND_NOW: These tests require that some of their links be -Wl,-z,lazy (perhaps we could add this explicitly)
+local-exec TLS: The local-exec TLS model is not compatible with PIC (and PIE)
+
+posix/annexc is ignored upstream (http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html)
+
+tst-cancel1 fails on x86/amd64 because support is not in gcc-4.1.1 - gcc-4.2 will fix this (http://sourceware.org/ml/libc-alpha/2006-09/msg00039.html)
diff --git a/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest b/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
index 3d85667..a4d6f70 100644
--- a/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
+++ b/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
@@ -156,14 +156,14 @@ EBUILD gcc-3.4.6-r3.ebuild 5025 RMD160 2058cb7bcf3a63d0676584cae76081161d03ea2e
MD5 e7e1819986cf0ecdffbb5f1f59ba6b16 gcc-3.4.6-r3.ebuild 5025
RMD160 2058cb7bcf3a63d0676584cae76081161d03ea2e gcc-3.4.6-r3.ebuild 5025
SHA256 51a5e8aa4e23fea87d17508638016a7651961d4bffd0cd15335f1ce493c206e3 gcc-3.4.6-r3.ebuild 5025
-EBUILD gcc-4.1.1-r3.ebuild 3240 RMD160 d1d508b81b57f31a4e3b4e5e121347fba664fdd5 SHA1 3214ed339c180b6ca0369000c28cbf3bede48db6 SHA256 60cb092602bd71e98f35ce5adcf3ae3de9c6146513dc4946550da0cebd43b513
-MD5 f7c3b04e407eaba0b68184e67dc39df6 gcc-4.1.1-r3.ebuild 3240
-RMD160 d1d508b81b57f31a4e3b4e5e121347fba664fdd5 gcc-4.1.1-r3.ebuild 3240
-SHA256 60cb092602bd71e98f35ce5adcf3ae3de9c6146513dc4946550da0cebd43b513 gcc-4.1.1-r3.ebuild 3240
-MISC gcc-4.1.1-r3.ebuild.orig 3238 RMD160 f1f0d9a8b8cf66067fff3cb1fcd617923916d8d2 SHA1 ac837101c1ccac4cc6fa7025cf9e6ea5c9e30282 SHA256 a5ba773961619a639767f8f695c21885a96b1b828924891c8711e8b504eee668
-MD5 d43698f73587e2c7e27c8772efc5f6b1 gcc-4.1.1-r3.ebuild.orig 3238
-RMD160 f1f0d9a8b8cf66067fff3cb1fcd617923916d8d2 gcc-4.1.1-r3.ebuild.orig 3238
-SHA256 a5ba773961619a639767f8f695c21885a96b1b828924891c8711e8b504eee668 gcc-4.1.1-r3.ebuild.orig 3238
+EBUILD gcc-4.1.1-r3.ebuild 3238 RMD160 61bc5ef31f71504832e32aee2fd4e02da7d30989 SHA1 cf3628356d67bdce912786adc316753f895eed68 SHA256 4a3a3fbefd894613d7dfb695c26d39ddf668f0c4347b6e309e6d1612f3821ffb
+MD5 214dc0b70981d25fcd4c1cf01acde246 gcc-4.1.1-r3.ebuild 3238
+RMD160 61bc5ef31f71504832e32aee2fd4e02da7d30989 gcc-4.1.1-r3.ebuild 3238
+SHA256 4a3a3fbefd894613d7dfb695c26d39ddf668f0c4347b6e309e6d1612f3821ffb gcc-4.1.1-r3.ebuild 3238
+MISC gcc-4.1.1-r3.ebuild.orig 3240 RMD160 d1d508b81b57f31a4e3b4e5e121347fba664fdd5 SHA1 3214ed339c180b6ca0369000c28cbf3bede48db6 SHA256 60cb092602bd71e98f35ce5adcf3ae3de9c6146513dc4946550da0cebd43b513
+MD5 f7c3b04e407eaba0b68184e67dc39df6 gcc-4.1.1-r3.ebuild.orig 3240
+RMD160 d1d508b81b57f31a4e3b4e5e121347fba664fdd5 gcc-4.1.1-r3.ebuild.orig 3240
+SHA256 60cb092602bd71e98f35ce5adcf3ae3de9c6146513dc4946550da0cebd43b513 gcc-4.1.1-r3.ebuild.orig 3240
MD5 f2ae42150d118fee847851b13498c67d files/digest-gcc-3.4.6-r3 1623
RMD160 61cd90be115485be70bc0c6511848949fd86e3ff files/digest-gcc-3.4.6-r3 1623
SHA256 fb9bc05b7f310a0ce63c7538d07315a3432bced82fc26c656e9ec0d843df2468 files/digest-gcc-3.4.6-r3 1623
