diff options
author | Magnus Granberg <zorry@ume.nu> | 2009-08-29 18:02:14 +0200 |
---|---|---|
committer | Magnus Granberg <zorry@ume.nu> | 2009-08-29 18:02:14 +0200 |
commit | 1e497f6cffb2cc3c319a38594d2405afdbdf3387 (patch) | |
tree | 2f88243403a85d93c38690eafbcbbdb0b745d6be | |
parent | remove test file. (diff) | |
download | hardened-dev-1e497f6cffb2cc3c319a38594d2405afdbdf3387.tar.gz hardened-dev-1e497f6cffb2cc3c319a38594d2405afdbdf3387.tar.bz2 hardened-dev-1e497f6cffb2cc3c319a38594d2405afdbdf3387.zip |
clean the testing bracnh
42 files changed, 0 insertions, 8417 deletions
diff --git a/eclass/flag-o-matic.eclass b/eclass/flag-o-matic.eclass deleted file mode 100644 index f6aee72e..00000000 --- a/eclass/flag-o-matic.eclass +++ /dev/null @@ -1,749 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/flag-o-matic.eclass,v 1.142 2009/07/29 08:32:43 ssuominen Exp $ - -# @ECLASS: flag-o-matic.eclass -# @MAINTAINER: -# toolchain@gentoo.org -# @BLURB: common functions to manipulate and query toolchain flags -# @DESCRIPTION: -# This eclass contains a suite of functions to help developers sanely -# and safely manage toolchain flags in their builds. - -inherit eutils toolchain-funcs multilib - -################ DEPRECATED functions ################ -# The following are still present to avoid breaking existing -# code more than necessary; however they are deprecated. Please -# use gcc-specs-* from toolchain-funcs.eclass instead, if you -# need to know which hardened techs are active in the compiler. -# See bug #100974 -# -# has_hardened -# has_pie -# has_pic -# has_ssp_all -# has_ssp - - -# {C,CXX,F,FC}FLAGS that we allow in strip-flags -# Note: shell globs and character lists are allowed -setup-allowed-flags() { - if [[ -z ${ALLOWED_FLAGS} ]] ; then - export ALLOWED_FLAGS="-pipe" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -O -O0 -O1 -O2 -mcpu -march -mtune" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fstack-protector -fstack-protector-all" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fbounds-checking -fno-strict-overflow" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fno-PIE -fno-pie -fno-unit-at-a-time" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -g -g[0-9] -ggdb -ggdb[0-9] -gstabs -gstabs+" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fno-ident" - export ALLOWED_FLAGS="${ALLOWED_FLAGS} -W* -w" - fi - # allow a bunch of flags that negate features / control ABI - ALLOWED_FLAGS="${ALLOWED_FLAGS} -fno-stack-protector -fno-stack-protector-all \ - -fno-strict-aliasing -fno-bounds-checking -fstrict-overflow -fno-omit-frame-pointer" - ALLOWED_FLAGS="${ALLOWED_FLAGS} -mregparm -mno-app-regs -mapp-regs \ - -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-ssse3 -mno-sse4 -mno-sse4.1 \ - -mno-sse4.2 -mno-avx -mno-aes -mno-pclmul -mno-sse4a -mno-3dnow \ - -mno-popcnt -mno-abm \ - -mips1 -mips2 -mips3 -mips4 -mips32 -mips64 -mips16 -mplt \ - -msoft-float -mno-soft-float -mhard-float -mno-hard-float -mfpu \ - -mieee -mieee-with-inexact -mschedule \ - -mtls-direct-seg-refs -mno-tls-direct-seg-refs \ - -mflat -mno-flat -mno-faster-structs -mfaster-structs \ - -m32 -m64 -mabi -mlittle-endian -mbig-endian -EL -EB -fPIC \ - -mlive-g0 -mcmodel -mstack-bias -mno-stack-bias \ - -msecure-plt -m*-toc -D* -U*" - - # {C,CXX,F,FC}FLAGS that we are think is ok, but needs testing - # NOTE: currently -Os have issues with gcc3 and K6* arch's - export UNSTABLE_FLAGS="-Os -O3 -freorder-blocks" - return 0 -} - -# inverted filters for hardened compiler. This is trying to unpick -# the hardened compiler defaults. -_filter-hardened() { - local f - for f in "$@" ; do - case "${f}" in - # Ideally we should only concern ourselves with PIE flags, - # not -fPIC or -fpic, but too many places filter -fPIC without - # thinking about -fPIE. - -fPIC|-fpic|-fPIE|-fpie|-Wl,pie|-pie) - gcc-specs-pie || continue - is-flagq -nopie || append-flags -nopie;; - -fstack-protector) - gcc-specs-ssp || continue - is-flagq -fno-stack-protector || append-flags $(test-flags -fno-stack-protector) - _is_flagq CFLAGS -fno-stack-protector || append-cflags $(test-flags-CC -fno-stack-protector) - _is_flagq CXXFLAGS -fno-stack-protector || append-cxxflags $(test-flags-CXX -fno-stack-protector);; - -fstack-protector-all) - gcc-specs-ssp-to-all || continue - is-flagq -fno-stack-protector-all || append-flags $(test-flags -fno-stack-protector-all);; - -fno-strict-overflow) - gcc-specs-nostrict || continue - is-flagq -fstrict-overflow || append-flags $(test-flags -fstrict-overflow);; - esac - done -} - -# Remove occurrences of strings from variable given in $1 -# Strings removed are matched as globs, so for example -# '-O*' would remove -O1, -O2 etc. -_filter-var() { - local f x VAR VAL - declare -a new - - VAR=$1 - shift - eval VAL=\${${VAR}} - for f in ${VAL}; do - for x in "$@"; do - # Note this should work with globs like -O* - [[ ${f} == ${x} ]] && continue 2 - done - eval new\[\${\#new\[@]}]=\${f} - done - eval export ${VAR}=\${new\[*]} -} - -# @FUNCTION: filter-flags -# @USAGE: <flags> -# @DESCRIPTION: -# Remove particular <flags> from {C,CPP,CXX,F,FC}FLAGS. Accepts shell globs. -filter-flags() { - _filter-hardened "$@" - _filter-var CFLAGS "$@" - _filter-var CPPFLAGS "$@" - _filter-var CXXFLAGS "$@" - _filter-var FFLAGS "$@" - _filter-var FCFLAGS "$@" - return 0 -} - -# @FUNCTION: filter-lfs-flags -# @DESCRIPTION: -# Remove flags that enable Large File Support. -filter-lfs-flags() { - [[ -n $@ ]] && die "filter-lfs-flags takes no arguments" - filter-flags -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -} - -# @FUNCTION: append-cppflags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to the current CPPFLAGS. -append-cppflags() { - [[ -z $* ]] && return 0 - export CPPFLAGS="${CPPFLAGS} $*" - return 0 -} - -# @FUNCTION: append-cflags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to the current CFLAGS. -append-cflags() { - [[ -z $* ]] && return 0 - export CFLAGS="${CFLAGS} $*" - return 0 -} - -# @FUNCTION: append-cxxflags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to the current CXXFLAGS. -append-cxxflags() { - [[ -z $* ]] && return 0 - export CXXFLAGS="${CXXFLAGS} $*" - return 0 -} - -# @FUNCTION: append-fflags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to the current {F,FC}FLAGS. -append-fflags() { - [[ -z $* ]] && return 0 - export FFLAGS="${FFLAGS} $*" - export FCFLAGS="${FCFLAGS} $*" - return 0 -} - -# @FUNCTION: append-lfs-flags -# @DESCRIPTION: -# Add flags that enable Large File Support. -append-lfs-flags() { - [[ -n $@ ]] && die "append-lfs-flags takes no arguments" - append-cppflags -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -} - -# @FUNCTION: append-flags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to your current {C,CXX,F,FC}FLAGS. -append-flags() { - [[ -z $* ]] && return 0 - append-cflags "$@" - append-cxxflags "$@" - append-fflags "$@" - return 0 -} - -# @FUNCTION: replace-flags -# @USAGE: <old> <new> -# @DESCRIPTION: -# Replace the <old> flag with <new>. Accepts shell globs for <old>. -replace-flags() { - [[ $# != 2 ]] \ - && echo && eerror "Usage: replace-flags <old flag> <new flag>" \ - && die "replace-flags takes 2 arguments, not $#" - - local f fset - declare -a new_CFLAGS new_CXXFLAGS new_FFLAGS new_FCFLAGS - - for fset in CFLAGS CXXFLAGS FFLAGS FCFLAGS; do - # Looping over the flags instead of using a global - # substitution ensures that we're working with flag atoms. - # Otherwise globs like -O* have the potential to wipe out the - # list of flags. - for f in ${!fset}; do - # Note this should work with globs like -O* - [[ ${f} == ${1} ]] && f=${2} - eval new_${fset}\[\${\#new_${fset}\[@]}]=\${f} - done - eval export ${fset}=\${new_${fset}\[*]} - done - - return 0 -} - -# @FUNCTION: replace-cpu-flags -# @USAGE: <old> <new> -# @DESCRIPTION: -# Replace cpu flags (like -march/-mcpu/-mtune) that select the <old> cpu -# with flags that select the <new> cpu. Accepts shell globs for <old>. -replace-cpu-flags() { - local newcpu="$#" ; newcpu="${!newcpu}" - while [ $# -gt 1 ] ; do - # quote to make sure that no globbing is done (particularly on - # ${oldcpu}) prior to calling replace-flags - replace-flags "-march=${1}" "-march=${newcpu}" - replace-flags "-mcpu=${1}" "-mcpu=${newcpu}" - replace-flags "-mtune=${1}" "-mtune=${newcpu}" - shift - done - return 0 -} - -_is_flagq() { - local x - for x in ${!1} ; do - [[ ${x} == $2 ]] && return 0 - done - return 1 -} - -# @FUNCTION: is-flagq -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is in {C,CXX,F,FC}FLAGS, else returns shell false. Accepts shell globs. -is-flagq() { - [[ -n $2 ]] && die "Usage: is-flag <flag>" - _is_flagq CFLAGS $1 || _is_flagq CXXFLAGS $1 || _is_flagq FFLAGS $1 || _is_flagq FCFLAGS $1 -} - -# @FUNCTION: is-flag -# @USAGE: <flag> -# @DESCRIPTION: -# Echo's "true" if flag is set in {C,CXX,F,FC}FLAGS. Accepts shell globs. -is-flag() { - is-flagq "$@" && echo true -} - -# @FUNCTION: is-ldflagq -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is in LDFLAGS, else returns shell false. Accepts shell globs. -is-ldflagq() { - [[ -n $2 ]] && die "Usage: is-ldflag <flag>" - _is_flagq LDFLAGS $1 -} - -# @FUNCTION: is-ldflag -# @USAGE: <flag> -# @DESCRIPTION: -# Echo's "true" if flag is set in LDFLAGS. Accepts shell globs. -is-ldflag() { - is-ldflagq "$@" && echo true -} - -# @FUNCTION: filter-mfpmath -# @USAGE: <math types> -# @DESCRIPTION: -# Remove specified math types from the fpmath flag. For example, if the user -# has -mfpmath=sse,386, running `filter-mfpmath sse` will leave the user with -# -mfpmath=386. -filter-mfpmath() { - local orig_mfpmath new_math prune_math - - # save the original -mfpmath flag - orig_mfpmath=$(get-flag -mfpmath) - # get the value of the current -mfpmath flag - new_math=$(get-flag mfpmath) - new_math=" ${new_math//,/ } " - # figure out which math values are to be removed - prune_math="" - for prune_math in "$@" ; do - new_math=${new_math/ ${prune_math} / } - done - new_math=$(echo ${new_math}) - new_math=${new_math// /,} - - if [[ -z ${new_math} ]] ; then - # if we're removing all user specified math values are - # slated for removal, then we just filter the flag - filter-flags ${orig_mfpmath} - else - # if we only want to filter some of the user specified - # math values, then we replace the current flag - replace-flags ${orig_mfpmath} -mfpmath=${new_math} - fi - return 0 -} - -# @FUNCTION: strip-flags -# @DESCRIPTION: -# Strip C[XX]FLAGS of everything except known good/safe flags. -strip-flags() { - local x y flag NEW_CFLAGS NEW_CXXFLAGS NEW_FFLAGS NEW_FCFLAGS - - setup-allowed-flags - - local NEW_CFLAGS="" - local NEW_CXXFLAGS="" - local NEW_FFLAGS="" - local NEW_FCFLAGS="" - - # Allow unstable C[XX]FLAGS if we are using unstable profile ... - if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then - ALLOWED_FLAGS="${ALLOWED_FLAGS} ${UNSTABLE_FLAGS}" - fi - - set -f # disable pathname expansion - - for x in ${CFLAGS}; do - for y in ${ALLOWED_FLAGS}; do - flag=${x%%=*} - if [ "${flag%%${y}}" = "" ] ; then - NEW_CFLAGS="${NEW_CFLAGS} ${x}" - break - fi - done - done - - for x in ${CXXFLAGS}; do - for y in ${ALLOWED_FLAGS}; do - flag=${x%%=*} - if [ "${flag%%${y}}" = "" ] ; then - NEW_CXXFLAGS="${NEW_CXXFLAGS} ${x}" - break - fi - done - done - - for x in ${FFLAGS}; do - for y in ${ALLOWED_FLAGS}; do - flag=${x%%=*} - if [ "${flag%%${y}}" = "" ] ; then - NEW_FFLAGS="${NEW_FFLAGS} ${x}" - break - fi - done - done - - for x in ${FCFLAGS}; do - for y in ${ALLOWED_FLAGS}; do - flag=${x%%=*} - if [ "${flag%%${y}}" = "" ] ; then - NEW_FCFLAGS="${NEW_FCFLAGS} ${x}" - break - fi - done - done - - # In case we filtered out all optimization flags fallback to -O2 - if [ "${CFLAGS/-O}" != "${CFLAGS}" -a "${NEW_CFLAGS/-O}" = "${NEW_CFLAGS}" ]; then - NEW_CFLAGS="${NEW_CFLAGS} -O2" - fi - if [ "${CXXFLAGS/-O}" != "${CXXFLAGS}" -a "${NEW_CXXFLAGS/-O}" = "${NEW_CXXFLAGS}" ]; then - NEW_CXXFLAGS="${NEW_CXXFLAGS} -O2" - fi - if [ "${FFLAGS/-O}" != "${FFLAGS}" -a "${NEW_FFLAGS/-O}" = "${NEW_FFLAGS}" ]; then - NEW_FFLAGS="${NEW_FFLAGS} -O2" - fi - if [ "${FCFLAGS/-O}" != "${FCFLAGS}" -a "${NEW_FCFLAGS/-O}" = "${NEW_FCFLAGS}" ]; then - NEW_FCFLAGS="${NEW_FCFLAGS} -O2" - fi - - set +f # re-enable pathname expansion - - export CFLAGS="${NEW_CFLAGS}" - export CXXFLAGS="${NEW_CXXFLAGS}" - export FFLAGS="${NEW_FFLAGS}" - export FCFLAGS="${NEW_FCFLAGS}" - return 0 -} - -test-flag-PROG() { - local comp=$1 - local flags="$2" - - [[ -z ${comp} || -z ${flags} ]] && \ - return 1 - - local PROG=$(tc-get${comp}) - ${PROG} ${flags} -S -o /dev/null -xc /dev/null \ - > /dev/null 2>&1 -} - -# @FUNCTION: test-flag-CC -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is supported by the C compiler, else returns shell false. -test-flag-CC() { test-flag-PROG "CC" "$1"; } - -# @FUNCTION: test-flag-CXX -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is supported by the C++ compiler, else returns shell false. -test-flag-CXX() { test-flag-PROG "CXX" "$1"; } - -# @FUNCTION: test-flag-F77 -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is supported by the Fortran 77 compiler, else returns shell false. -test-flag-F77() { test-flag-PROG "F77" "$1"; } - -# @FUNCTION: test-flag-FC -# @USAGE: <flag> -# @DESCRIPTION: -# Returns shell true if <flag> is supported by the Fortran 90 compiler, else returns shell false. -test-flag-FC() { test-flag-PROG "FC" "$1"; } - -test-flags-PROG() { - local comp=$1 - local flags - local x - - shift - - [[ -z ${comp} ]] && return 1 - - x="" - for x in "$@" ; do - test-flag-${comp} "${x}" && flags="${flags}${flags:+ }${x}" - done - - echo "${flags}" - - # Just bail if we dont have any flags - [[ -n ${flags} ]] -} - -# @FUNCTION: test-flags-CC -# @USAGE: <flags> -# @DESCRIPTION: -# Returns shell true if <flags> are supported by the C compiler, else returns shell false. -test-flags-CC() { test-flags-PROG "CC" "$@"; } - -# @FUNCTION: test-flags-CXX -# @USAGE: <flags> -# @DESCRIPTION: -# Returns shell true if <flags> are supported by the C++ compiler, else returns shell false. -test-flags-CXX() { test-flags-PROG "CXX" "$@"; } - -# @FUNCTION: test-flags-F77 -# @USAGE: <flags> -# @DESCRIPTION: -# Returns shell true if <flags> are supported by the Fortran 77 compiler, else returns shell false. -test-flags-F77() { test-flags-PROG "F77" "$@"; } - -# @FUNCTION: test-flags-FC -# @USAGE: <flags> -# @DESCRIPTION: -# Returns shell true if <flags> are supported by the Fortran 90 compiler, else returns shell false. -test-flags-FC() { test-flags-PROG "FC" "$@"; } - -# @FUNCTION: test-flags -# @USAGE: <flags> -# @DESCRIPTION: -# Short-hand that should hopefully work for both C and C++ compiler, but -# its really only present due to the append-flags() abomination. -test-flags() { test-flags-CC "$@"; } - -# @FUNCTION: test_flag -# @DESCRIPTION: -# DEPRICIATED, use test-flags() -test_flag() { - ewarn "test_flag: deprecated, please use test-flags()!" >&2 - - test-flags-CC "$@" -} - -# @FUNCTION: test_version_info -# @USAGE: <version> -# @DESCRIPTION: -# Returns shell true if the current C compiler version matches <version>, else returns shell false. -# Accepts shell globs. -test_version_info() { - if [[ $($(tc-getCC) --version 2>&1) == *$1* ]]; then - return 0 - else - return 1 - fi -} - -# @FUNCTION: strip-unsupported-flags -# @DESCRIPTION: -# Strip {C,CXX,F,FC}FLAGS of any flags not supported by the active toolchain. -strip-unsupported-flags() { - export CFLAGS=$(test-flags-CC ${CFLAGS}) - export CXXFLAGS=$(test-flags-CXX ${CXXFLAGS}) - export FFLAGS=$(test-flags-F77 ${FFLAGS}) - export FCFLAGS=$(test-flags-FC ${FCFLAGS}) -} - -# @FUNCTION: get-flag -# @USAGE: <flag> -# @DESCRIPTION: -# Find and echo the value for a particular flag. Accepts shell globs. -get-flag() { - local f findflag="$1" - - # this code looks a little flaky but seems to work for - # everything we want ... - # for example, if CFLAGS="-march=i686": - # `get-flag -march` == "-march=i686" - # `get-flag march` == "i686" - for f in ${CFLAGS} ${CXXFLAGS} ${FFLAGS} ${FCFLAGS} ; do - if [ "${f/${findflag}}" != "${f}" ] ; then - printf "%s\n" "${f/-${findflag}=}" - return 0 - fi - done - return 1 -} - -# @FUNCTION: has_hardened -# @DESCRIPTION: -# DEPRECATED - use gcc-specs-relro or gcc-specs-now from toolchain-funcs -has_hardened() { - ewarn "has_hardened: deprecated, please use gcc-specs-{relro,now}()!" >&2 - - test_version_info Hardened && return 0 - # The specs file wont exist unless gcc has GCC_SPECS support - [[ -f ${GCC_SPECS} && ${GCC_SPECS} != ${GCC_SPECS/hardened/} ]] -} - -# @FUNCTION: has_pic -# @DESCRIPTION: -# DEPRECATED - use gcc-specs-pie from toolchain-funcs -# indicate whether PIC is set -has_pic() { - ewarn "has_pic: deprecated, please use gcc-specs-pie()!" >&2 - - [[ ${CFLAGS/-fPIC} != ${CFLAGS} || \ - ${CFLAGS/-fpic} != ${CFLAGS} ]] || \ - gcc-specs-pie -} - -# @FUNCTION: has_pie -# @DESCRIPTION: -# DEPRECATED - use gcc-specs-pie from toolchain-funcs -# indicate whether PIE is set -has_pie() { - ewarn "has_pie: deprecated, please use gcc-specs-pie()!" >&2 - - [[ ${CFLAGS/-fPIE} != ${CFLAGS} || \ - ${CFLAGS/-fpie} != ${CFLAGS} ]] || \ - gcc-specs-pie -} - -# @FUNCTION: has_ssp_all -# @DESCRIPTION: -# DEPRECATED - use gcc-specs-ssp from toolchain-funcs -# indicate whether code for SSP is being generated for all functions -has_ssp_all() { - ewarn "has_ssp_all: deprecated, please use gcc-specs-ssp()!" >&2 - - # note; this matches only -fstack-protector-all - [[ ${CFLAGS/-fstack-protector-all} != ${CFLAGS} || \ - -n $(echo | $(tc-getCC) ${CFLAGS} -E -dM - | grep __SSP_ALL__) ]] || \ - gcc-specs-ssp-to-all -} - -# @FUNCTION: has_ssp -# @DESCRIPTION: -# DEPRECATED - use gcc-specs-ssp from toolchain-funcs -# indicate whether code for SSP is being generated -has_ssp() { - ewarn "has_ssp: deprecated, please use gcc-specs-ssp()!" >&2 - - # note; this matches both -fstack-protector and -fstack-protector-all - [[ ${CFLAGS/-fstack-protector} != ${CFLAGS} || \ - -n $(echo | $(tc-getCC) ${CFLAGS} -E -dM - | grep __SSP__) ]] || \ - gcc-specs-ssp -} - -# @FUNCTION: has_m64 -# @DESCRIPTION: -# This doesn't test if the flag is accepted, it tests if the flag actually -# WORKS. Non-multilib gcc will take both -m32 and -m64. If the flag works -# return code is 0, else the return code is 1. -has_m64() { - # this doesnt test if the flag is accepted, it tests if the flag - # actually -WORKS-. non-multilib gcc will take both -m32 and -m64! - # please dont replace this function with test_flag in some future - # clean-up! - - local temp="$(emktemp)" - echo "int main() { return(0); }" > "${temp}".c - MY_CC=$(tc-getCC) - ${MY_CC/ .*/} -m64 -o "$(emktemp)" "${temp}".c > /dev/null 2>&1 - local ret=$? - rm -f "${temp}".c - [[ ${ret} != 1 ]] && return 0 - return 1 -} - -# @FUNCTION: has_m32 -# @DESCRIPTION: -# This doesn't test if the flag is accepted, it tests if the flag actually -# WORKS. Non-mulilib gcc will take both -m32 and -64. If the flag works return -# code is 0, else return code is 1. -has_m32() { - # this doesnt test if the flag is accepted, it tests if the flag - # actually -WORKS-. non-multilib gcc will take both -m32 and -m64! - # please dont replace this function with test_flag in some future - # clean-up! - - [ "$(tc-arch)" = "amd64" ] && has_multilib_profile && return 0 - - local temp=$(emktemp) - echo "int main() { return(0); }" > "${temp}".c - MY_CC=$(tc-getCC) - ${MY_CC/ .*/} -m32 -o "$(emktemp)" "${temp}".c > /dev/null 2>&1 - local ret=$? - rm -f "${temp}".c - [[ ${ret} != 1 ]] && return 0 - return 1 -} - -# @FUNCTION: replace-sparc64-flags -# @DESCRIPTION: -# Sets mcpu to v8 and uses the original value as mtune if none specified. -replace-sparc64-flags() { - local SPARC64_CPUS="ultrasparc3 ultrasparc v9" - - if [ "${CFLAGS/mtune}" != "${CFLAGS}" ]; then - for x in ${SPARC64_CPUS}; do - CFLAGS="${CFLAGS/-mcpu=${x}/-mcpu=v8}" - done - else - for x in ${SPARC64_CPUS}; do - CFLAGS="${CFLAGS/-mcpu=${x}/-mcpu=v8 -mtune=${x}}" - done - fi - - if [ "${CXXFLAGS/mtune}" != "${CXXFLAGS}" ]; then - for x in ${SPARC64_CPUS}; do - CXXFLAGS="${CXXFLAGS/-mcpu=${x}/-mcpu=v8}" - done - else - for x in ${SPARC64_CPUS}; do - CXXFLAGS="${CXXFLAGS/-mcpu=${x}/-mcpu=v8 -mtune=${x}}" - done - fi - - export CFLAGS CXXFLAGS -} - -# @FUNCTION: append-ldflags -# @USAGE: <flags> -# @DESCRIPTION: -# Add extra <flags> to the current LDFLAGS. -append-ldflags() { - [[ -z $* ]] && return 0 - local flag - for flag in "$@"; do - [[ ${flag} == -l* ]] && \ - ewarn "Appending a library link instruction (${flag}); libraries to link to should not be passed through LDFLAGS" - done - - export LDFLAGS="${LDFLAGS} $*" - return 0 -} - -# @FUNCTION: filter-ldflags -# @USAGE: <flags> -# @DESCRIPTION: -# Remove particular <flags> from LDFLAGS. Accepts shell globs. -filter-ldflags() { - _filter-var LDFLAGS "$@" - return 0 -} - -# @FUNCTION: raw-ldflags -# @USAGE: <flags> -# @DESCRIPTION: -# Turn C style ldflags (-Wl,-foo) into straight ldflags - the results -# are suitable for passing directly to 'ld'; note LDFLAGS is usually passed -# to gcc where it needs the '-Wl,'. -raw-ldflags() { - local x input="$@" - [[ -z ${input} ]] && input=${LDFLAGS} - set -- - for x in ${input} ; do - x=${x#-Wl,} - set -- "$@" ${x//,/ } - done - echo "$@" -} - -# @FUNCTION: bindnow-flags -# @RETURN: Returns the flags to enable "now" binding in the current selected linker. -# @DESCRIPTION: -# DEPRECATED - Gets the flags needed for "NOW" binding -bindnow-flags() { - eerror "QA: stop using the bindnow-flags function ... simply drop it from your ebuild" - die "Stop using bindnow-flags." -} - - -# Some tests for when we screw with things and want to make -# sure we didn't break anything -#TESTS() { -# CFLAGS="-a -b -c=1" -# CXXFLAGS="-x -y -z=2" -# LDFLAGS="-l -m -n=3" -# -# die() { exit 1; } -# (is-flag 1 2 3) && die -# (is-ldflag 1 2 3) && die -# -# is-flagq -l && die -# is-ldflagq -a && die -# is-flagq -a || die -# is-flagq -x || die -# is-ldflagq -n=* || die -# is-ldflagq -n && die -# -# strip-unsupported-flags -# [[ ${CFLAGS} == "-c=1" ]] || die -# [[ ${CXXFLAGS} == "-y -z=2" ]] || die -# -# echo "All tests pass" -#} -#TESTS diff --git a/eclass/toolchain.eclass b/eclass/toolchain.eclass deleted file mode 100644 index e6b5447c..00000000 --- a/eclass/toolchain.eclass +++ /dev/null @@ -1,2643 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain.eclass,v 1.403 2009/07/26 20:09:59 halcy0n Exp $ -# -# Maintainer: Toolchain Ninjas <toolchain@gentoo.org> - -HOMEPAGE="http://gcc.gnu.org/" -LICENSE="GPL-2 LGPL-2.1" -RESTRICT="strip" # cross-compilers need controlled stripping - -#---->> eclass stuff <<---- -inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib fixheadtails - -EXPORT_FUNCTIONS pkg_setup src_unpack src_compile src_test pkg_preinst src_install pkg_postinst pkg_prerm pkg_postrm -DESCRIPTION="Based on the ${ECLASS} eclass" - -FEATURES=${FEATURES/multilib-strict/} - -toolchain_pkg_setup() { - gcc_pkg_setup -} -toolchain_src_unpack() { - gcc_src_unpack -} -toolchain_src_compile() { - gcc_src_compile -} -toolchain_src_test() { - gcc_src_test -} -toolchain_pkg_preinst() { - ${ETYPE}_pkg_preinst -} -toolchain_src_install() { - ${ETYPE}_src_install -} -toolchain_pkg_postinst() { - ${ETYPE}_pkg_postinst -} -toolchain_pkg_prerm() { - ${ETYPE}_pkg_prerm -} -toolchain_pkg_postrm() { - ${ETYPE}_pkg_postrm -} -#----<< eclass stuff >>---- - - -#---->> globals <<---- -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} = ${CHOST} ]] ; then - if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - export CTARGET=${CATEGORY/cross-} - fi -fi -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} - -tc_version_is_at_least() { version_is_at_least "$1" "${2:-${GCC_PV}}" ; } - - -GCC_PV=${TOOLCHAIN_GCC_PV:-${PV}} -GCC_PVR=${GCC_PV} -[[ ${PR} != "r0" ]] && GCC_PVR=${GCC_PVR}-${PR} -GCC_RELEASE_VER=$(get_version_component_range 1-3 ${GCC_PV}) -GCC_BRANCH_VER=$(get_version_component_range 1-2 ${GCC_PV}) -GCCMAJOR=$(get_version_component_range 1 ${GCC_PV}) -GCCMINOR=$(get_version_component_range 2 ${GCC_PV}) -GCCMICRO=$(get_version_component_range 3 ${GCC_PV}) -[[ ${BRANCH_UPDATE-notset} == "notset" ]] && BRANCH_UPDATE=$(get_version_component_range 4 ${GCC_PV}) - -# According to gcc/c-cppbuiltin.c, GCC_CONFIG_VER MUST match this regex. -# ([^0-9]*-)?[0-9]+[.][0-9]+([.][0-9]+)?([- ].*)? -GCC_CONFIG_VER=${GCC_CONFIG_VER:-$(replace_version_separator 3 '-' ${GCC_PV})} - -# Pre-release support -if [[ ${GCC_PV} != ${GCC_PV/_pre/-} ]] ; then - PRERELEASE=${GCC_PV/_pre/-} -fi -# make _alpha and _beta ebuilds automatically use a snapshot -if [[ ${GCC_PV} != ${GCC_PV/_alpha/} ]] ; then - SNAPSHOT=${GCC_BRANCH_VER}-${GCC_PV##*_alpha} -elif [[ ${GCC_PV} != ${GCC_PV/_beta/} ]] ; then - SNAPSHOT=${GCC_BRANCH_VER}-${GCC_PV##*_beta} -fi -export GCC_FILESDIR=${GCC_FILESDIR:-${FILESDIR}} - -if [[ ${ETYPE} == "gcc-library" ]] ; then - GCC_VAR_TYPE=${GCC_VAR_TYPE:-non-versioned} - GCC_LIB_COMPAT_ONLY=${GCC_LIB_COMPAT_ONLY:-true} - GCC_TARGET_NO_MULTILIB=${GCC_TARGET_NO_MULTILIB:-true} -else - GCC_VAR_TYPE=${GCC_VAR_TYPE:-versioned} - GCC_LIB_COMPAT_ONLY="false" - GCC_TARGET_NO_MULTILIB=${GCC_TARGET_NO_MULTILIB:-false} -fi - -PREFIX=${TOOLCHAIN_PREFIX:-/usr} - -if [[ ${GCC_VAR_TYPE} == "versioned" ]] ; then - if tc_version_is_at_least 3.4.0 ; then - LIBPATH=${TOOLCHAIN_LIBPATH:-${PREFIX}/lib/gcc/${CTARGET}/${GCC_CONFIG_VER}} - else - LIBPATH=${TOOLCHAIN_LIBPATH:-${PREFIX}/lib/gcc-lib/${CTARGET}/${GCC_CONFIG_VER}} - fi - INCLUDEPATH=${TOOLCHAIN_INCLUDEPATH:-${LIBPATH}/include} - if is_crosscompile ; then - BINPATH=${TOOLCHAIN_BINPATH:-${PREFIX}/${CHOST}/${CTARGET}/gcc-bin/${GCC_CONFIG_VER}} - else - BINPATH=${TOOLCHAIN_BINPATH:-${PREFIX}/${CTARGET}/gcc-bin/${GCC_CONFIG_VER}} - fi - DATAPATH=${TOOLCHAIN_DATAPATH:-${PREFIX}/share/gcc-data/${CTARGET}/${GCC_CONFIG_VER}} - # Dont install in /usr/include/g++-v3/, but in gcc internal directory. - # We will handle /usr/include/g++-v3/ with gcc-config ... - STDCXX_INCDIR=${TOOLCHAIN_STDCXX_INCDIR:-${LIBPATH}/include/g++-v${GCC_BRANCH_VER/\.*/}} -elif [[ ${GCC_VAR_TYPE} == "non-versioned" ]] ; then - # using non-versioned directories to install gcc, like what is currently - # done for ppc64 and 3.3.3_pre, is a BAD IDEA. DO NOT do it!! However... - # setting up variables for non-versioned directories might be useful for - # specific gcc targets, like libffi. Note that we dont override the value - # returned by get_libdir here. - LIBPATH=${TOOLCHAIN_LIBPATH:-${PREFIX}/$(get_libdir)} - INCLUDEPATH=${TOOLCHAIN_INCLUDEPATH:-${PREFIX}/include} - BINPATH=${TOOLCHAIN_BINPATH:-${PREFIX}/bin} - DATAPATH=${TOOLCHAIN_DATAPATH:-${PREFIX}/share} - STDCXX_INCDIR=${TOOLCHAIN_STDCXX_INCDIR:-${PREFIX}/include/g++-v3} -fi - -#----<< globals >>---- - - -#---->> SLOT+IUSE logic <<---- -if [[ ${ETYPE} == "gcc-library" ]] ; then - IUSE="nls build test" - SLOT="${CTARGET}-${SO_VERSION_SLOT:-5}" -else - IUSE="multislot nptl test" - - if [[ ${PN} != "kgcc64" && ${PN} != gcc-* ]] ; then - IUSE="${IUSE} altivec build fortran nls nocxx" - [[ -n ${PIE_VER} ]] && IUSE="${IUSE} nopie" - [[ -n ${PP_VER} ]] && IUSE="${IUSE} nossp" - [[ -n ${HTB_VER} ]] && IUSE="${IUSE} boundschecking" - [[ -n ${D_VER} ]] && IUSE="${IUSE} d" - - if tc_version_is_at_least 3 ; then - IUSE="${IUSE} bootstrap doc gcj gtk hardened libffi multilib objc vanilla" - - # gcc-{nios2,bfin} don't accept these - if [[ ${PN} == "gcc" ]] ; then - IUSE="${IUSE} ip28 ip32r10k n32 n64" - fi - - tc_version_is_at_least "4.0" && IUSE="${IUSE} objc-gc mudflap" - tc_version_is_at_least "4.1" && IUSE="${IUSE} objc++" - tc_version_is_at_least "4.2" && IUSE="${IUSE} openmp" - tc_version_is_at_least "4.3" && IUSE="${IUSE} fixed-point" - tc_version_is_at_least "4.4" && IUSE="${IUSE} graphite" - fi - fi - - # Support upgrade paths here or people get pissed - if use multislot ; then - SLOT="${CTARGET}-${GCC_CONFIG_VER}" - elif is_crosscompile; then - SLOT="${CTARGET}-${GCC_BRANCH_VER}" - else - SLOT="${GCC_BRANCH_VER}" - fi -fi -#----<< SLOT+IUSE logic >>---- - - -#---->> S + SRC_URI essentials <<---- - -# This function sets the source directory depending on whether we're using -# a prerelease, snapshot, or release tarball. To use it, just set S with: -# -# S="$(gcc_get_s_dir)" -# -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# -gcc_get_s_dir() { - local GCC_S - if [[ -n ${PRERELEASE} ]] ; then - GCC_S=${WORKDIR}/gcc-${PRERELEASE} - elif [[ -n ${SNAPSHOT} ]] ; then - GCC_S=${WORKDIR}/gcc-${SNAPSHOT} - else - GCC_S=${WORKDIR}/gcc-${GCC_RELEASE_VER} - fi - echo "${GCC_S}" -} - -# This function handles the basics of setting the SRC_URI for a gcc ebuild. -# To use, set SRC_URI with: -# -# SRC_URI="$(get_gcc_src_uri)" -# -# Other than the variables normally set by portage, this function's behavior -# can be altered by setting the following: -# -# SNAPSHOT -# If set, this variable signals that we should be using a snapshot -# of gcc from ftp://sources.redhat.com/pub/gcc/snapshots/. It is -# expected to be in the format "YYYY-MM-DD". Note that if the ebuild -# has a _pre suffix, this variable is ignored and the prerelease -# tarball is used instead. -# -# BRANCH_UPDATE -# If set, this variable signals that we should be using the main -# release tarball (determined by ebuild version) and applying a -# CVS branch update patch against it. The location of this branch -# update patch is assumed to be in ${GENTOO_TOOLCHAIN_BASE_URI}. -# Just like with SNAPSHOT, this variable is ignored if the ebuild -# has a _pre suffix. -# -# PATCH_VER -# PATCH_GCC_VER -# This should be set to the version of the gentoo patch tarball. -# The resulting filename of this tarball will be: -# gcc-${PATCH_GCC_VER:-${GCC_RELEASE_VER}}-patches-${PATCH_VER}.tar.bz2 -# -# PIE_VER -# PIE_GCC_VER -# obsoleted: PIE_CORE -# These variables control patching in various updates for the logic -# controlling Position Independant Executables. PIE_VER is expected -# to be the version of this patch, PIE_GCC_VER the gcc version of -# the patch, and PIE_CORE (obsoleted) the actual filename of the patch. -# An example: -# PIE_VER="8.7.6.5" -# PIE_GCC_VER="3.4.0" -# The resulting filename of this tarball will be: -# gcc-${PIE_GCC_VER:-${GCC_RELEASE_VER}}-piepatches-v${PIE_VER}.tar.bz2 -# old syntax (do not define PIE_CORE anymore): -# PIE_CORE="gcc-3.4.0-piepatches-v${PIE_VER}.tar.bz2" -# -# SPECS_VER -# SPECS_GCC_VER -# This is for the minispecs files included in the hardened gcc-4.x -# -# PP_VER -# PP_GCC_VER -# obsoleted: PP_FVER -# These variables control patching in stack smashing protection -# support. They both control the version of ProPolice to download. -# -# PP_VER / PP_GCC_VER -# Used to roll our own custom tarballs of ssp. -# PP_FVER / PP_VER -# Used for mirroring ssp straight from IBM. -# PP_VER sets the version of the directory in which to find the -# patch, and PP_FVER sets the version of the patch itself. For -# example: -# PP_VER="3_4" -# PP_FVER="${PP_VER//_/.