diff --git a/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.1-r3.ebuild b/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.1-r3.ebuild
index 1131005..b5043b2 100644
--- a/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.1-r3.ebuild
+++ b/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.1-r3.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.1.1-r3.ebuild,v 1.10 2007/02/03 02:13:37 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.1.1-r3.ebuild,v 1.11 2007/02/05 13:58:54 blubb Exp $
PATCH_VER="1.10"
UCLIBC_VER="1.1"
@@ -40,7 +40,7 @@ inherit toolchain
DESCRIPTION="The GNU Compiler Collection. Includes C/C++, java compilers, pie+ssp extensions, Haj Ten Brugge runtime bounds checking"
LICENSE="GPL-2 LGPL-2.1"
-KEYWORDS="-* ~alpha ~amd64 arm hppa ~ia64 ~mips ppc ppc64 ~s390 ~sparc ~sparc-fbsd x86 ~x86-fbsd"
+KEYWORDS="-* ~alpha amd64 arm hppa ~ia64 ~mips ppc ppc64 ~s390 ~sparc ~sparc-fbsd x86 ~x86-fbsd"
RDEPEND=">=sys-libs/zlib-1.1.4
|| ( >=sys-devel/gcc-config-1.3.12-r4 app-admin/eselect-compiler )
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
index f09c21d..fee9af8 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
@@ -14,18 +14,10 @@ AUX 2.4/glibc-2.4-hardened-pie.patch 1629 RMD160 cd0dfdb10a86560d4c36ac04b7642b0
MD5 51135a389633ff99dbd3f3d715821454 files/2.4/glibc-2.4-hardened-pie.patch 1629
RMD160 cd0dfdb10a86560d4c36ac04b7642b06ae41b3cd files/2.4/glibc-2.4-hardened-pie.patch 1629
SHA256 a44ef5ef5490663fea6de10f9ecccbd45f1fb5bdb49abefb49527dfc14fa0977 files/2.4/glibc-2.4-hardened-pie.patch 1629
-AUX 2.4/glibc-2.4-testfailobvious.patch 919 RMD160 371d8c6ab9a7358a23ec721d46528c93aa1b7cd8 SHA1 a7e9794c4ba8ab0c452bfc495a6ae7950984e69e SHA256 5542c46a2649a2a3ffb6e0f884c3ad7309863f7d62055e1ec4b792f923f15654
-MD5 222aebe5c1135dfa01c785dcaae36b05 files/2.4/glibc-2.4-testfailobvious.patch 919
-RMD160 371d8c6ab9a7358a23ec721d46528c93aa1b7cd8 files/2.4/glibc-2.4-testfailobvious.patch 919
-SHA256 5542c46a2649a2a3ffb6e0f884c3ad7309863f7d62055e1ec4b792f923f15654 files/2.4/glibc-2.4-testfailobvious.patch 919
AUX 2.5/glibc-2.5-hardened-pie.patch 1522 RMD160 cd6d0fa46973a7f7b4575946998478d148268a50 SHA1 a231b2154d646d8bd6790771b194a8783d609e35 SHA256 25fc868ba67ba6b6e3476c5786dd493039bb06c70459a5f0c2b12602d294eec3
MD5 f58815648658826e79ea33722d6c0742 files/2.5/glibc-2.5-hardened-pie.patch 1522
RMD160 cd6d0fa46973a7f7b4575946998478d148268a50 files/2.5/glibc-2.5-hardened-pie.patch 1522
SHA256 25fc868ba67ba6b6e3476c5786dd493039bb06c70459a5f0c2b12602d294eec3 files/2.5/glibc-2.5-hardened-pie.patch 1522
-AUX 2.5/glibc-2.5-hardened-tests.patch 2243 RMD160 36bac06e12c05a5e283226fd34177eaf2503cdcb SHA1 697778db00fdb41ff8316a0dd006492e99402292 SHA256 69c9b226b6243f78c04bfb99472daa7619d2032ec2294276e7a60dc93ae2b12f
-MD5 dde50e1050e71f8bb51a7843b6b5008d files/2.5/glibc-2.5-hardened-tests.patch 2243
-RMD160 36bac06e12c05a5e283226fd34177eaf2503cdcb files/2.5/glibc-2.5-hardened-tests.patch 2243
-SHA256 69c9b226b6243f78c04bfb99472daa7619d2032ec2294276e7a60dc93ae2b12f files/2.5/glibc-2.5-hardened-tests.patch 2243
AUX nscd 1468 RMD160 4358dc846a186c9db730693f9485b4d4358f3967 SHA1 f340187d998effff8b84250394a608c7305539bf SHA256 12b5d0732e646b3a456646b943930cc5c21cc82635e42ccefe8f197e61d570fe