}-2" -# would download gcc3_4/protector-3.4-2.tar.gz -# -# HTB_VER -# HTB_GCC_VER -# These variables control whether or not an ebuild supports Herman -# ten Brugge's bounds-checking patches. If you want to use a patch -# for an older gcc version with a new gcc, make sure you set -# HTB_GCC_VER to that version of gcc. -# -# MAN_VER -# The version of gcc for which we will download manpages. This will -# default to ${GCC_RELEASE_VER}, but we may not want to pre-generate man pages -# for prerelease test ebuilds for example. This allows you to -# continue using pre-generated manpages from the last stable release. -# If set to "none", this will prevent the downloading of manpages, -# which is useful for individual library targets. -# -gentoo_urls() { - local devspace="HTTP~lv/GCC/URI HTTP~eradicator/gcc/URI HTTP~vapier/dist/URI - HTTP~halcy0n/patches/URI" - devspace=${devspace//HTTP/http:\/\/dev.gentoo.org\/} - echo mirror://gentoo/$1 ${devspace//URI/$1} -} -get_gcc_src_uri() { - export PATCH_GCC_VER=${PATCH_GCC_VER:-${GCC_RELEASE_VER}} - export UCLIBC_GCC_VER=${UCLIBC_GCC_VER:-${PATCH_GCC_VER}} - export PIE_GCC_VER=${PIE_GCC_VER:-${GCC_RELEASE_VER}} - export PP_GCC_VER=${PP_GCC_VER:-${GCC_RELEASE_VER}} - export HTB_GCC_VER=${HTB_GCC_VER:-${GCC_RELEASE_VER}} - export SPECS_GCC_VER=${SPECS_GCC_VER:-${GCC_RELEASE_VER}} - - [[ -n ${PIE_VER} ]] && \ - PIE_CORE=${PIE_CORE:-gcc-${PIE_GCC_VER}-piepatches-v${PIE_VER}.tar.bz2} - - # Set where to download gcc itself depending on whether we're using a - # prerelease, snapshot, or release tarball. - if [[ -n ${PRERELEASE} ]] ; then - GCC_SRC_URI="ftp://gcc.gnu.org/pub/gcc/prerelease-${PRERELEASE}/gcc-${PRERELEASE}.tar.bz2" - elif [[ -n ${SNAPSHOT} ]] ; then - GCC_SRC_URI="ftp://sources.redhat.com/pub/gcc/snapshots/${SNAPSHOT}/gcc-${SNAPSHOT}.tar.bz2" - else - GCC_SRC_URI="mirror://gnu/gcc/gcc-${GCC_PV}/gcc-${GCC_RELEASE_VER}.tar.bz2" - # we want all branch updates to be against the main release - [[ -n ${BRANCH_UPDATE} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${GCC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2)" - fi - - # propolice aka stack smashing protection - if [[ -n ${PP_VER} ]] ; then - if [[ -n ${PP_FVER} ]] ; then - GCC_SRC_URI="${GCC_SRC_URI} - !nossp? ( - http://www.research.ibm.com/trl/projects/security/ssp/gcc${PP_VER}/protector-${PP_FVER}.tar.gz - $(gentoo_urls protector-${PP_FVER}.tar.gz) - )" - else - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${PP_GCC_VER}-ssp-${PP_VER}.tar.bz2)" - fi - fi - - # uclibc lovin - [[ -n ${UCLIBC_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2)" - - # PERL cannot be present at bootstrap, and is used to build the man pages. - # So... lets include some pre-generated ones, shall we? - [[ -n ${MAN_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${MAN_VER}-manpages.tar.bz2)" - - # various gentoo patches - [[ -n ${PATCH_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${PATCH_GCC_VER}-patches-${PATCH_VER}.tar.bz2)" - - # strawberry pie, Cappuccino and a Gauloises (it's a good thing) - [[ -n ${PIE_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} !nopie? ( $(gentoo_urls ${PIE_CORE}) )" - - # espf patch for gcc >4.4.1 compiler. New hardened patchset - [[ -n ${ESPF_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} ( $(gentoo_urls gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2) - http://weaver.gentooenterprise.com/hardened/patches/gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2 - )" - - # gcc minispec for the hardened gcc 4 compiler - [[ -n ${SPECS_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} ( $(gentoo_urls gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2) - http://weaver.gentooenterprise.com/hardened/patches/gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2 - )" - - # gcc bounds checking patch - if [[ -n ${HTB_VER} ]] ; then - local HTBFILE="bounds-checking-gcc-${HTB_GCC_VER}-${HTB_VER}.patch.bz2" - GCC_SRC_URI="${GCC_SRC_URI} - boundschecking? ( - mirror://sourceforge/boundschecking/${HTBFILE} - $(gentoo_urls ${HTBFILE}) - )" - fi - - # support for the D language - [[ -n ${D_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} d? ( mirror://sourceforge/dgcc/gdc-${D_VER}-src.tar.bz2 )" - - # >= gcc-4.3 uses ecj.jar and we only add gcj as a use flag under certain - # conditions - if [[ ${PN} != "kgcc64" && ${PN} != gcc-* ]] ; then - tc_version_is_at_least "4.3" && \ - GCC_SRC_URI="${GCC_SRC_URI} - gcj? ( ftp://sourceware.org/pub/java/ecj-4.3.jar )" - fi - - echo "${GCC_SRC_URI}" -} -S=$(gcc_get_s_dir) -SRC_URI=$(get_gcc_src_uri) -#---->> S + SRC_URI essentials >>---- - - -#---->> support checks <<---- - -# Grab a variable from the build system (taken from linux-info.eclass) -get_make_var() { - local var=$1 makefile=${2:-${WORKDIR}/build/Makefile} - echo -e "e:\\n\\t@echo \$(${var})\\ninclude ${makefile}" | \ - r=${makefile%/*} emake --no-print-directory -s -f - 2>/dev/null -} -XGCC() { get_make_var GCC_FOR_TARGET ; } - -# The gentoo piessp patches allow for 3 configurations: -# 1) PIE+SSP by default -# 2) PIE by default -# 3) SSP by default -hardened_gcc_works() { - if [[ $1 == "pie" ]] ; then - # $gcc_cv_ld_pie is unreliable as it simply take the output of - # `ld --help | grep -- -pie`, that reports the option in all cases, also if - # the loader doesn't actually load the resulting executables. - # To avoid breakage, blacklist FreeBSD here at least - [[ ${CTARGET} == *-freebsd* ]] && return 1 - - want_pie || return 1 - hardened_gcc_is_stable pie && return 0 - if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then - hardened_gcc_check_unsupported pie && return 1 - ewarn "Allowing pie-by-default for an unstable arch ($(tc-arch))" - return 0 - fi - return 1 - elif [[ $1 == "ssp" ]] ; then - [[ -z ${PP_VER} ]] && return 1 - hardened_gcc_is_stable ssp && return 0 - if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then - hardened_gcc_check_unsupported ssp && return 1 - ewarn "Allowing ssp-by-default for an unstable arch ($(tc-arch))" - return 0 - fi - return 1 - else - # laziness ;) - hardened_gcc_works pie || return 1 - hardened_gcc_works ssp || return 1 - return 0 - fi -} - -hardened_gcc_is_stable() { - if [[ $1 == "pie" ]] ; then - # HARDENED_* variables are deprecated and here for compatibility - local tocheck="${HARDENED_PIE_WORKS} ${HARDENED_GCC_WORKS}" - if [[ ${CTARGET} == *-uclibc* ]] ; then - tocheck="${tocheck} ${PIE_UCLIBC_STABLE}" - else - tocheck="${tocheck} ${PIE_GLIBC_STABLE}" - fi - elif [[ $1 == "ssp" ]] ; then - # ditto - local tocheck="${HARDENED_SSP_WORKS} ${HARDENED_GCC_WORKS}" - if [[ ${CTARGET} == *-uclibc* ]] ; then - tocheck="${tocheck} ${SSP_UCLIBC_STABLE}" - else - tocheck="${tocheck} ${SSP_STABLE}" - fi - else - die "hardened_gcc_stable needs to be called with pie or ssp" - fi - - hasq $(tc-arch) ${tocheck} && return 0 - return 1 -} - -hardened_gcc_check_unsupported() { - local tocheck="" - # if a variable is unset, we assume that all archs are unsupported. since - # this function is never called if hardened_gcc_is_stable returns true, - # this shouldn't cause problems... however, allowing this logic to work - # even with the variables unset will break older ebuilds that dont use them. - if [[ $1 == "pie" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] ; then - [[ -z ${PIE_UCLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${PIE_UCLIBC_UNSUPPORTED}" - else - [[ -z ${PIE_GLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${PIE_GLIBC_UNSUPPORTED}" - fi - elif [[ $1 == "ssp" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] ; then - [[ -z ${SSP_UCLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${SSP_UCLIBC_UNSUPPORTED}" - else - [[ -z ${SSP_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${SSP_UNSUPPORTED}" - fi - else - die "hardened_gcc_check_unsupported needs to be called with pie or ssp" - fi - - hasq $(tc-arch) ${tocheck} && return 0 - return 1 -} - -espf_arch_support() { - if [[ ${CTARGET} == *-uclibc* ]] && has $(tc-arch) ${ESPF_UCLIBC_SUPPORT} || has $(tc-arch) ${ESPF_GLIBC_SUPPORT} ; then - return 0 - else - return 1 - fi -} - -has_libssp() { - [[ -e /$(get_libdir)/libssp.so ]] && return 0 - return 1 -} - -want_libssp() { - [[ ${GCC_LIBSSP_SUPPORT} == "true" ]] || return 1 - has_libssp || return 1 - [[ -n ${PP_VER} ]] || return 1 - return 0 -} - -_want_stuff() { - local var=$1 flag=$2 - [[ -z ${!var} ]] && return 1 - use ${flag} && return 0 - return 1 -} -want_boundschecking() { _want_stuff HTB_VER boundschecking ; } -want_pie() { _want_stuff PIE_VER !nopie ; } -want_ssp() { _want_stuff PP_VER !nossp ; } - -want_split_specs() { - [[ ${SPLIT_SPECS} == "true" ]] && want_pie -} -want_minispecs() { - if tc_version_is_at_least 4.3.2 && use hardened ; then - [[ -n ${SPECS_VER} ]] && want_pie && return 0 - [[ -n ${ESPF_VER} ]] && [[ -n ${SPECS_VER} ]] && return 1 - die "For Hardened to work you need the minispecs files and have the PIE patch" - fi - return 1 -} -want_espf() { - if tc_version_is_at_least 4.3.4 && use hardened ; then - [[ -n ${ESPF_VER} ]] && [[ -n ${SPECS_VER} ]] && return 0 - die "For Hardened to work you need the minispecs files and have the espf patch" - fi - return 1 -} -# This function checks whether or not glibc has the support required to build -# Position Independant Executables with gcc. -glibc_have_pie() { - if [[ ! -f ${ROOT}/usr/$(get_libdir)/Scrt1.o ]] ; then - echo - ewarn "Your glibc does not have support for pie, the file Scrt1.o is missing" - ewarn "Please update your glibc to a proper version or disable hardened" - echo - return 1 - fi -} - -# This function determines whether or not libc has been patched with stack -# smashing protection support. -libc_has_ssp() { - [[ ${ROOT} != "/" ]] && return 0 - - # lib hacks taken from sandbox configure - echo 'int main(){}' > "${T}"/libctest.c - LC_ALL=C gcc "${T}"/libctest.c -lc -o libctest -Wl,-verbose &> "${T}"/libctest.log || return 1 - local libc_file=$(awk '/attempt to open/ { if (($4 ~ /\/libc\.so/) && ($5 == "succeeded")) LIBC = $4; }; END {print LIBC}' "${T}"/libctest.log) - - [[ -z ${libc_file} ]] && die "Unable to find a libc !?" - - # Check for gcc-4.x style ssp support - if [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__stack_chk_fail') ]] - then - return 0 - else - # Check for gcc-3.x style ssp support - if [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'OBJECT.*GLOBAL.*__guard') ]] && \ - [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]] - then - return 0 - elif is_crosscompile ; then - die "'${libc_file}' was detected w/out ssp, that sucks (a lot)" - else - return 1 - fi - fi -} - -# This is to make sure we don't accidentally try to enable support for a -# language that doesnt exist. GCC 3.4 supports f77, while 4.0 supports f95, etc. -# -# Also add a hook so special ebuilds (kgcc64) can control which languages -# exactly get enabled -gcc-lang-supported() { - grep ^language=\"${1}\" "${S}"/gcc/*/config-lang.in > /dev/null || return 1 - [[ -z ${TOOLCHAIN_ALLOWED_LANGS} ]] && return 0 - has $1 ${TOOLCHAIN_ALLOWED_LANGS} -} - -#----<< support checks >>---- - -#---->> specs + env.d logic <<---- - -# defaults to enable for all hardened toolchains -gcc_common_hard="-DEFAULT_RELRO -DEFAULT_BIND_NOW" - -# configure to build with the hardened GCC specs as the default -make_gcc_hard() { - if hardened_gcc_works ; then - einfo "Updating gcc to use automatic PIE + SSP building ..." - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_PIE_SSP ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - elif hardened_gcc_works pie ; then - einfo "Updating gcc to use automatic PIE building ..." - ewarn "SSP has not been enabled by default" - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_PIE ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - elif hardened_gcc_works ssp ; then - einfo "Updating gcc to use automatic SSP building ..." - ewarn "PIE has not been enabled by default" - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_SSP ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - else - # do nothing if hardened isnt supported, but dont die either - ewarn "hardened is not supported for this arch in this gcc version" - ebeep - return 0 - fi - - # rebrand to make bug reports easier - BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened} -} - -# now we generate different spec files so that the user can select a compiler -# that enforces certain features in gcc itself and so we don't have to worry -# about a certain package ignoring CFLAGS/LDFLAGS -_create_specs_file() { - # Usage: _create_specs_file <USE flag> <specs name> <CFLAGS> - local uflag=$1 name=$2 flags=${*:3} - ebegin "Creating a ${name} gcc specs file" - pushd "${WORKDIR}"/build/gcc > /dev/null - if [[ -z ${uflag} ]] || use ${uflag} ; then - # backup the compiler first - cp Makefile Makefile.orig - sed -i -e '/^HARD_CFLAGS/s:=.*:='"${flags}"':' Makefile - mv xgcc xgcc.foo - mv gcc.o gcc.o.foo - emake -s xgcc - $(XGCC) -dumpspecs > "${WORKDIR}"/build/${name}.specs - # restore everything to normal - mv gcc.o.foo gcc.o - mv xgcc.foo xgcc - mv Makefile.orig Makefile - else - $(XGCC) -dumpspecs > "${WORKDIR}"/build/${name}.specs - fi - popd > /dev/null - eend $([[ -s ${WORKDIR}/build/${name}.specs ]] ; echo $?) -} -create_vanilla_specs_file() { _create_specs_file hardened vanilla ; } -create_hardened_specs_file() { _create_specs_file !hardened hardened ${gcc_common_hard} -DEFAULT_PIE_SSP ; } -create_hardenednossp_specs_file() { _create_specs_file "" hardenednossp ${gcc_common_hard} -DEFAULT_PIE ; } -create_hardenednopie_specs_file() { _create_specs_file "" hardenednopie ${gcc_common_hard} -DEFAULT_SSP ; } -create_hardenednopiessp_specs_file() { _create_specs_file "" hardenednopiessp ${gcc_common_hard} ; } - -split_out_specs_files() { - local s spec_list="hardenednopiessp vanilla" - if hardened_gcc_works ; then - spec_list="${spec_list} hardened hardenednossp hardenednopie" - elif hardened_gcc_works pie ; then - spec_list="${spec_list} hardenednossp" - elif hardened_gcc_works ssp ; then - spec_list="${spec_list} hardenednopie" - fi - for s in ${spec_list} ; do - create_${s}_specs_file || return 1 - done -} - -create_gcc_env_entry() { - dodir /etc/env.d/gcc - local gcc_envd_base="/etc/env.d/gcc/${CTARGET}-${GCC_CONFIG_VER}" - - if [[ -z $1 ]] ; then - gcc_envd_file="${D}${gcc_envd_base}" - # I'm leaving the following commented out to remind me that it - # was an insanely -bad- idea. Stuff broke. GCC_SPECS isnt unset - # on chroot or in non-toolchain.eclass gcc ebuilds! - #gcc_specs_file="${LIBPATH}/specs" - gcc_specs_file="" - else - gcc_envd_file="${D}${gcc_envd_base}-$1" - gcc_specs_file="${LIBPATH}/$1.specs" - fi - - # phase PATH/ROOTPATH out ... - echo "PATH=\"${BINPATH}\"" > ${gcc_envd_file} - echo "ROOTPATH=\"${BINPATH}\"" >> ${gcc_envd_file} - echo "GCC_PATH=\"${BINPATH}\"" >> ${gcc_envd_file} - - if use multilib && ! has_multilib_profile; then - LDPATH="${LIBPATH}" - for path in 32 64 ; do - [[ -d ${LIBPATH}/${path} ]] && LDPATH="${LDPATH}:${LIBPATH}/${path}" - done - else - local MULTIDIR - LDPATH="${LIBPATH}" - - # We want to list the default ABI's LIBPATH first so libtool - # searches that directory first. This is a temporary - # workaround for libtool being stupid and using .la's from - # conflicting ABIs by using the first one in the search path - - local abi=${DEFAULT_ABI} - local MULTIDIR=$($(XGCC) $(get_abi_CFLAGS ${abi}) --print-multi-directory) - if [[ ${MULTIDIR} == "." ]] ; then - LDPATH=${LIBPATH} - else - LDPATH=${LIBPATH}/${MULTIDIR} - fi - - for abi in $(get_all_abis) ; do - [[ ${abi} == ${DEFAULT_ABI} ]] && continue - - MULTIDIR=$($(XGCC) $(get_abi_CFLAGS ${abi}) --print-multi-directory) - if [[ ${MULTIDIR} == "." ]] ; then - LDPATH=${LDPATH}:${LIBPATH} - else - LDPATH=${LDPATH}:${LIBPATH}/${MULTIDIR} - fi - done - fi - - echo "LDPATH=\"${LDPATH}\"" >> ${gcc_envd_file} - echo "MANPATH=\"${DATAPATH}/man\"" >> ${gcc_envd_file} - echo "INFOPATH=\"${DATAPATH}/info\"" >> ${gcc_envd_file} - echo "STDCXX_INCDIR=\"${STDCXX_INCDIR##*/}\"" >> ${gcc_envd_file} - - is_crosscompile && echo "CTARGET=${CTARGET}" >> ${gcc_envd_file} - - # Set which specs file to use - [[ -n ${gcc_specs_file} ]] && echo "GCC_SPECS=\"${gcc_specs_file}\"" >> ${gcc_envd_file} -} -setup_minispecs_gcc_build_specs() { - # Setup the "build.specs" file for gcc to use when building. - if want_minispecs ; then - if hardened_gcc_works pie ; then - cat "${WORKDIR}"/specs/pie.specs >> "${WORKDIR}"/build.specs - fi - for s in nostrict znow; do - cat "${WORKDIR}"/specs/${s}.specs >> "${WORKDIR}"/build.specs - done - export GCC_SPECS="${WORKDIR}"/build.specs - fi -} -copy_minispecs_gcc_specs() { - # Build system specs file which, if it exists, must be a complete set of - # specs as it completely and unconditionally overrides the builtin specs. - # For gcc 4 - if want_minispecs ; then - $(XGCC) -dumpspecs > "${WORKDIR}"/specs/specs - cat "${WORKDIR}"/build.specs >> "${WORKDIR}"/specs/specs - insinto ${LIBPATH} - doins "${WORKDIR}"/specs/* || die "failed to install specs" - fi - if want_espf ; then - insinto ${LIBPATH} - doins "${WORKDIR}"/specs/* || die "failed to install specs" - fi -} -add_profile_eselect_conf() { - local compiler_config_file=$1 - local abi=$2 - local specs=$3 - local gcc_specs_file - local var - - if [[ -z ${specs} ]] ; then - # I'm leaving the following commented out to remind me that it - # was an insanely -bad- idea. Stuff broke. GCC_SPECS isnt unset - # on chroot or in non-toolchain.eclass gcc ebuilds! - #gcc_specs_file="${LIBPATH}/specs" - gcc_specs_file="" - - if use hardened ; then - specs="hardened" - else - specs="vanilla" - fi - else - gcc_specs_file="${LIBPATH}/${specs}.specs" - fi - - echo >> ${compiler_config_file} - if ! is_multilib ; then - echo "[${specs}]" >> ${compiler_config_file} - echo " ctarget=${CTARGET}" >> ${compiler_config_file} - else - echo "[${abi}-${specs}]" >> ${compiler_config_file} - var="CTARGET_${abi}" - if [[ -n ${!var} ]] ; then - echo " ctarget=${!var}" >> ${compiler_config_file} - else - var="CHOST_${abi}" - if [[ -n ${!var} ]] ; then - echo " ctarget=${!var}" >> ${compiler_config_file} - else - echo " ctarget=${CTARGET}" >> ${compiler_config_file} - fi - fi - fi - - local MULTIDIR=$($(XGCC) $(get_abi_CFLAGS ${abi}) --print-multi-directory) - local LDPATH=${LIBPATH} - if [[ ${MULTIDIR} != "." ]] ; then - LDPATH="${LIBPATH}/${MULTIDIR}" - fi - - echo " ldpath=${LDPATH}" >> ${compiler_config_file} - - if [[ -n ${gcc_specs_file} ]] ; then - echo " specs=${gcc_specs_file}" >> ${compiler_config_file} - fi - - var="CFLAGS_${abi}" - if [[ -n ${!var} ]] ; then - echo " cflags=${!var}" >> ${compiler_config_file} - fi -} - -create_eselect_conf() { - local config_dir="/etc/eselect/compiler" - local compiler_config_file="${D}/${config_dir}/${CTARGET}-${GCC_CONFIG_VER}.conf" - local abi - - dodir ${config_dir} - - echo "[global]" > ${compiler_config_file} - echo " version=${CTARGET}-${GCC_CONFIG_VER}" >> ${compiler_config_file} - echo " binpath=${BINPATH}" >> ${compiler_config_file} - echo " manpath=${DATAPATH}/man" >> ${compiler_config_file} - echo " infopath=${DATAPATH}/info" >> ${compiler_config_file} - echo " alias_cc=gcc" >> ${compiler_config_file} - echo " stdcxx_incdir=${STDCXX_INCDIR##*/}" >> ${compiler_config_file} - echo " bin_prefix=${CTARGET}" >> ${compiler_config_file} - - # Per spyderous, it is best not to alias the fortran compilers - #if [[ -x "${D}/${BINPATH}/${CTARGET}-g77" ]] ; then - # echo " alias_gfortran=g77" >> ${compiler_config_file} - #elif [[ -x "${D}/${BINPATH}/${CTARGET}-gfortran" ]] ; then - # echo " alias_g77=gfortran" >> ${compiler_config_file} - #fi - - for abi in $(get_all_abis) ; do - add_profile_eselect_conf "${compiler_config_file}" "${abi}" - - if want_split_specs ; then - if use hardened ; then - add_profile_eselect_conf "${compiler_config_file}" "${abi}" vanilla - elif hardened_gcc_works ; then - add_profile_eselect_conf "${compiler_config_file}" "${abi}" hardened - fi - - if hardened_gcc_works || hardened_gcc_works pie ; then - add_profile_eselect_conf "${compiler_config_file}" "${abi}" hardenednossp - fi - - if hardened_gcc_works || hardened_gcc_works ssp ; then - add_profile_eselect_conf "${compiler_config_file}" "${abi}" hardenednopie - fi - - add_profile_eselect_conf "${compiler_config_file}" "${abi}" hardenednopiessp - fi - done -} - -#----<< specs + env.d logic >>---- - -#---->> pkg_* <<---- -gcc_pkg_setup() { - [[ -z ${ETYPE} ]] && die "Your ebuild needs to set the ETYPE variable" - - if [[ ( $(tc-arch) == "amd64" || $(tc-arch) == "ppc64" ) && ( ${LD_PRELOAD} == "/lib/libsandbox.so" || ${LD_PRELOAD} == "/usr/lib/libsandbox.so" ) ]] && is_multilib ; then - eerror "Sandbox in your installed portage does not support compilation." - eerror "of a multilib gcc. Please set FEATURES=-sandbox and try again." - eerror "After you have a multilib gcc, re-emerge portage to have a working sandbox." - die "No 32bit sandbox. Retry with FEATURES=-sandbox." - fi - - if [[ ${ETYPE} == "gcc-compiler" ]] ; then - case $(tc-arch) in - mips) - # Must compile for mips64-linux target if we want n32/n64 support - case "${CTARGET}" in - mips64*) ;; - *) - if use n32 || use n64; then - eerror "n32/n64 can only be used when target host is mips64*-*-linux-*"; - die "Invalid USE flags for CTARGET ($CTARGET)"; - fi - ;; - esac - - #cannot have both n32 & n64 without multilib - if use n32 && use n64 && ! is_multilib; then - eerror "Please enable multilib if you want to use both n32 & n64"; - die "Invalid USE flag combination"; - fi - ;; - esac - - # Setup variables which would normally be in the profile - if is_crosscompile ; then - multilib_env ${CTARGET} - if ! use multilib ; then - MULTILIB_ABIS=${DEFAULT_ABI} - fi - fi - - # we dont want to use the installed compiler's specs to build gcc! - unset GCC_SPECS - fi - - want_libssp && libc_has_ssp && \ - die "libssp cannot be used with a glibc that has been patched to provide ssp symbols" - - unset LANGUAGES #265283 -} - -gcc-compiler_pkg_preinst() { - : -} - -gcc-compiler_pkg_postinst() { - if has_version 'app-admin/eselect-compiler' ; then - do_eselect_compiler - else - do_gcc_config - fi - - if ! is_crosscompile ; then - echo - ewarn "If you have issues with packages unable to locate libstdc++.la," - ewarn "then try running 'fix_libtool_files.sh' on the old gcc versions." - echo - fi - - # If our gcc-config version doesn't like '-' in it's version string, - # tell our users that gcc-config will yell at them, but it's all good. - if ! has_version '>=sys-devel/gcc-config-1.3.10-r1' && [[ ${GCC_CONFIG_VER/-/} != ${GCC_CONFIG_VER} ]] ; then - ewarn "Your version of gcc-config will issue about having an invalid profile" - ewarn "when switching to this profile. It is safe to ignore this warning," - ewarn "and this problem has been corrected in >=sys-devel/gcc-config-1.3.10-r1." - fi - - if ! is_crosscompile && ! use multislot && [[ ${GCCMAJOR}.${GCCMINOR} == 3.4 ]] ; then - echo - ewarn "You should make sure to rebuild all your C++ packages when" - ewarn "upgrading between different versions of gcc. For example," - ewarn "when moving to gcc-3.4 from gcc-3.3, emerge gentoolkit and run:" - ewarn " # revdep-rebuild --library libstdc++.so.5" - echo - ewarn "For more information on the steps to take when upgrading " - ewarn "from gcc-3.3 please refer to: " - ewarn "http://www.gentoo.org/doc/en/gcc-upgrading.xml" - echo - fi - - if ! is_crosscompile ; then - # hack to prevent collisions between SLOT - [[ ! -d ${ROOT}/lib/rcscripts/awk ]] \ - && mkdir -p "${ROOT}"/lib/rcscripts/awk - [[ ! -d ${ROOT}/sbin ]] \ - && mkdir -p "${ROOT}"/sbin - cp "${ROOT}/${DATAPATH}"/fixlafiles.awk "${ROOT}"/lib/rcscripts/awk/ || die "installing fixlafiles.awk" - cp "${ROOT}/${DATAPATH}"/fix_libtool_files.sh "${ROOT}"/sbin/ || die "installing fix_libtool_files.sh" - - [[ ! -d ${ROOT}/usr/bin ]] \ - && mkdir -p "${ROOT}"/usr/bin - # Since these aren't critical files and portage sucks with - # handling of binpkgs, don't require these to be found - for x in "${ROOT}/${DATAPATH}"/c{89,99} ; do - if [[ -e ${x} ]]; then - cp ${x} "${ROOT}"/usr/bin/ || die "installing c89/c99" - fi - done - fi -} - -gcc-compiler_pkg_prerm() { - # Don't let these files be uninstalled #87647 - touch -c "${ROOT}"/sbin/fix_libtool_files.sh \ - "${ROOT}"/lib/rcscripts/awk/fixlafiles.awk -} - -gcc-compiler_pkg_postrm() { - # to make our lives easier (and saner), we do the fix_libtool stuff here. - # rather than checking SLOT's and trying in upgrade paths, we just see if - # the common libstdc++.la exists in the ${LIBPATH} of the gcc that we are - # unmerging. if it does, that means this was a simple re-emerge. - - # clean up the cruft left behind by cross-compilers - if is_crosscompile ; then - if [[ -z $(ls "${ROOT}"/etc/env.d/gcc/${CTARGET}* 2>/dev/null) ]] ; then - rm -f "${ROOT}"/etc/env.d/gcc/config-${CTARGET} - rm -f "${ROOT}"/etc/env.d/??gcc-${CTARGET} - rm -f "${ROOT}"/usr/bin/${CTARGET}-{gcc,{g,c}++}{,32,64} - fi - return 0 - fi - - # ROOT isnt handled by the script - [[ ${ROOT} != "/" ]] && return 0 - - if [[ ! -e ${LIBPATH}/libstdc++.so ]] ; then - einfo "Running 'fix_libtool_files.sh ${GCC_RELEASE_VER}'" - /sbin/fix_libtool_files.sh ${GCC_RELEASE_VER} - if [[ -n ${BRANCH_UPDATE} ]] ; then - einfo "Running 'fix_libtool_files.sh ${GCC_RELEASE_VER}-${BRANCH_UPDATE}'" - /sbin/fix_libtool_files.sh ${GCC_RELEASE_VER}-${BRANCH_UPDATE} - fi - fi - - return 0 -} - -#---->> pkg_* <<---- - -#---->> src_* <<---- - -# generic GCC src_unpack, to be called from the ebuild's src_unpack. -# BIG NOTE regarding hardened support: ebuilds with support for hardened are -# expected to export the following variable: -# -# HARDENED_GCC_WORKS -# This variable should be set to the archs on which hardened should -# be allowed. For example: HARDENED_GCC_WORKS="x86 sparc amd64" -# This allows for additional archs to be supported by hardened when -# ready. -# -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# -gcc-compiler_src_unpack() { - # For the old gcc < 3.4 - if ! tc_version_is_at_least 4.3 ; then - # Fail if using pie patches, building hardened, and glibc doesn't have - # the necessary support - want_pie && use hardened && glibc_have_pie - einfo "updating configuration to build GCC gcc-3 style" - make_gcc_hard || die "failed to make gcc hard" - fi - # For the newer gcc > 3.4 - if tc_version_is_at_least 4.3.2 && use hardened ; then - if [[ ${PIE_VER} ]] ; then - glibc_have_pie || die "failed to make gcc hardened" - fi - if [[ ${ESPF_VER} ]] ; then - espf_arch_support || die "ESPF is not supported on this $(tc-arch) arch." - fi - # Rebrand to make bug reports easier - use hardened && BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened} - fi - - if is_libffi ; then - # move the libffi target out of gcj and into all - sed -i \ - -e '/^libgcj=/s:target-libffi::' \ - -e '/^target_lib/s:=":="target-libffi :' \ - "${S}"/configure || die - fi -} -gcc-library_src_unpack() { - : -} -guess_patch_type_in_dir() { - [[ -n $(ls "$1"/*.bz2 2>/dev/null) ]] \ - && EPATCH_SUFFIX="patch.bz2" \ - || EPATCH_SUFFIX="patch" -} -do_gcc_rename_java_bins() { - # bug #139918 - conflict between gcc and java-config-2 for ownership of - # /usr/bin/rmi{c,registry}. Done with mv & sed rather than a patch - # because patches would be large (thanks to the rename of man files), - # and it's clear from the sed invocations that all that changes is the - # rmi{c,registry} names to grmi{c,registry} names. - # Kevin F. Quinn 2006-07-12 - einfo "Renaming jdk executables rmic and rmiregistry to grmic and grmiregistry." - # 1) Move the man files if present (missing prior to gcc-3.4) - for manfile in rmic rmiregistry; do - [[ -f ${S}/gcc/doc/${manfile}.1 ]] || continue - mv "${S}"/gcc/doc/${manfile}.1 "${S}"/gcc/doc/g${manfile}.1 - done - # 2) Fixup references in the docs if present (mission prior to gcc-3.4) - for jfile in gcc/doc/gcj.info gcc/doc/grmic.1 gcc/doc/grmiregistry.1 gcc/java/gcj.texi; do - [[ -f ${S}/${jfile} ]] || continue - sed -i -e 's:rmiregistry:grmiregistry:g' "${S}"/${jfile} || - die "Failed to fixup file ${jfile} for rename to grmiregistry" - sed -i -e 's:rmic:grmic:g' "${S}"/${jfile} || - die "Failed to fixup file ${jfile} for rename to grmic" - done - # 3) Fixup Makefiles to build the changed executable names - # These are present in all 3.x versions, and are the important bit - # to get gcc to build with the new names. - for jfile in libjava/Makefile.am libjava/Makefile.in gcc/java/Make-lang.in; do - sed -i -e 's:rmiregistry:grmiregistry:g' "${S}"/${jfile} || - die "Failed to fixup file ${jfile} for rename to grmiregistry" - # Careful with rmic on these files; it's also the name of a directory - # which should be left unchanged. Replace occurrences of 'rmic$', - # 'rmic_' and 'rmic '. - sed -i -e 's:rmic\([$_ ]\):grmic\1:g' "${S}"/${jfile} || - die "Failed to fixup file ${jfile} for rename to grmic" - done -} -gcc_src_unpack() { - export BRANDING_GCC_PKGVERSION="Gentoo ${GCC_PVR}" - - [[ -z ${UCLIBC_VER} ]] && [[ ${CTARGET} == *-uclibc* ]] && die "Sorry, this version does not support uClibc" - - gcc_quick_unpack - exclude_gcc_patches - - cd "${S}" - - if ! use vanilla ; then - if [[ -n ${PATCH_VER} ]] ; then - guess_patch_type_in_dir "${WORKDIR}"/patch - EPATCH_MULTI_MSG="Applying Gentoo patches ..." \ - epatch "${WORKDIR}"/patch - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION} p${PATCH_VER}" - fi - if [[ -n ${UCLIBC_VER} ]] ; then - guess_patch_type_in_dir "${WORKDIR}"/uclibc - EPATCH_MULTI_MSG="Applying uClibc patches ..." \ - epatch "${WORKDIR}"/uclibc - fi - fi - do_gcc_HTB_patches - do_gcc_SSP_patches - do_gcc_PIE_patches - do_gcc_USER_patches - do_gcc_ESPF_patches - - ${ETYPE}_src_unpack || die "failed to ${ETYPE}_src_unpack" - - # protoize don't build on FreeBSD, skip it - ## removed in 4.5, bug #270558 --de. - if [[ ${GCCMAJOR}.${GCCMINOR} < 4.5 ]]; then - if ! is_crosscompile && ! use elibc_FreeBSD ; then - # enable protoize / unprotoize - sed -i -e '/^LANGUAGES =/s:$: proto:' "${S}"/gcc/Makefile.in - fi - fi - - fix_files="" - for x in contrib/test_summary libstdc++-v3/scripts/check_survey.in ; do - [[ -e ${x} ]] && fix_files="${fix_files} ${x}" - done - ht_fix_file ${fix_files} */configure *.sh */Makefile.in - - if ! is_crosscompile && is_multilib && \ - [[ ( $(tc-arch) == "amd64" || $(tc-arch) == "ppc64" ) && -z ${SKIP_MULTILIB_HACK} ]] ; then - disgusting_gcc_multilib_HACK || die "multilib hack failed" - fi - - gcc_version_patch - if [[ ${GCCMAJOR}.${GCCMINOR} > 4.0 ]] ; then - if [[ -n ${SNAPSHOT} || -n ${PRERELEASE} ]] ; then - echo ${PV/_/-} > "${S}"/gcc/BASE-VER - echo "" > "${S}"/gcc/DATESTAMP - fi - fi - - # >= gcc-4.3 doesn't bundle ecj.jar, so copy it - if [[ ${GCCMAJOR}.