MD5 1314d7f9022322cd0d1198dcddf1214d files/nscd 1468
RMD160 4358dc846a186c9db730693f9485b4d4358f3967 files/nscd 1468
@@ -43,10 +35,10 @@ DIST glibc-2.5.tar.bz2 15321839 RMD160 25a0a460c0db1e5b7c570e5087461696f2096fd2
DIST glibc-libidn-2.5.tar.bz2 102330 RMD160 e10e85e0ee7cdab2e5518a93978cb688ccabee88 SHA1 ee7e019e01aa338e28db1eeb34abb2cb09d2f30a SHA256 de77e49e0beee6061d4c6e480f322566ba25d4e5e018c456a18ea4a8da5c0ede
DIST glibc-linuxthreads-2.5.tar.bz2 242445 RMD160 788484d035d53ac39aac18f6e3409a912eea1cfa SHA1 eb7765e5c0a14c7475f1c8b92cbe1f625a8fd76f SHA256 ee27aeba6124a8b351c720eb898917f0f8874d9a384cc2f17aa111a3d679bd2c
DIST glibc-ports-2.5.tar.bz2 409372 RMD160 e7e29df135a5f0f72760d10e5ad46de038e40725 SHA1 7da6257e641759ed29c4d316700fce6f604bc812 SHA256 80c38a005325e7539012bd665fb8e06af9ee9bfc74efb236ebff121265bfd463
-EBUILD glibc-2.5.ebuild 39459 RMD160 382b12a99c353c7fa2035a9c9371292e423aa512 SHA1 32ade8c88346b2e3efd4cccfec4879a95fcfc705 SHA256 62d9a047ee3fa8d8c00e777ac710bae2cedd4ee4e1ae0b39314adf4ce43bc30c
-MD5 1508d1005505dc7c798fc3f893293f76 glibc-2.5.ebuild 39459
-RMD160 382b12a99c353c7fa2035a9c9371292e423aa512 glibc-2.5.ebuild 39459
-SHA256 62d9a047ee3fa8d8c00e777ac710bae2cedd4ee4e1ae0b39314adf4ce43bc30c glibc-2.5.ebuild 39459
+EBUILD glibc-2.5.ebuild 39302 RMD160 af749af37c91d7c6d7c0117f73899d9a90c87c12 SHA1 aa4c638cd0f076cc8a5a947f81e67c2afc73716b SHA256 5b249e83a7b99b60c62eedea1d2999c2797626324c4acd8d99fa0bb557022fc6
+MD5 d1971d33895571971ddb4695dbc77c61 glibc-2.5.ebuild 39302
+RMD160 af749af37c91d7c6d7c0117f73899d9a90c87c12 glibc-2.5.ebuild 39302
+SHA256 5b249e83a7b99b60c62eedea1d2999c2797626324c4acd8d99fa0bb557022fc6 glibc-2.5.ebuild 39302
MD5 932be0453d928552fa24d590453bc0cd files/digest-glibc-2.5 1286
RMD160 ffa1a53d76e1ffb602701f2919ecb63db3e36275 files/digest-glibc-2.5 1286
SHA256 834a359d2717ef8252d541b9440c91681efc3248bb7f75a2abec96798d862359 files/digest-glibc-2.5 1286
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-testfailobvious.patch b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-testfailobvious.patch
deleted file mode 100644
index eeaa639..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-testfailobvious.patch
+++ /dev/null
@@ -1,23 +0,0 @@
- Add an easily-greppable string to the output of test runs.
- If a test fails, the output will contain a line:
- FAILED <test output filename>
- which indicates the test that failed. Find with 'grep ^FAILED'
- Kevin F. Quinn <kevquinn@gentoo.org> 15 Dec 2006
-
---- Rules.orig 2006-02-28 08:05:48.000000000 +0100
-+++ Rules 2006-08-05 14:18:39.000000000 +0200
-@@ -142,11 +142,11 @@
- make-test-out = GCONV_PATH=$(common-objpfx)iconvdata LC_ALL=C \
- $($*-ENV) $(built-program-cmd) $($*-ARGS)
- $(objpfx)%-bp.out: %.input $(objpfx)%-bp
-- $(make-test-out) > $@ < $(word 1,$^)
-+ $(make-test-out) > $@ < $(word 1,$^) || echo FAILED $@
- $(objpfx)%.out: %.input $(objpfx)%
-- $(make-test-out) > $@ < $(word 1,$^)
-+ $(make-test-out) > $@ < $(word 1,$^) || echo FAILED $@
- $(objpfx)%.out: /dev/null $(objpfx)% # Make it 2nd arg for canned sequence.