${GCCMINOR} > 4.2 ]] && - use gcj ; then - cp -pPR "${DISTDIR}/ecj-4.3.jar" "${S}/ecj.jar" || die - fi - - # disable --as-needed from being compiled into gcc specs - # natively when using a gcc version < 3.4.4 - # http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14992 - if ! tc_version_is_at_least 3.4.4 ; then - sed -i -e s/HAVE_LD_AS_NEEDED/USE_LD_AS_NEEDED/g "${S}"/gcc/config.in - fi - - # In gcc 3.3.x and 3.4.x, rename the java bins to gcc-specific names - # in line with gcc-4. - if [[ ${GCCMAJOR} == 3 ]] && - [[ ${GCCMINOR} -ge 3 ]] - then - do_gcc_rename_java_bins - fi - - # Fixup libtool to correctly generate .la files with portage - cd "${S}" - elibtoolize --portage --shallow --no-uclibc - - gnuconfig_update - - # update configure files - local f - einfo "Fixing misc issues in configure files" - tc_version_is_at_least 4.1 && epatch "${GCC_FILESDIR}"/gcc-configure-texinfo.patch - for f in $(grep -l 'autoconf version 2.13' $(find "${S}" -name configure)) ; do - ebegin " Updating ${f/${S}\/} [LANG]" - patch "${f}" "${GCC_FILESDIR}"/gcc-configure-LANG.patch >& "${T}"/configure-patch.log \ - || eerror "Please file a bug about this" - eend $? - done - sed -i 's|A-Za-z0-9|[:alnum:]|g' "${S}"/gcc/*.awk #215828 - - if [[ -x contrib/gcc_update ]] ; then - einfo "Touching generated files" - ./contrib/gcc_update --touch | \ - while read f ; do - einfo " ${f%%...}" - done - fi - - disable_multilib_libjava || die "failed to disable multilib java" -} - -gcc-library-configure() { - # multilib support - [[ ${GCC_TARGET_NO_MULTILIB} == "true" ]] \ - && confgcc="${confgcc} --disable-multilib" \ - || confgcc="${confgcc} --enable-multilib" -} - -gcc-compiler-configure() { - # multilib support - if is_multilib ; then - confgcc="${confgcc} --enable-multilib" - elif [[ ${CTARGET} == *-linux* ]] ; then - confgcc="${confgcc} --disable-multilib" - fi - - if tc_version_is_at_least "4.0" ; then - if has mudflap ${IUSE} ; then - confgcc="${confgcc} $(use_enable mudflap libmudflap)" - else - confgcc="${confgcc} --disable-libmudflap" - fi - - if want_libssp ; then - confgcc="${confgcc} --enable-libssp" - else - export gcc_cv_libc_provides_ssp=yes - confgcc="${confgcc} --disable-libssp" - fi - - # If we want hardened support on newer espf-patchset - if want_espf ; then - confgcc="${confgcc} --enable-espf" - else - [[ ${ESPF_VER} ]] && confgcc="${confgcc} --disable-espf" - fi - - if tc_version_is_at_least "4.2" ; then - confgcc="${confgcc} $(use_enable openmp libgomp)" - fi - - # enable the cld workaround until we move things to stable. - # by that point, the rest of the software out there should - # have caught up. - if tc_version_is_at_least "4.3" ; then - if ! has ${ARCH} ${KEYWORDS} ; then - confgcc="${confgcc} --enable-cld" - fi - fi - fi - - # GTK+ is preferred over xlib in 3.4.x (xlib is unmaintained - # right now). Much thanks to <csm@gnu.org> for the heads up. - # Travis Tilley <lv@gentoo.org> (11 Jul 2004) - if ! is_gcj ; then - confgcc="${confgcc} --disable-libgcj" - elif use gtk ; then - confgcc="${confgcc} --enable-java-awt=gtk" - fi - - case $(tc-arch) in - # Add --with-abi flags to set default MIPS ABI - mips) - local mips_abi="" - use n64 && mips_abi="--with-abi=64" - use n32 && mips_abi="--with-abi=n32" - [[ -n ${mips_abi} ]] && confgcc="${confgcc} ${mips_abi}" - ;; - # Default arch for x86 is normally i386, lets give it a bump - # since glibc will do so based on CTARGET anyways - x86) - confgcc="${confgcc} --with-arch=${CTARGET%%-*}" - ;; - # Enable sjlj exceptions for backward compatibility on hppa - hppa) - [[ ${GCCMAJOR} == "3" ]] && confgcc="${confgcc} --enable-sjlj-exceptions" - ;; - esac - - GCC_LANG="c" - is_cxx && GCC_LANG="${GCC_LANG},c++" - is_d && GCC_LANG="${GCC_LANG},d" - is_gcj && GCC_LANG="${GCC_LANG},java" - if is_objc || is_objcxx ; then - GCC_LANG="${GCC_LANG},objc" - if tc_version_is_at_least "4.0" ; then - use objc-gc && confgcc="${confgcc} --enable-objc-gc" - fi - is_objcxx && GCC_LANG="${GCC_LANG},obj-c++" - fi - is_treelang && GCC_LANG="${GCC_LANG},treelang" - - # fortran support just got sillier! the lang value can be f77 for - # fortran77, f95 for fortran95, or just plain old fortran for the - # currently supported standard depending on gcc version. - is_fortran && GCC_LANG="${GCC_LANG},fortran" - is_f77 && GCC_LANG="${GCC_LANG},f77" - is_f95 && GCC_LANG="${GCC_LANG},f95" - - # We do NOT want 'ADA support' in here! - # is_ada && GCC_LANG="${GCC_LANG},ada" - - einfo "configuring for GCC_LANG: ${GCC_LANG}" -} - -# Other than the variables described for gcc_setup_variables, the following -# will alter tha behavior of gcc_do_configure: -# -# CTARGET -# CBUILD -# Enable building for a target that differs from CHOST -# -# GCC_TARGET_NO_MULTILIB -# Disable multilib. Useful when building single library targets. -# -# GCC_LANG -# Enable support for ${GCC_LANG} languages. defaults to just "c" -# -# Travis Tilley <lv@gentoo.org> (04 Sep 2004) -# -gcc_do_configure() { - local confgcc - - # Set configuration based on path variables - confgcc="${confgcc} \ - --prefix=${PREFIX} \ - --bindir=${BINPATH} \ - --includedir=${INCLUDEPATH} \ - --datadir=${DATAPATH} \ - --mandir=${DATAPATH}/man \ - --infodir=${DATAPATH}/info \ - --with-gxx-include-dir=${STDCXX_INCDIR}" - # On Darwin we need libdir to be set in order to get correct install names - # for things like libobjc-gnu, libgcj and libfortran. If we enable it on - # non-Darwin we screw up the behaviour this eclass relies on. We in - # particular need this over --libdir for bug #255315. - [[ ${CHOST} == *-darwin* ]] && \ - confgcc="${confgcc} --enable-version-specific-runtime-libs" - - # All our cross-compile logic goes here ! woo ! - confgcc="${confgcc} --host=${CHOST}" - if is_crosscompile || tc-is-cross-compiler ; then - # Straight from the GCC install doc: - # "GCC has code to correctly determine the correct value for target - # for nearly all native systems. Therefore, we highly recommend you - # not provide a configure target when configuring a native compiler." - confgcc="${confgcc} --target=${CTARGET}" - fi - [[ -n ${CBUILD} ]] && confgcc="${confgcc} --build=${CBUILD}" - - # ppc altivec support - confgcc="${confgcc} $(use_enable altivec)" - - # gcc has fixed-point arithmetic support in 4.3 for mips targets that can - # significantly increase compile time by several hours. This will allow - # users to control this feature in the event they need the support. - tc_version_is_at_least "4.3" && confgcc="${confgcc} $(use_enable fixed-point)" - - # graphite support was added in 4.4, which depends upon external libraries - # for optimizations. This option allows users to determine if they want - # these optimizations and libraries pulled in - tc_version_is_at_least "4.4" && \ - confgcc="${confgcc} $(use_with graphite ppl) $(use_with graphite cloog)" - - - [[ $(tc-is-softfloat) == "yes" ]] && confgcc="${confgcc} --with-float=soft" - - # Native Language Support - if use nls ; then - confgcc="${confgcc} --enable-nls --without-included-gettext" - else - confgcc="${confgcc} --disable-nls" - fi - - # reasonably sane globals (hopefully) - confgcc="${confgcc} \ - --with-system-zlib \ - --disable-checking \ - --disable-werror \ - --enable-secureplt" - - # etype specific configuration - einfo "running ${ETYPE}-configure" - ${ETYPE}-configure || die - - # if not specified, assume we are building for a target that only - # requires C support - GCC_LANG=${GCC_LANG:-c} - confgcc="${confgcc} --enable-languages=${GCC_LANG}" - - if is_crosscompile ; then - # When building a stage1 cross-compiler (just C compiler), we have to - # disable a bunch of features or gcc goes boom - local needed_libc="" - case ${CTARGET} in - *-linux) needed_libc=no-fucking-clue;; - *-dietlibc) needed_libc=dietlibc;; - *-elf) needed_libc=newlib;; - *-freebsd*) needed_libc=freebsd-lib;; - *-gnu*) needed_libc=glibc;; - *-klibc) needed_libc=klibc;; - *-uclibc*) needed_libc=uclibc;; - *-cygwin) needed_libc=cygwin;; - mingw*|*-mingw*) needed_libc=mingw-runtime;; - avr) confgcc="${confgcc} --enable-shared --disable-threads";; - esac - if [[ -n ${needed_libc} ]] ; then - if ! has_version ${CATEGORY}/${needed_libc} ; then - confgcc="${confgcc} --disable-shared --disable-threads --without-headers" - elif built_with_use --hidden --missing false ${CATEGORY}/${needed_libc} crosscompile_opts_headers-only ; then - confgcc="${confgcc} --disable-shared --with-sysroot=${PREFIX}/${CTARGET}" - else - confgcc="${confgcc} --with-sysroot=${PREFIX}/${CTARGET}" - fi - fi - - if [[ ${GCCMAJOR}.${GCCMINOR} > 4.1 ]] ; then - confgcc="${confgcc} --disable-bootstrap --disable-libgomp" - fi - elif [[ ${CHOST} == mingw* ]] || [[ ${CHOST} == *-mingw* ]] || [[ ${CHOST} == *-cygwin ]] ; then - confgcc="${confgcc} --enable-shared --enable-threads=win32" - else - confgcc="${confgcc} --enable-shared --enable-threads=posix" - fi - [[ ${CTARGET} == *-elf ]] && confgcc="${confgcc} --with-newlib" - # __cxa_atexit is "essential for fully standards-compliant handling of - # destructors", but apparently requires glibc. - if [[ ${CTARGET} == *-uclibc* ]] ; then - confgcc="${confgcc} --disable-__cxa_atexit --enable-target-optspace $(use_enable nptl tls)" - [[ ${GCCMAJOR}.${GCCMINOR} == 3.3 ]] && confgcc="${confgcc} --enable-sjlj-exceptions" - if tc_version_is_at_least 3.4 && [[ ${GCCMAJOR}.${GCCMINOR} < 4.3 ]] ; then - confgcc="${confgcc} --enable-clocale=uclibc" - fi - elif [[ ${CTARGET} == *-gnu* ]] ; then - confgcc="${confgcc} --enable-__cxa_atexit" - confgcc="${confgcc} --enable-clocale=gnu" - elif [[ ${CTARGET} == *-freebsd* ]]; then - confgcc="${confgcc} --enable-__cxa_atexit" - elif [[ ${CTARGET} == *-solaris* ]]; then - confgcc="${confgcc} --enable-__cxa_atexit" - fi - [[ ${GCCMAJOR}.${GCCMINOR} < 3.4 ]] && confgcc="${confgcc} --disable-libunwind-exceptions" - - # create a sparc*linux*-{gcc,g++} that can handle -m32 and -m64 (biarch) - if [[ ${CTARGET} == sparc*linux* ]] \ - && is_multilib \ - && ! is_crosscompile \ - && [[ ${GCCMAJOR}.${GCCMINOR} > 4.2 ]] - then - confgcc="${confgcc} --enable-targets=all" - fi - - tc_version_is_at_least 4.3 && set -- "$@" \ - --with-bugurl=http://bugs.gentoo.org/ \ - --with-pkgversion="${BRANDING_GCC_PKGVERSION}" - set -- ${confgcc} "$@" ${EXTRA_ECONF} - - # Nothing wrong with a good dose of verbosity - echo - einfo "PREFIX: ${PREFIX}" - einfo "BINPATH: ${BINPATH}" - einfo "LIBPATH: ${LIBPATH}" - einfo "DATAPATH: ${DATAPATH}" - einfo "STDCXX_INCDIR: ${STDCXX_INCDIR}" - echo - einfo "Configuring GCC with: ${@//--/\n\t--}" - echo - - # Build in a separate build tree - mkdir -p "${WORKDIR}"/build - pushd "${WORKDIR}"/build > /dev/null - - # and now to do the actual configuration - addwrite /dev/zero - echo "${S}"/configure "$@" - "${S}"/configure "$@" || die "failed to run configure" - - # return to whatever directory we were in before - popd > /dev/null -} - -# This function accepts one optional argument, the make target to be used. -# If ommitted, gcc_do_make will try to guess whether it should use all, -# profiledbootstrap, or bootstrap-lean depending on CTARGET and arch. An -# example of how to use this function: -# -# gcc_do_make all-target-libstdc++-v3 -# -# In addition to the target to be used, the following variables alter the -# behavior of this function: -# -# LDFLAGS -# Flags to pass to ld -# -# STAGE1_CFLAGS -# CFLAGS to use during stage1 of a gcc bootstrap -# -# BOOT_CFLAGS -# CFLAGS to use during stages 2+3 of a gcc bootstrap. -# -# Travis Tilley <lv@gentoo.org> (04 Sep 2004) -# -gcc_do_make() { - # Fix for libtool-portage.patch - local OLDS=${S} - S=${WORKDIR}/build - - # Set make target to $1 if passed - [[ -n $1 ]] && GCC_MAKE_TARGET=$1 - # default target - if is_crosscompile || tc-is-cross-compiler ; then - # 3 stage bootstrapping doesnt quite work when you cant run the - # resulting binaries natively ^^; - GCC_MAKE_TARGET=${GCC_MAKE_TARGET-all} - else - GCC_MAKE_TARGET=${GCC_MAKE_TARGET-bootstrap-lean} - fi - - # the gcc docs state that parallel make isnt supported for the - # profiledbootstrap target, as collisions in profile collecting may occur. - [[ ${GCC_MAKE_TARGET} == "profiledbootstrap" ]] && export MAKEOPTS="${MAKEOPTS} -j1" - - # boundschecking seems to introduce parallel build issues - want_boundschecking && export MAKEOPTS="${MAKEOPTS} -j1" - - if [[ ${GCC_MAKE_TARGET} == "all" ]] ; then - STAGE1_CFLAGS=${STAGE1_CFLAGS-"${CFLAGS}"} - elif [[ $(gcc-version) == "3.4" && ${GCC_BRANCH_VER} == "3.4" ]] && gcc-specs-ssp ; then - # See bug #79852 - STAGE1_CFLAGS=${STAGE1_CFLAGS-"-O2"} - else - STAGE1_CFLAGS=${STAGE1_CFLAGS-"-O"} - fi - - if is_crosscompile; then - # In 3.4, BOOT_CFLAGS is never used on a crosscompile... - # but I'll leave this in anyways as someone might have had - # some reason for putting it in here... --eradicator - BOOT_CFLAGS=${BOOT_CFLAGS-"-O2"} - else - # we only want to use the system's CFLAGS if not building a - # cross-compiler. - BOOT_CFLAGS=${BOOT_CFLAGS-"$(get_abi_CFLAGS) ${CFLAGS}"} - fi - - pushd "${WORKDIR}"/build - - emake \ - LDFLAGS="${LDFLAGS}" \ - STAGE1_CFLAGS="${STAGE1_CFLAGS}" \ - LIBPATH="${LIBPATH}" \ - BOOT_CFLAGS="${BOOT_CFLAGS}" \ - ${GCC_MAKE_TARGET} \ - || die "emake failed with ${GCC_MAKE_TARGET}" - - if ! is_crosscompile && ! use nocxx && use doc ; then - if type -p doxygen > /dev/null ; then - if tc_version_is_at_least 4.3 ; then - cd "${CTARGET}"/libstdc++-v3/doc - emake doc-man-doxygen || ewarn "failed to make docs" - elif tc_version_is_at_least 3.0 ; then - cd "${CTARGET}"/libstdc++-v3 - emake doxygen-man || ewarn "failed to make docs" - fi - else - ewarn "Skipping libstdc++ manpage generation since you don't have doxygen installed" - fi - fi - - popd -} - -# This function will add ${GCC_CONFIG_VER} to the names of all shared libraries in the -# directory specified to avoid filename collisions between multiple slotted -# non-versioned gcc targets. If no directory is specified, it is assumed that -# you want -all- shared objects to have ${GCC_CONFIG_VER} added. Example -# -# add_version_to_shared ${D}/usr/$(get_libdir) -# -# Travis Tilley <lv@gentoo.org> (05 Sep 2004) -# -add_version_to_shared() { - local sharedlib sharedlibdir - [[ -z $1 ]] \ - && sharedlibdir=${D} \ - || sharedlibdir=$1 - - for sharedlib in $(find ${sharedlibdir} -name *.so.*) ; do - if [[ ! -L ${sharedlib} ]] ; then - einfo "Renaming `basename "${sharedlib}"` to `basename "${sharedlib/.so*/}-${GCC_CONFIG_VER}.so.${sharedlib/*.so./}"`" - mv "${sharedlib}" "${sharedlib/.so*/}-${GCC_CONFIG_VER}.so.${sharedlib/*.so./}" \ - || die - pushd `dirname "${sharedlib}"` > /dev/null || die - ln -sf "`basename "${sharedlib/.so*/}-${GCC_CONFIG_VER}.so.${sharedlib/*.so./}"`" \ - "`basename "${sharedlib}"`" || die - popd > /dev/null || die - fi - done -} - -# This is mostly a stub function to be overwritten in an ebuild -gcc_do_filter_flags() { - strip-flags - - # In general gcc does not like optimization, and add -O2 where - # it is safe. This is especially true for gcc 3.3 + 3.4 - replace-flags -O? -O2 - - # ... sure, why not? - strip-unsupported-flags - - # dont want to funk ourselves - filter-flags '-mabi*' -m31 -m32 -m64 - - case ${GCC_BRANCH_VER} in - 3.2|3.3) - replace-cpu-flags k8 athlon64 opteron i686 x86-64 - replace-cpu-flags pentium-m pentium3m pentium3 - case $(tc-arch) in - amd64|x86) filter-flags '-mtune=*' ;; - # in gcc 3.3 there is a bug on ppc64 where if -mcpu is used, - # the compiler wrongly assumes a 32bit target - ppc64) filter-flags "-mcpu=*";; - esac - case $(tc-arch) in - amd64) replace-cpu-flags core2 nocona;; - x86) replace-cpu-flags core2 prescott;; - esac - - replace-cpu-flags G3 750 - replace-cpu-flags G4 7400 - replace-cpu-flags G5 7400 - - # XXX: should add a sed or something to query all supported flags - # from the gcc source and trim everything else ... - filter-flags -f{no-,}unit-at-a-time -f{no-,}web -mno-tls-direct-seg-refs - filter-flags -f{no-,}stack-protector{,-all} - filter-flags -fvisibility-inlines-hidden -fvisibility=hidden - ;; - 3.4|4.*) - case $(tc-arch) in - x86|amd64) filter-flags '-mcpu=*';; - *-macos) - # http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25127 - [[ ${GCC_BRANCH_VER} == 4.0 || ${GCC_BRANCH_VER} == 4.1 ]] && \ - filter-flags '-mcpu=*' '-march=*' '-mtune=*' - ;; - esac - ;; - esac - - # Compile problems with these (bug #6641 among others)... - #filter-flags "-fno-exceptions -fomit-frame-pointer -fforce-addr" - - # CFLAGS logic (verified with 3.4.3): - # CFLAGS: - # This conflicts when creating a crosscompiler, so set to a sane - # default in this case: - # used in ./configure and elsewhere for the native compiler - # used by gcc when creating libiberty.a - # used by xgcc when creating libstdc++ (and probably others)! - # this behavior should be removed... - # - # CXXFLAGS: - # used by xgcc when creating libstdc++ - # - # STAGE1_CFLAGS (not used in creating a crosscompile gcc): - # used by ${CHOST}-gcc for building stage1 compiler - # - # BOOT_CFLAGS (not used in creating a crosscompile gcc): - # used by xgcc for building stage2/3 compiler - - if is_crosscompile ; then - # Set this to something sane for both native and target - CFLAGS="-O2 -pipe" - - local VAR="CFLAGS_"${CTARGET//-/_} - CXXFLAGS=${!VAR} - fi - - export GCJFLAGS=${GCJFLAGS:-${CFLAGS}} -} - -gcc_src_compile() { - gcc_do_filter_flags - einfo "CFLAGS=\"${CFLAGS}\"" - einfo "CXXFLAGS=\"${CXXFLAGS}\"" - - # For hardened gcc 4 for build the hardened specs file to use when building gcc - setup_minispecs_gcc_build_specs - - # Build in a separate build tree - mkdir -p "${WORKDIR}"/build - pushd "${WORKDIR}"/build > /dev/null - - # Install our pre generated manpages if we do not have perl ... - [[ ! -x /usr/bin/perl ]] && [[ -n ${MAN_VER} ]] && \ - unpack gcc-${MAN_VER}-manpages.tar.bz2 - - einfo "Configuring ${PN} ..." - gcc_do_configure - - touch "${S}"/gcc/c-gperf.h - - # Do not make manpages if we do not have perl ... - [[ ! -x /usr/bin/perl ]] \ - && find "${WORKDIR}"/build -name '*.[17]' | xargs touch - - einfo "Compiling ${PN} ..." - gcc_do_make ${GCC_MAKE_TARGET} - - # Do not create multiple specs files for PIE+SSP if boundschecking is in - # USE, as we disable PIE+SSP when it is. - # minispecs and espf will not need to split out specs. - if [[ ${ETYPE} == "gcc-compiler" ]] && want_split_specs && ! want_minispecs && ! want_espf ; then - split_out_specs_files || die "failed to split out specs" - fi - - popd > /dev/null -} - -gcc_src_test() { - cd "${WORKDIR}"/build - emake -j1 -k check || ewarn "check failed and that sucks :(" -} - -gcc-library_src_install() { - # Do the 'make install' from the build directory - cd "${WORKDIR}"/build - S=${WORKDIR}/build \ - emake -j1 \ - DESTDIR="${D}" \ - prefix=${PREFIX} \ - bindir=${BINPATH} \ - includedir=${LIBPATH}/include \ - datadir=${DATAPATH} \ - mandir=${DATAPATH}/man \ - infodir=${DATAPATH}/info \ - LIBPATH="${LIBPATH}" \ - ${GCC_INSTALL_TARGET} || die - - if [[ ${GCC_LIB_COMPAT_ONLY} == "true" ]] ; then - rm -rf "${D}"${INCLUDEPATH} - rm -rf "${D}"${DATAPATH} - pushd "${D}"${LIBPATH}/ - rm *.a *.la *.so - popd - fi - - if [[ -n ${GCC_LIB_USE_SUBDIR} ]] ; then - mkdir -p "${WORKDIR}"/${GCC_LIB_USE_SUBDIR}/ - mv "${D}"${LIBPATH}/* "${WORKDIR}"/${GCC_LIB_USE_SUBDIR}/ - mv "${WORKDIR}"/${GCC_LIB_USE_SUBDIR}/ "${D}"${LIBPATH} - - dodir /etc/env.d - echo "LDPATH=\"${LIBPATH}/${GCC_LIB_USE_SUBDIR}/\"" >> "${D}"/etc/env.d/99${PN} - fi - - if [[ ${GCC_VAR_TYPE} == "non-versioned" ]] ; then - # if we're not using versioned directories, we need to use versioned - # filenames. - add_version_to_shared - fi -} - -gcc-compiler_src_install() { - local x= - - cd "${WORKDIR}"/build - # Do allow symlinks in private gcc include dir as this can break the build - find gcc/include*/ -type l -print0 | xargs rm -f - # Remove generated headers, as they can cause things to break - # (ncurses, openssl, etc). - for x in $(find gcc/include*/ -name '*.h') ; do - grep -q 'It has been auto-edited by fixincludes from' "${x}" \ - && rm -f "${x}" - done - # Do the 'make install' from the build directory - S=${WORKDIR}/build \ - emake -j1 DESTDIR="${D}" install || die - # Punt some tools which are really only useful while building gcc - find "${D}" -name install-tools -prune -type d -exec rm -rf "{}" \; - # This one comes with binutils - find "${D}" -name libiberty.a -exec rm -f "{}" \; - - # Move the libraries to the proper location - gcc_movelibs - - # Basic sanity check - if ! is_crosscompile ; then - local EXEEXT - eval $(grep ^EXEEXT= "${WORKDIR}"/build/gcc/config.log) - [[ -r ${D}${BINPATH}/gcc${EXEEXT} ]] || die "gcc not found in ${D}" - fi - - dodir /etc/env.d/gcc - create_gcc_env_entry - - if want_split_specs ; then - if use hardened ; then - create_gcc_env_entry vanilla - fi - ! use hardened && hardened_gcc_works && create_gcc_env_entry hardened - if hardened_gcc_works || hardened_gcc_works pie ; then - create_gcc_env_entry hardenednossp - fi - if hardened_gcc_works || hardened_gcc_works ssp ; then - create_gcc_env_entry hardenednopie - fi - create_gcc_env_entry hardenednopiessp - - insinto ${LIBPATH} - doins "${WORKDIR}"/build/*.specs || die "failed to install specs" - fi - # Setup the gcc_env_entry for hardened gcc 4 with minispecs or espf - if want_minispecs ; then - if hardened_gcc_works pie ; then - create_gcc_env_entry hardenednopie - fi - create_gcc_env_entry vanilla - fi - if want_espf ; then - create_gcc_env_entry hardenednopie - create_gcc_env_entry hardenednossp - create_gcc_env_entry vanilla - fi - - # Make sure we dont have stuff lying around that - # can nuke multiple versions of gcc - - gcc_slot_java - - # Move <cxxabi.h> to compiler-specific directories - [[ -f ${D}${STDCXX_INCDIR}/cxxabi.h ]] && \ - mv -f "${D}"${STDCXX_INCDIR}/cxxabi.h "${D}"${LIBPATH}/include/ - - # These should be symlinks - dodir /usr/bin - cd "${D}"${BINPATH} - for x in cpp gcc g++ c++ g77 gcj gcjh gfortran ; do - # For some reason, g77 gets made instead of ${CTARGET}-g77... - # this should take care of that - [[ -f ${x} ]] && mv ${x} ${CTARGET}-${x} - - if [[ -f ${CTARGET}-${x} ]] && ! is_crosscompile ; then - ln -sf ${CTARGET}-${x} ${x} - - # Create version-ed symlinks - dosym ${BINPATH}/${CTARGET}-${x} \ - /usr/bin/${CTARGET}-${x}-${GCC_CONFIG_VER} - dosym ${BINPATH}/${CTARGET}-${x} \ - /usr/bin/${x}-${GCC_CONFIG_VER} - fi - - if [[ -f ${CTARGET}-${x}-${GCC_CONFIG_VER} ]] ; then - rm -f ${CTARGET}-${x}-${GCC_CONFIG_VER} - ln -sf ${CTARGET}-${x} ${CTARGET}-${x}-${GCC_CONFIG_VER} - fi - done - - # I do not know if this will break gcj stuff, so I'll only do it for - # objc for now; basically "ffi.h" is the correct file to include, - # but it gets installed in .../GCCVER/include and yet it does - # "#include <ffitarget.h>" which (correctly, as it's an "extra" file) - # is installed in .../GCCVER/include/libffi; the following fixes - # ffi.'s include of ffitarget.h - Armando Di Cianno <fafhrd@gentoo.org> - if [[ -d ${D}${LIBPATH}/include/libffi ]] ; then - mv -i "${D}"${LIBPATH}/include/libffi/* "${D}"${LIBPATH}/include || die - rm -r "${D}"${LIBPATH}/include/libffi || die - fi - - # Now do the fun stripping stuff - env RESTRICT="" CHOST=${CHOST} prepstrip "${D}${BINPATH}" - env RESTRICT="" CHOST=${CTARGET} prepstrip "${D}${LIBPATH}" - # gcc used to install helper binaries in lib/ but then moved to libexec/ - [[ -d ${D}${PREFIX}/libexec/gcc ]] && \ - env RESTRICT="" CHOST=${CHOST} prepstrip "${D}${PREFIX}/libexec/gcc/${CTARGET}/${GCC_CONFIG_VER}" - - cd "${S}" - if is_crosscompile; then - rm -rf "${D}"/usr/share/{man,info} - rm -rf "${D}"${DATAPATH}/{man,info} - else - local cxx_mandir=${WORKDIR}/build/${CTARGET}/libstdc++-v3/docs/doxygen/man - if [[ -d ${cxx_mandir} ]] ; then - # clean bogus manpages #113902 - find "${cxx_mandir}" -name '*_build_*' -exec rm {} \; - cp -r "${cxx_mandir}"/man? "${D}/${DATAPATH}"/man/ - fi - has noinfo ${FEATURES} \ - && rm -r "${D}/${DATAPATH}"/info \ - || prepinfo "${DATAPATH}" - has noman ${FEATURES} \ - && rm -r "${D}/${DATAPATH}"/man \ - || prepman "${DATAPATH}" - fi - # prune empty dirs left behind - for x in 1 2 3 4 ; do - find "${D}" -type d -exec rmdir "{}" \; >& /dev/null - done - - # install testsuite results - if use test; then - docinto testsuite - find "${WORKDIR}"/build -type f -name "*.sum" -print0 | xargs -0 dodoc - find "${WORKDIR}"/build -type f -path "*/testsuite/*.log" -print0 \ - | xargs -0 dodoc - fi - - # Rather install the script, else portage with changing $FILESDIR - # between binary and source package borks things .... - if ! is_crosscompile ; then - insinto "${DATAPATH}" - if tc_version_is_at_least 4.0 ; then - newins "${GCC_FILESDIR}"/awk/fixlafiles.awk-no_gcc_la fixlafiles.awk || die - find "${D}/${LIBPATH}" -name libstdc++.la -type f -exec rm "{}" \; - else - doins "${GCC_FILESDIR}"/awk/fixlafiles.awk || die - fi - exeinto "${DATAPATH}" - doexe "${GCC_FILESDIR}"/fix_libtool_files.sh || die - doexe "${GCC_FILESDIR}"/c{89,99} || die - fi - - # use gid of 0 because some stupid ports don't have - # the group 'root' set to gid 0 - chown -R root:0 "${D}"${LIBPATH} - - # Create config files for eselect-compiler - create_eselect_conf - - # Copy the needed minispec for hardened gcc 4 - copy_minispecs_gcc_specs -} - -gcc_slot_java() { - local x - - # Move Java headers to compiler-specific dir - for x in "${D}"${PREFIX}/include/gc*.h "${D}"${PREFIX}/include/j*.h ; do - [[ -f ${x} ]] && mv -f "${x}" "${D}"${LIBPATH}/include/ - done - for x in gcj gnu java javax org ; do - if [[ -d ${D}${PREFIX}/include/${x} ]] ; then - dodir /${LIBPATH}/include/${x} - mv -f "${D}"${PREFIX}/include/${x}/* "${D}"${LIBPATH}/include/${x}/ - rm -rf "${D}"${PREFIX}/include/${x} - fi - done - - if [[ -d ${D}${PREFIX}/lib/security ]] || [[ -d ${D}${PREFIX}/$(get_libdir)/security ]] ; then - dodir /${LIBPATH}/security - mv -f "${D}"${PREFIX}/lib*/security/* "${D}"${LIBPATH}/security - rm -rf "${D}"${PREFIX}/lib*/security - fi - - # Move libgcj.spec to compiler-specific directories - [[ -f ${D}${PREFIX}/lib/libgcj.spec ]] && \ - mv -f "${D}"${PREFIX}/lib/libgcj.spec "${D}"${LIBPATH}/libgcj.spec - - # SLOT up libgcj.pc (and let gcc-config worry about links) - local libgcj=$(find "${D}"${PREFIX}/lib/pkgconfig/ -name 'libgcj*.pc') - if [[ -n ${libgcj} ]] ; then - sed -i "/^libdir=/s:=.*:=${LIBPATH}:" "${libgcj}" - mv "${libgcj}" "${D}"/usr/lib/pkgconfig/libgcj-${GCC_PV}.pc || die - fi - - # Rename jar because it could clash with Kaffe's jar if this gcc is - # primary compiler (aka don't have the -<version> extension) - cd "${D}"${BINPATH} - [[ -f jar ]] && mv -f jar gcj-jar -} - -# Move around the libs to the right location. For some reason, -# when installing gcc, it dumps internal libraries into /usr/lib -# instead of the private gcc lib path -gcc_movelibs() { - # older versions of gcc did not support --print-multi-os-directory - tc_version_is_at_least 3.0 || return 0 - - local multiarg removedirs="" - for multiarg in $($(XGCC) -print-multi-lib) ; do - multiarg=${multiarg#*;} - multiarg=${multiarg//@/ -} - - local OS_MULTIDIR=$($(XGCC) ${multiarg} --print-multi-os-directory) - local MULTIDIR=$($(XGCC) ${multiarg} --print-multi-directory) - local TODIR=${D}${LIBPATH}/${MULTIDIR} - local FROMDIR= - - [[ -d ${TODIR} ]] || mkdir -p ${TODIR} - - for FROMDIR in \ - ${LIBPATH}/${OS_MULTIDIR} \ - ${LIBPATH}/../${MULTIDIR} \ - ${PREFIX}/lib/${OS_MULTIDIR} \ - ${PREFIX}/${CTARGET}/lib/${OS_MULTIDIR} \ - ${PREFIX}/lib/${MULTIDIR} - do - removedirs="${removedirs} ${FROMDIR}" - FROMDIR=${D}${FROMDIR} - if [[ ${FROMDIR} != "${TODIR}" && -d ${FROMDIR} ]] ; then - local files=$(find "${FROMDIR}" -maxdepth 1 ! -type d 2>/dev/null) - if [[ -n ${files} ]] ; then - mv ${files} "${TODIR}" - fi - fi - done - done - - # We remove directories separately to avoid this case: - # mv SRC/lib/../lib/*.o DEST - # rmdir SRC/lib/../lib/ - # mv SRC/lib/../lib32/*.o DEST # Bork - for FROMDIR in ${removedirs} ; do - rmdir "${D}"${FROMDIR} >& /dev/null - done - find "${D}" -type d | xargs rmdir >& /dev/null - - fix_libtool_libdir_paths -} - -#----<< src_* >>---- - -#---->> unorganized crap in need of refactoring follows - -# gcc_quick_unpack will unpack the gcc tarball and patches in a way that is -# consistant with the behavior of get_gcc_src_uri. The only patch it applies -# itself is the branch update if present. -# -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# -gcc_quick_unpack() { - pushd "${WORKDIR}" > /dev/null - export PATCH_GCC_VER=${PATCH_GCC_VER:-${GCC_RELEASE_VER}} - export UCLIBC_GCC_VER=${UCLIBC_GCC_VER:-${PATCH_GCC_VER}} - export PIE_GCC_VER=${PIE_GCC_VER:-${GCC_RELEASE_VER}} - export PP_GCC_VER=${PP_GCC_VER:-${GCC_RELEASE_VER}} - export HTB_GCC_VER=${HTB_GCC_VER:-${GCC_RELEASE_VER}} - export SPECS_GCC_VER=${SPECS_GCC_VER:-${GCC_RELEASE_VER}} - - if [[ -n ${GCC_A_FAKEIT} ]] ; then - unpack ${GCC_A_FAKEIT} - elif [[ -n ${PRERELEASE} ]] ; then - unpack gcc-${PRERELEASE}.tar.bz2 - elif [[ -n ${SNAPSHOT} ]] ; then - unpack gcc-${SNAPSHOT}.tar.bz2 - else - unpack gcc-${GCC_RELEASE_VER}.tar.bz2 - # We want branch updates to be against a release tarball - if [[ -n ${BRANCH_UPDATE} ]] ; then - pushd "${S}" > /dev/null - epatch "${DISTDIR}"/gcc-${GCC_RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - popd > /dev/null - fi - fi - - if [[ -n ${D_VER} ]] && use d ; then - pushd "${S}"/gcc > /dev/null - unpack gdc-${D_VER}-src.tar.bz2 - cd .. - ebegin "Adding support for the D language" - ./gcc/d/setup-gcc.sh >& "${T}"/dgcc.log - if ! eend $? ; then - eerror "The D gcc package failed to apply" - eerror "Please include this log file when posting a bug report:" - eerror " ${T}/dgcc.log" - die "failed to include the D language" - fi - popd > /dev/null - fi - - [[ -n ${PATCH_VER} ]] && \ - unpack gcc-${PATCH_GCC_VER}-patches-${PATCH_VER}.tar.bz2 - - [[ -n ${UCLIBC_VER} ]] && \ - unpack gcc-${UCLIBC_GCC_VER}-uclibc-patches-${UCLIBC_VER}.tar.bz2 - - if want_ssp ; then - if [[ -n ${PP_FVER} ]] ; then - # The gcc 3.4 propolice versions are meant to be unpacked to ${S} - pushd "${S}" > /dev/null - unpack protector-${PP_FVER}.tar.gz - popd > /dev/null - else - unpack gcc-${PP_GCC_VER}-ssp-${PP_VER}.tar.bz2 - fi - fi - - if want_pie ; then - if [[ -n ${PIE_CORE} ]] ; then - unpack ${PIE_CORE} - else - unpack gcc-${PIE_GCC_VER}-piepatches-v${PIE_VER}.tar.bz2 - fi - [[ -n ${SPECS_VER} ]] && \ - unpack gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2 - fi - if [[ -n ${ESPF_VER} ]] ; then - unpack gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2 - unpack gcc-${GCC_RELEASE_VER}-specs-${SPECS_VER}.tar.bz2 - fi - - want_boundschecking && \ - unpack "bounds-checking-gcc-${HTB_GCC_VER}-${HTB_VER}.patch.bz2" - - popd > /dev/null -} - -# Exclude any unwanted patches, as specified by the following variables: -# -# GENTOO_PATCH_EXCLUDE -# List of filenames, relative to ${WORKDIR}/patch/ -# -# PIEPATCH_EXCLUDE -# List of filenames, relative to ${WORKDIR}/piepatch/ -# -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# -exclude_gcc_patches() { - local i - for i in ${GENTOO_PATCH_EXCLUDE} ; do - if [[ -f ${WORKDIR}/patch/${i} ]] ; then - einfo "Excluding patch ${i}" - rm -f "${WORKDIR}"/patch/${i} || die "failed to delete ${i}" - fi - done - for i in ${PIEPATCH_EXCLUDE} ; do - if [[ -f ${WORKDIR}/piepatch/${i} ]] ; then - einfo "Excluding piepatch ${i}" - rm -f "${WORKDIR}"/piepatch/${i} || die "failed to delete ${i}" - fi - done -} - -# Try to apply some stub patches so that gcc won't error out when -# passed parameters like -fstack-protector but no ssp is found -do_gcc_stub() { - local v stub_patch="" - for v in ${GCC_RELEASE_VER} ${GCC_BRANCH_VER} ; do - stub_patch=${GCC_FILESDIR}/stubs/gcc-${v}-$1-stub.patch - if [[ -e ${stub_patch} ]] && ! use vanilla ; then - EPATCH_SINGLE_MSG="Applying stub patch for $1 ..." \ - epatch "${stub_patch}" - return 0 - fi - done -} - -do_gcc_USER_patches() { - local check base=${PORTAGE_CONFIGROOT}/etc/portage/patches - for check in {${CATEGORY}/${PF},${CATEGORY}/${P},${CATEGORY}/${PN}}; do - EPATCH_SOURCE=${base}/${CTARGET}/${check} - [[ -r ${EPATCH_SOURCE} ]] || EPATCH_SOURCE=${base}/${CHOST}/${check} - [[ -r ${EPATCH_SOURCE} ]] || EPATCH_SOURCE=${base}/${check} - if [[ -d ${EPATCH_SOURCE} ]] ; then - EPATCH_SUFFIX="patch" - EPATCH_FORCE="yes" \ - EPATCH_MULTI_MSG="Applying user patches from ${EPATCH_SOURCE} ..." \ - epatch - break - fi - done -} - -do_gcc_HTB_patches() { - if ! want_boundschecking || \ - (want_ssp && [[ ${HTB_EXCLUSIVE} == "true" ]]) - then - do_gcc_stub htb - return 0 - fi - - # modify the bounds checking patch with a regression patch - epatch "${WORKDIR}/bounds-checking-gcc-${HTB_GCC_VER}-${HTB_VER}.patch" - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, HTB-${HTB_GCC_VER}-${HTB_VER}" -} - -# patch in ProPolice Stack Smashing protection -do_gcc_SSP_patches() { - # PARISC has no love ... it's our stack :( - if [[ $(tc-arch) == "hppa" ]] || \ - ! want_ssp || \ - (want_boundschecking && [[ ${HTB_EXCLUSIVE} == "true" ]]) - then - do_gcc_stub ssp - return 0 - fi - - local ssppatch - local sspdocs - - if [[ -n ${PP_FVER} ]] ; then - # Etoh keeps changing where files are and what the patch is named - if tc_version_is_at_least 3.4.1 ; then - # >3.4.1 uses version in patch name, and also includes docs - ssppatch="${S}/gcc_${PP_VER}.dif" - sspdocs="yes" - elif tc_version_is_at_least 3.4.0 ; then - # >3.4 put files where they belong and 3_4 uses old patch name - ssppatch="${S}/protector.dif" - sspdocs="no" - elif tc_version_is_at_least 3.2.3 ; then - # earlier versions have no directory structure or docs - mv "${S}"/protector.