-- $(make-test-out) > $@
-+ $(make-test-out) > $@ || echo FAILED $@
-
- endif # tests
-
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.5/glibc-2.5-hardened-tests.patch b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.5/glibc-2.5-hardened-tests.patch
deleted file mode 100644
index ae4da18..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.5/glibc-2.5-hardened-tests.patch
+++ /dev/null
@@ -1,79 +0,0 @@
- TLS local-exec model is not intended for PIC code (PIE, shared libraries
- etc); in PIC code it would require relocations in the text segment, which
- most arches don't support, and on Hardened Gentoo they're not supported
- on x86, either.
- Forcing these tests to use initial-exec when built PIC allows it to build
- and allows testing to continue normally (obviously, they no longer test
- local-exec!).
- Kevin F. Quinn <kevquinn@gentoo.org> 2 Feb 2007
-
---- nptl/tst-tls2.c.orig 2007-02-02 18:49:05.000000000 +0100
-+++ nptl/tst-tls2.c 2007-02-02 18:50:07.000000000 +0100
-@@ -57,7 +57,12 @@
- };
-
-
-+#ifdef __PIC__
-+/* local-exec requires text relocations on PIC code; avoid it's use if so */
-+static __thread void (*fp) (void) __attribute__ ((tls_model ("initial-exec")));
-+#else
- static __thread void (*fp) (void) __attribute__ ((tls_model ("local-exec")));
-+#endif
-
-
- static sem_t s;
---- elf/tst-tls1.c.orig 2007-02-02 20:35:27.000000000 +0100
-+++ elf/tst-tls1.c 2007-02-02 20:36:41.000000000 +0100
-@@ -22,9 +22,15 @@
- int *ap, *bp;
-
-
-+#ifdef __PIC__
-+ /* Set the variable using the initial exec model; local exec isn't good on PIC. */
-+ puts ("set bar to 1 (IE)");
-+ ap = TLS_IE (foo);
-+#else
- /* Set the variable using the local exec model. */
- puts ("set bar to 1 (LE)");
- ap = TLS_LE (bar);
-+#endif
- *ap = 1;
-
-
---- elf/tst-tls2.c.orig 2007-02-02 20:35:29.000000000 +0100
-+++ elf/tst-tls2.c 2007-02-02 20:37:13.000000000 +0100
-@@ -22,9 +22,15 @@
- int *ap, *bp;
-
-
-+#ifdef __PIC__
-+ /* Set the variable using the initial exec model; local exec isn't good on PIC. */
-+ puts ("set bar to 1 (IE)");
-+ ap = TLS_IE (foo);
-+#else
- /* Set the variable using the local exec model. */
- puts ("set bar to 1 (LE)");
- ap = TLS_LE (bar);
-+#endif
- *ap = 1;
-
-
---- elf/tst-tls3.c.orig 2007-02-02 20:35:32.000000000 +0100
-+++ elf/tst-tls3.c 2007-02-02 20:37:39.000000000 +0100
-@@ -26,9 +26,16 @@
- int *ap, *bp, *cp;
-
-
-+
-+#ifdef __PIC__
-+ /* Set the variable using the initial exec model; local exec isn't good on PIC. */
-+ puts ("set baz to 3 (IE)");
-+ ap = TLS_IE (baz);
-+#else
- /* Set the variable using the local exec model. */
- puts ("set baz to 3 (LE)");
- ap = TLS_LE (baz);
-+#endif
- *ap = 3;
-
-
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
index b016791..a7c6623 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.5.ebuild,v 1.25 2007/02/03 02:02:57 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.5.ebuild,v 1.26 2007/02/06 10:24:42 opfer Exp $
# Here's how the cross-compile logic breaks down ...
# CTARGET - machine that will target the binaries
@@ -16,7 +16,7 @@
# CHOST = CTARGET - install into /
# CHOST != CTARGET - install into /usr/CTARGET/
-KEYWORDS="-* ~amd64 arm ~ia64 ~ppc ppc64 sh ~sparc ~x86"
+KEYWORDS="-* ~amd64 arm ~ia64 ~ppc ppc64 sh ~sparc x86"
BRANCH_UPDATE=""
@@ -229,9 +229,6 @@ toolchain-glibc_src_unpack() {
# it is used, and that the TLS initialisation uses non-sysenter
# variants of syscalls.
epatch ${FILESDIR}/2.4/glibc-2.4-hardened-inittls-nosysenter.patch
- # This patch modifies tests that would fail to run at all, due to
- # the PIE building of tests.
- epatch ${FILESDIR}/2.5/glibc-2.5-hardened-tests.patch
einfo "Installing Hardened Gentoo SSP handler"
cp -f ${FILESDIR}/2.4/glibc-2.4-gentoo-stack_chk_fail.c \