{c,h} "${S}"/gcc - ssppatch="${S}/protector.dif" - sspdocs="no" - fi - else - # Just start packaging the damn thing ourselves - mv "${WORKDIR}"/ssp/protector.{c,h} "${S}"/gcc/ - ssppatch=${WORKDIR}/ssp/gcc-${PP_GCC_VER}-ssp.patch - # allow boundschecking and ssp to get along - (want_boundschecking && [[ -e ${WORKDIR}/ssp/htb-ssp.patch ]]) \ - && patch -s "${ssppatch}" "${WORKDIR}"/ssp/htb-ssp.patch - fi - - [[ -z ${ssppatch} ]] && die "Sorry, SSP is not supported in this version" - epatch ${ssppatch} - - if [[ ${PN} == "gcc" && ${sspdocs} == "no" ]] ; then - epatch "${GCC_FILESDIR}"/pro-police-docs.patch - fi - - # Don't build crtbegin/end with ssp - sed -e 's|^CRTSTUFF_CFLAGS = |CRTSTUFF_CFLAGS = -fno-stack-protector |'\ - -i gcc/Makefile.in || die "Failed to update crtstuff!" - - # if gcc in a stage3 defaults to ssp, is version 3.4.0 and a stage1 is built - # the build fails building timevar.o w/: - # cc1: stack smashing attack in function ix86_split_to_parts() - if use build && tc_version_is_at_least 3.4.0 ; then - if gcc -dumpspecs | grep -q "fno-stack-protector:" ; then - epatch "${GCC_FILESDIR}"/3.4.0/gcc-3.4.0-cc1-no-stack-protector.patch - fi - fi - - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, ssp-${PP_FVER:-${PP_GCC_VER}-${PP_VER}}" - if want_libssp ; then - update_gcc_for_libssp - else - update_gcc_for_libc_ssp - fi - - # Don't build libgcc with ssp - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -fno-stack-protector|' \ - -i gcc/Makefile.in || die "Failed to update gcc!" -} - -# If glibc or uclibc has been patched to provide the necessary symbols itself, -# then lets use those for SSP instead of libgcc. -update_gcc_for_libc_ssp() { - if libc_has_ssp ; then - einfo "Updating gcc to use SSP from libc ..." - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -D_LIBC_PROVIDES_SSP_|' \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - fi -} - -# a split out non-libc non-libgcc ssp requires additional spec logic changes -update_gcc_for_libssp() { - einfo "Updating gcc to use SSP from libssp..." - sed -e 's|^\(INTERNAL_CFLAGS.*\)$|\1 -D_LIBSSP_PROVIDES_SSP_|' \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" -} - -# do various updates to PIE logic -do_gcc_PIE_patches() { - if ! want_pie || \ - (want_boundschecking && [[ ${HTB_EXCLUSIVE} == "true" ]]) - then - return 0 - fi - - want_boundschecking \ - && rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-no.patch* \ - || rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-yes.patch* - - use vanilla && return 0 - - if tc_version_is_at_least 4.3.2; then - guess_patch_type_in_dir "${WORKDIR}"/piepatch/ - EPATCH_MULTI_MSG="Applying pie patches ..." \ - epatch "${WORKDIR}"/piepatch/ - else - guess_patch_type_in_dir "${WORKDIR}"/piepatch/upstream - - # corrects startfile/endfile selection and shared/static/pie flag usage - EPATCH_MULTI_MSG="Applying upstream pie patches ..." \ - epatch "${WORKDIR}"/piepatch/upstream - # adds non-default pie support (rs6000) - EPATCH_MULTI_MSG="Applying non-default pie patches ..." \ - epatch "${WORKDIR}"/piepatch/nondef - # adds default pie support (rs6000 too) if DEFAULT_PIE[_SSP] is defined - EPATCH_MULTI_MSG="Applying default pie patches ..." \ - epatch "${WORKDIR}"/piepatch/def - - # we want to be able to control the pie patch logic via something other - # than ALL_CFLAGS... - sed -e '/^ALL_CFLAGS/iHARD_CFLAGS = ' \ - -e 's|^ALL_CFLAGS = |ALL_CFLAGS = $(HARD_CFLAGS) |' \ - -i "${S}"/gcc/Makefile.in - fi - - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, pie-${PIE_VER}" -} - -# do various updates to ESPF -do_gcc_ESPF_patches() { - if [[ -n ${ESPF_VER} ]] || ! use vanilla; then - guess_patch_type_in_dir "${WORKDIR}"/espf-gcc-"${GCC_RELEASE_VER}" - EPATCH_MULTI_MSG="Applying espf patches ..." \ - epatch "${WORKDIR}"/espf-gcc-"${GCC_RELEASE_VER}" - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, espf-${ESPF_VER}" - fi -} - -should_we_gcc_config() { - # we always want to run gcc-config if we're bootstrapping, otherwise - # we might get stuck with the c-only stage1 compiler - use bootstrap && return 0 - use build && return 0 - - # if the current config is invalid, we definitely want a new one - # Note: due to bash quirkiness, the following must not be 1 line - local curr_config - curr_config=$(env -i ROOT="${ROOT}" gcc-config -c ${CTARGET} 2>&1) || return 0 - - # if the previously selected config has the same major.minor (branch) as - # the version we are installing, then it will probably be uninstalled - # for being in the same SLOT, make sure we run gcc-config. - local curr_config_ver=$(env -i ROOT="${ROOT}" gcc-config -S ${curr_config} | awk '{print $2}') - - local curr_branch_ver=$(get_version_component_range 1-2 ${curr_config_ver}) - - # If we're using multislot, just run gcc-config if we're installing - # to the same profile as the current one. - use multislot && return $([[ ${curr_config_ver} == ${GCC_CONFIG_VER} ]]) - - if [[ ${curr_branch_ver} == ${GCC_BRANCH_VER} ]] ; then - return 0 - else - # if we're installing a genuinely different compiler version, - # we should probably tell the user -how- to switch to the new - # gcc version, since we're not going to do it for him/her. - # We don't want to switch from say gcc-3.3 to gcc-3.4 right in - # the middle of an emerge operation (like an 'emerge -e world' - # which could install multiple gcc versions). - einfo "The current gcc config appears valid, so it will not be" - einfo "automatically switched for you. If you would like to" - einfo "switch to the newly installed gcc version, do the" - einfo "following:" - echo - einfo "gcc-config ${CTARGET}-${GCC_CONFIG_VER}" - einfo "source /etc/profile" - echo - ebeep - return 1 - fi -} - -do_gcc_config() { - if ! should_we_gcc_config ; then - env -i ROOT="${ROOT}" gcc-config --use-old --force - return 0 - fi - - local current_gcc_config="" current_specs="" use_specs="" - - # We grep out any possible errors - current_gcc_config=$(env -i ROOT="${ROOT}" gcc-config -c ${CTARGET} | grep -v '^ ') - if [[ -n ${current_gcc_config} ]] ; then - # figure out which specs-specific config is active - current_specs=$(gcc-config -S ${current_gcc_config} | awk '{print $3}') - [[ -n ${current_specs} ]] && use_specs=-${current_specs} - fi - if [[ -n ${use_specs} ]] && \ - [[ ! -e ${ROOT}/etc/env.d/gcc/${CTARGET}-${GCC_CONFIG_VER}${use_specs} ]] - then - ewarn "The currently selected specs-specific gcc config," - ewarn "${current_specs}, doesn't exist anymore. This is usually" - ewarn "due to enabling/disabling hardened or switching to a version" - ewarn "of gcc that doesnt create multiple specs files. The default" - ewarn "config will be used, and the previous preference forgotten." - ebeep - epause - use_specs="" - fi - - gcc-config ${CTARGET}-${GCC_CONFIG_VER}${use_specs} -} - -should_we_eselect_compiler() { - # we always want to run gcc-config if we're bootstrapping, otherwise - # we might get stuck with the c-only stage1 compiler - use bootstrap && return 0 - use build && return 0 - - # if the current config is invalid, we definitely want a new one - # Note: due to bash quirkiness, the following must not be 1 line - local curr_config - curr_config=$(env -i eselect compiler show ${CTARGET} 2>&1) || return 0 - [[ -z ${curr_config} || ${curr_config} == "(none)" ]] && return 0 - - # if the previously selected config has the same major.minor (branch) as - # the version we are installing, then it will probably be uninstalled - # for being in the same SLOT, make sure we run gcc-config. - local curr_config_ver=$(echo ${curr_config} | cut -f1 -d/ | awk -F - '{ print $5 }') - local curr_branch_ver=$(get_version_component_range 1-2 ${curr_config_ver}) - - # If we're using multislot, just run gcc-config if we're installing - # to the same profile as the current one. - use multislot && return $([[ ${curr_config_ver} == ${GCC_CONFIG_VER} ]]) - - if [[ ${curr_branch_ver} == ${GCC_BRANCH_VER} ]] ; then - return 0 - else - # if we're installing a genuinely different compiler version, - # we should probably tell the user -how- to switch to the new - # gcc version, since we're not going to do it for him/her. - # We don't want to switch from say gcc-3.3 to gcc-3.4 right in - # the middle of an emerge operation (like an 'emerge -e world' - # which could install multiple gcc versions). - einfo "The current gcc config appears valid, so it will not be" - einfo "automatically switched for you. If you would like to" - einfo "switch to the newly installed gcc version, do the" - einfo "following:" - echo - einfo "eselect compiler set <profile>" - echo - ebeep - return 1 - fi -} - -do_eselect_compiler() { - if ! should_we_eselect_compiler; then - eselect compiler update - return 0 - fi - - for abi in $(get_all_abis) ; do - local ctarget=$(get_abi_CHOST ${abi}) - local current_specs=$(env -i eselect compiler show ${ctarget} | cut -f2 -d/) - - if [[ -n ${current_specs} && ${current_specs} != "(none)" ]] && eselect compiler set ${CTARGET}-${GCC_CONFIG_VER}/${current_specs} &> /dev/null; then - einfo "The following compiler profile has been activated based on your previous profile:" - einfo "${CTARGET}-${GCC_CONFIG_VER}/${current_specs}" - else - # We couldn't choose based on the old specs, so fall back on vanilla/hardened based on USE - - local spec - if use hardened ; then - spec="hardened" - else - spec="vanilla" - fi - - local profile - local isset=0 - for profile in "${current_specs%-*}-${spec}" "${abi}-${spec}" "${spec}" ; do - if eselect compiler set ${CTARGET}-${GCC_CONFIG_VER}/${profile} &> /dev/null ; then - ewarn "The newly installed version of gcc does not have a profile that matches the name of your" - ewarn "currently selected profile for ${ctarget}, so we have enabled the following instead:" - ewarn "${CTARGET}-${GCC_CONFIG_VER}/${profile}" - ewarn "If this is incorrect, please use 'eselect compiler set' to" - ewarn "select another profile." - - isset=1 - break - fi - done - - if [[ ${isset} == 0 ]] ; then - eerror "We were not able to automatically set the current compiler for ${ctarget}" - eerror "to your newly emerged gcc. Please use 'eselect compiler set'" - eerror "to select your compiler." - fi - fi - done -} - -# This function allows us to gentoo-ize gcc's version number and bugzilla -# URL without needing to use patches. -gcc_version_patch() { - # gcc-4.3+ has configure flags (whoo!) - tc_version_is_at_least 4.3 && return 0 - - local version_string=${GCC_CONFIG_VER} - [[ -n ${BRANCH_UPDATE} ]] && version_string="${version_string} ${BRANCH_UPDATE}" - - einfo "patching gcc version: ${version_string} (${BRANDING_GCC_PKGVERSION})" - - if grep -qs VERSUFFIX "${S}"/gcc/version.c ; then - sed -i -e "s~VERSUFFIX \"\"~VERSUFFIX \" (${BRANDING_GCC_PKGVERSION})\"~" \ - "${S}"/gcc/version.c || die "failed to update VERSUFFIX with Gentoo branding" - else - version_string="${version_string} (${BRANDING_GCC_PKGVERSION})" - sed -i -e "s~\(const char version_string\[\] = \"\).*\(\".*\)~\1$version_string\2~" \ - "${S}"/gcc/version.c || die "failed to update version.c with Gentoo branding." - fi - sed -i -e 's~gcc\.gnu\.org\/bugs\.html~bugs\.gentoo\.org\/~' \ - "${S}"/gcc/version.c || die "Failed to change the bug URL" -} - -# The purpose of this DISGUSTING gcc multilib hack is to allow 64bit libs -# to live in lib instead of lib64 where they belong, with 32bit libraries -# in lib32. This hack has been around since the beginning of the amd64 port, -# and we're only now starting to fix everything that's broken. Eventually -# this should go away. -# -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# -disgusting_gcc_multilib_HACK() { - local config - local libdirs - if has_multilib_profile ; then - case $(tc-arch) in - amd64) - config="i386/t-linux64" - libdirs="../$(get_abi_LIBDIR amd64) ../$(get_abi_LIBDIR x86)" \ - ;; - ppc64) - config="rs6000/t-linux64" - libdirs="../$(get_abi_LIBDIR ppc64) ../$(get_abi_LIBDIR ppc)" \ - ;; - esac - else - die "Your profile is no longer supported by portage." - fi - - einfo "updating multilib directories to be: ${libdirs}" - sed -i -e "s:^MULTILIB_OSDIRNAMES.*:MULTILIB_OSDIRNAMES = ${libdirs}:" "${S}"/gcc/config/${config} -} - -disable_multilib_libjava() { - if is_gcj ; then - # We dont want a multilib libjava, so lets use this hack taken from fedora - pushd "${S}" > /dev/null - sed -i -e 's/^all: all-redirect/ifeq (\$(MULTISUBDIR),)\nall: all-redirect\nelse\nall:\n\techo Multilib libjava build disabled\nendif/' libjava/Makefile.in - sed -i -e 's/^install: install-redirect/ifeq (\$(MULTISUBDIR),)\ninstall: install-redirect\nelse\ninstall:\n\techo Multilib libjava install disabled\nendif/' libjava/Makefile.in - sed -i -e 's/^check: check-redirect/ifeq (\$(MULTISUBDIR),)\ncheck: check-redirect\nelse\ncheck:\n\techo Multilib libjava check disabled\nendif/' libjava/Makefile.in - sed -i -e 's/^all: all-recursive/ifeq (\$(MULTISUBDIR),)\nall: all-recursive\nelse\nall:\n\techo Multilib libjava build disabled\nendif/' libjava/Makefile.in - sed -i -e 's/^install: install-recursive/ifeq (\$(MULTISUBDIR),)\ninstall: install-recursive\nelse\ninstall:\n\techo Multilib libjava install disabled\nendif/' libjava/Makefile.in - sed -i -e 's/^check: check-recursive/ifeq (\$(MULTISUBDIR),)\ncheck: check-recursive\nelse\ncheck:\n\techo Multilib libjava check disabled\nendif/' libjava/Makefile.in - popd > /dev/null - fi -} - -# make sure the libtool archives have libdir set to where they actually -# -are-, and not where they -used- to be. also, any dependencies we have -# on our own .la files need to be updated. -fix_libtool_libdir_paths() { - pushd "${D}" >/dev/null - - local dir=${LIBPATH} - local allarchives=$(cd ./${dir}; echo *.la) - allarchives="\(${allarchives// /\\|}\)" - - sed -i \ - -e "/^libdir=/s:=.*:='${dir}':" \ - ./${dir}/*.la - sed -i \ - -e "/^dependency_libs=/s:/[^ ]*/${allarchives}:${LIBPATH}/\1:g" \ - $(find ./${PREFIX}/lib* -maxdepth 3 -name '*.la') \ - ./${dir}/*.la - - popd >/dev/null -} - -is_multilib() { - [[ ${GCCMAJOR} < 3 ]] && return 1 - case ${CTARGET} in - mips64*|powerpc64*|s390x*|sparc*|x86_64*) - has_multilib_profile || use multilib ;; - *-*-solaris*) use multilib ;; - *-apple-darwin*) use multilib ;; - *) false ;; - esac -} - -is_cxx() { - gcc-lang-supported 'c++' || return 1 - ! use nocxx -} - -is_d() { - gcc-lang-supported d || return 1 - use d -} - -is_f77() { - gcc-lang-supported f77 || return 1 - use fortran -} - -is_f95() { - gcc-lang-supported f95 || return 1 - use fortran -} - -is_fortran() { - gcc-lang-supported fortran || return 1 - use fortran -} - -is_gcj() { - gcc-lang-supported java || return 1 - use gcj -} - -is_libffi() { - has libffi ${IUSE} || return 1 - use libffi -} - -is_objc() { - gcc-lang-supported objc || return 1 - use objc -} - -is_objcxx() { - gcc-lang-supported 'obj-c++' || return 1 - use objc++ -} - -is_ada() { - gcc-lang-supported ada || return 1 - use ada -} - -is_treelang() { - has boundschecking ${IUSE} && use boundschecking && return 1 #260532 - is_crosscompile && return 1 #199924 - gcc-lang-supported treelang || return 1 - #use treelang - return 0 -} diff --git a/pieworld.README b/pieworld.README deleted file mode 100644 index 973e0624..00000000 --- a/pieworld.README +++ /dev/null @@ -1,228 +0,0 @@ -This is PIEworld -================ - -Toolchain modified to build everything that isn't -fPIC, as -fPIE. - -gcc: ----- -1) Built with PIE-default, SSP-default, RELRO and BIND_NOW -2) Non-PIC crtstuff built -fno-PIE (crtbegin.o, crtend.o) -3) Specs permit -static && -fPIE (but not -pie) -4) New startfile crtbeginTS.o combining crtbeginS.o and crtbeginT.o, for "static PIE"s - -glibc: ------- -1) Built with PIE-default, SSP off, RELRO and BIND_NOW - SSP-default messes up the dependencies, in different ways on different arches; changes - to glibc would be too invasive for easy maintenance. -2) Non-PIC crtstuff built -fno-PIE (crt1.o - note; crtn.o, crti.o, Scrt1.o all built -fPIC) -3) Make pic-default configure check ignore -fPIE. -4) Link all apps PIE, adjust TLS initialisation to avoid using the TLS before it's ready. - -The results are: -crt*S*.o, crtn.o, crti.o & Scrt1.o are -fPIC, all other crtfiles are -fno-PIE. -Code archives lib*.a are -fPIE - -Note that since lib*.a are not available -fno-PIE, building static binaries actually creates -binaries containing PIE code, although the executable has a fixed location. - -Upgrade path ------------- - -1) emerge --oneshot =sys-devel/binutils-2.17 -2) Switch to 2.17 binutils (binutils-config) -3) Switch to vanilla compiler (gcc-config) -4) USE="-hardened" emerge --oneshot =sys-libs/glibc-2.5-r2 -5) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.2-r1 -6) switch to hardened compiler -7) emerge --oneshot =sys-libs/glibc-2.5-r2 -8) emerge --oneshot =sys-devel/gcc-4.1.2-r1 -9) emerge -e world :) - -There maybe quicker/shorter ways - but the above should always work. Care has -to be taken for several reasons, but mostly because mixing gcc-3/glibc-2.3 with -the new gcc-4/glibc-2.5 approach during the build of those packages can cause -odd breakages. - - -Things that can trip up in pieworld ------------------------------------ - -* non-PIC assembler. Common in x86 media applications; occurs also in x86 media libraries - although the latter should really be PIC. This is nothing new. - -* local-exec thread-local storage (TLS). On x86, causes textrels with PIC - most arches - don't allow textrels so don't permit local-exec at all in PIC (including PIE). - We've not come across this before, probably because very little has actually used it - until recently. It may become necessary in the future to modify how gcc deals with - local-exec TLS in the PIE case. - - - -Investigations --------------- -1) Check all archive lib*.a that don't have a .so - should they be -fPIC rather than -fPIE? - Done: - All those that don't have a .so are best off -fPIC, which is ok for being linked into - shared libraries, and is also ok-enough for use in executables (whereas -fPIE isn't - good for shared libraries). - - lib*.a from gcc-4.1.1 are: - - libgcc.a built -fPIC - libgcc_eh.a built -fPIC - libffi.a .so equivalent exists - libgcj.a .so equivalent exists - libgcjwt.a .so equivalent exists - libgcov.a built -fPIC - libgfortran.a .so equivalent exists - libgfortranbegin.a Contains fmain.o - looks like only used for executables, so should be ok -fPIE - libgij.a .so equivalent exists - libstdc++.a .so equivalent exists - - lib*.a from glibc-2.5 are: - - libieee.a shared library (just named '.a') - libmcheck.a shared library (just named '.a') - libc_stubs.a shared library (just named '.a') - libBrokenLocale.a .so equivalent exists - libutil.a .so equivalent exists - librpcsvc.a Built -fPIC (http://sourceware.org/ml/glibc-bugs/2005-07/msg00157.html) - libdl.a .so equivalent exists - librt.a .so equivalent exists - libbsd-compat.a contains only an empty object 'dummy.o' - doesn't matter how it's built - libpthread.a .so equivalent exists - libc.a .so equivalent exists - libg.a contains only an empty object 'dummy.o' - doesn't matter how it's built - libm.a .so equivalent exists - libcrypt.a .so equivalent exists - libanl.a .so equivalent exists - libresolv.a .so equivalent exists - libnsl.a .so equivalent exists - - So looks like it's all ok, both in gcc and glibc. - - -2) glibc-2.5 failures (sandbox always disabled): - -For reference, on vanilla x86 the following fail (both in and out of a chroot): - - linuxthreads/posix/annexc - Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html - linuxthreads/linuxthreads/tst-clock1 - Time between threads is too short - expected 1 sec, got a fraction (why?). - linuxthreads/rt/tst-aio9 - Limitation of linuxthreads? (ok on nptl) Hints to that effect http://sourceware.org/ml/libc-ports/2006-08/msg00016.html - linuxthreads/rt/tst-aio10 - Limitation of linuxthreads? (ok on nptl) http://sourceware.org/ml/libc-ports/2006-08/msg00016.html - linuxthreads/elf/check-localplt - bunch of stuff appears, mostly from libpthread.so, that isn't expected (why?). - linuxthreads/c++-types-check - pthread_attr_t and pthread_rwlock_t are different from expected (why?). - - ok nptl/posix/annexc - Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html - ok nptl/nptl/tst-cancel1 - Requires >=gcc-4.2 http://sourceware.org/ml/libc-alpha/2006-09/msg00039.html - -and on vanilla amd64 (nptlonly) the following fail: - nptl/iconvdata/iconv-test - nptl/malloc/tst-mtrace - nptl/grp/tst_fgetgrent - nptl/posix/tst-nice - nptl/posix/globtest - ok nptl/posix/annexc - nptl/io/ftwtest - ok nptl/nptl/tst-cancel1 - nptl/rt/tst-cpuclock2 - -so are ignored for the purposes of analysing failures on hardened. - -Note also - ppc64 and sparc64 can't have linuxthreads as it doesn't -compile (some changes that are in for nptl have not been back-ported). - - -Arch -> x86 ppc x86_64 sparc ppc64 -NPTL Test v -iconvdata/iconv-test --- -.. ..X .-. .-. (? segfault) -libio/tst-wmemstream1 --- -.. .X- .-. .-. (? segfault) -libio/tst-wmemstream2 --- -.. .X- .-. .-. (? segfault) -libio/bug-wmemstream1 --- -.. .X- .-. .-. (? segfault) -malloc/tst-mtrace --- -.. .-X .-. .-. (? x86_64-only) -grp/tst_fgetgrent --- -.. .-X .-. .-. (? x86_64-only) -math/test-fenv --- -.. .-- .X. .-. (? sparc64 only - never sets UNDERFLOW) -dlfcn/default XX- X.. .X- .X. .X. (? dladdr returns empty string) -posix/globtest --- -.. .-X .-. .-. (? x86_64-only) -posix/annexc XXX X.. .XX .X. .X. (expected) -io/ftwtest --- -.. .-X .-. .-. (? x86_64-only) -nptl/tst-mutex5 --X -.. .-- .-. .-. (? vanilla x86-only; not always) -nptl/tst-cond10 --X -.. .-- .-. .-. (? hardened x86-only) -nptl/tst-tls2 X-- X.. .X- .-. .-. (local-exec TLS?) -nptl/tst-cancel1 XXX -.. .XX .-. .-. (expected on x86/x86_64) -nptl/tst-cancelx4 XX- -.. .-- .-. .-. (? x86-only) -nptl/tst-cancelx5 XX- -.. .-- .-. .-. (? x86-only) -nptl/tst-cancelx10 XX- -.. .-- .-. .-. (? x86-only) -nptl/tst-cancelx18 XX- -.. .-- .-. .-. (? x86-only) -nptl/tst-execstack --- X.. .-- .-. .-. (PaX) -nptl/rt/tst-cpuclock2 --- -.. .X- .-. .-. (?) -nptl/tst-eintr1 --- -.. .-- .X. .-. (?) -nptl/tst-cancel20 --- -.. .-- .X. .-. (?) -nptl/tst-cancelx20 --- -.. .-- .X. .-. (?) -elf/tst-tls1 X-- X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls2 X-- X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls1-static --- X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls2-static --- X.. .X- .X. .X. (local-exec TLS) -elf/resolvfail XX- X.. .X- .X. .X. (BIND_NOW) -elf/constload1 XX- X.. .X- .X. .X. (BIND_NOW) -elf/order XX- X.. .X- .X. .X. (BIND_NOW) -elf/lateglobal XX- X.. .X- .X. .X. (BIND_NOW) -elf/dblload XX- X.. .X- .X. .X. (BIND_NOW) -elf/dblunload XX- X.. .X- .X. .X. (BIND_NOW) -elf/reldep6 XX- X.. .X- .X. .X. (BIND_NOW) -elf/circleload1 XX- X.. .X- .X. .X. (BIND_NOW) -elf/tst-tls3 X-- X.. .X- .X. ... (?) -elf/tst-tls10 X-- X.. .X- .-. .X. (local-exec TLS) -elf/tst-tls14 X-- -.. .X- .-. ... (local-exec TLS) -elf/tst-execstack X-- X.. .-- .-. ... (PaX) -elf/tst-execstack-needed X-- X.. .-- .-. ... (PaX) -elf/tst-execstack-prog X-- X.. .-- .-. ... (PaX) -elf/tst-global1 XX- X.. .X- .X. .X. (BIND_NOW) -elf/tst-audit2 XX- X.. .X- .-. .X. (local-exec TLS) - -... is HhV where H: hardened on hardened kernel, h: hardened on vanilla kernel, V: vanilla on vanilla kernel -X => test failure, - => test pass. . => not run - -PaX: PaX kernel causes execstack behaviour to fail (a good thing, where PaX is concerned). -BIND_NOW: These tests require that some of their links be -Wl,-z,lazy -local-exec TLS: The local-exec TLS model is not compatible with PIC (and therefore PIE) - -posix/annexc is ignored upstream (http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html) - -tst-cancel1 fails on x86/amd64 because support is not in gcc-4.1.1 - gcc-4.2 will fix this -(http://sourceware.org/ml/libc-alpha/2006-09/msg00039.html) - -Things to work out: -1) Why all those mutex/robust (barrier) checks fail on x86 with a hardened kernel (only!) - Disabling PaX/GRsecurity (i.e. unhardening!) gets: - tst-mutexpi4: pthread_mutex_lock.c:287: __pthread_mutex_lock: Assertion `robust || (oldval & 0x40000000) == 0' failed. - Didn't expect signal from child: got `Aborted' - This happens when the parent tries to lock the mutex; at this point the child has finished - well, - it has aborted, which it shouldn't have done. The reason the assertion has failed is the - 'oldval ^ 0x40000000' bit, which is FUTEX_OWNER_DIED. This is consistent with the child process - aborting, instead of going to an idle state waiting to be cleaned up when the parent finishes. - - Now I've repeated, always getting these failures on a non-hardened kernel, when built with gcc/vanilla - on both hardened and non-hardened kernels. Yet I don't get them on my athlon-xp machine. - - Investigation ongoing... - - Turns out it was PAX_UDEREF - which I had failed to switch off even in my 'non-hardened' kernels :/ - This is fixed in hardened-sources-2.6.19-r6 - -2) Why x86 passes elf/tst-tls{1,2}-static when all other arches fail it -3) What's different about x86_64 that it fails a whole bunch that are ok for other arches -4) Failures marked (?) - -Things to consider: -1) Forcing TLS model local-exec to local-dynamic or initial-exec; or implementing - a PIC-friendly local-exec in gcc. diff --git a/sys-boot/grub/Manifest b/sys-boot/grub/Manifest deleted file mode 100644 index c15f26a1..00000000 --- a/sys-boot/grub/Manifest +++ /dev/null @@ -1,6 +0,0 @@ -AUX grub-0.97-gcc4-hardened.patch 462 RMD160 f1429fd7ebddede7dcc243e897ae3ff24ee19e06 SHA1 75860a643ac0588ef60fcc8e26fca734b11b3dae SHA256 24f135ba1404ac68a379d21885563adec58a38a7e2c05735a9328cd78aef19c2 -AUX grub.conf.gentoo 659 RMD160 9ab841d6fdd03be3f99f109ed3dfe0a5027e66d2 SHA1 26455e5c3ba2043be970bf64ce2386119fd35f30 SHA256 5e3a209af537090456546704e52e0dee8f8600944a34184f79776523cdaa9a25 -DIST grub-0.97-patches-1.9.tar.bz2 51809 RMD160 a745902212dbd22f4d9f0bb0d563ffd44b429eaa SHA1 1d9da2df8bccef9821ebbbc2f5c5353dbd90bf4d SHA256 6b8445c9260803f059031cbe7475a45fee6499fc2dbd911288af6169455c4028 -DIST grub-0.97.tar.gz 971783 RMD160 7fb5674edf0c950bd38e94f85ff1e2909aa741f0 SHA1 2580626c4579bd99336d3af4482c346c95dac4fb SHA256 4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b -DIST splash.xpm.gz 33856 RMD160 2fead61f91c368429e80936248bb02af2bdf15ff SHA1 98e679f9698be43426f971f89a088c053e8c804a SHA256 b95600f777331b0dd31d51c68f60f0e846e4c8b628857a41165f4e6b30e6acaf -EBUILD grub-0.97-r10.ebuild 9096 RMD160 ef81d0b16f3a2f48f5638782dac887987e57ac1d SHA1 83a5170a9e685bf3a32972e84c5bd28c0698b6e4 SHA256 c90cb3c2e5e0946cc173293f0ccb8352a790effd0d9287c4f9516c8856e8c117 diff --git a/sys-boot/grub/files/grub-0.97-gcc4-hardened.patch b/sys-boot/grub/files/grub-0.97-gcc4-hardened.patch deleted file mode 100644 index cf851888..00000000 --- a/sys-boot/grub/files/grub-0.97-gcc4-hardened.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -ruN /var/tmp/portage/sys-boot/grub-0.97-r6/work/grub-0.97/configure.ac /root/hardened/grub-0.97/configure.ac ---- /work/grub-0.97/configure.ac 2008-06-03 16:09:34.000000000 +0200 -+++ /grub-0.97/configure.ac 2008-06-04 00:24:01.000000000 +0200 -@@ -106,6 +106,7 @@ - ]) - if test "x$no_stack_protector_flag" = xyes; then - STAGE2_CFLAGS="$STAGE2_CFLAGS -fno-stack-protector" -+ GRUB_CFLAGS="$GRUB_CFLAGS -fno-stack-protector" - fi - fi - fi diff --git a/sys-boot/grub/files/grub.conf.gentoo b/sys-boot/grub/files/grub.conf.gentoo deleted file mode 100644 index 451ec6b2..00000000 --- a/sys-boot/grub/files/grub.conf.gentoo +++ /dev/null @@ -1,16 +0,0 @@ -# This is a sample grub.conf for use with Genkernel, per the Gentoo handbook -# http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#doc_chap2 -# If you are not using Genkernel and you need help creating this file, you -# should consult the handbook. Alternatively, consult the grub.conf.sample that -# is included with the Grub documentation. - -default 0 -timeout 30 -#splashimage=(hd0,0)/boot/grub/splash.xpm.gz - -#title Gentoo Linux 2.6.24-r5 -#root (hd0,0) -#kernel /boot/kernel-genkernel-x86-2.6.24-gentoo-r5 root=/dev/ram0 init=/linuxrc ramdisk=8192 real_root=/dev/sda3 udev -#initrd /boot/initramfs-genkernel-x86-2.6.24-gentoo-r5 - -# vim:ft=conf: diff --git a/sys-boot/grub/grub-0.97-r10.ebuild b/sys-boot/grub/grub-0.97-r10.ebuild deleted file mode 100644 index 7edcb202..00000000 --- a/sys-boot/grub/grub-0.97-r10.ebuild +++ /dev/null @@ -1,280 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/grub-0.97-r9.ebuild,v 1.5 2009/07/04 18:46:05 robbat2 Exp $ - -# XXX: we need to review menu.lst vs grub.conf handling. We've been converting -# all systems to grub.conf (and symlinking menu.lst to grub.conf), but -# we never updated any of the source code (it still all wants menu.lst), -# and there is no indication that upstream is making the transition. - -inherit mount-boot eutils flag-o-matic toolchain-funcs autotools linux-info - -PATCHVER="1.9" # Should match the revision ideally -DESCRIPTION="GNU GRUB Legacy boot loader" -HOMEPAGE="http://www.gnu.org/software/grub/" -SRC_URI="mirror://gentoo/${P}.tar.gz - ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.gz - mirror://gentoo/splash.xpm.gz - mirror://gentoo/${P}-patches-${PATCHVER}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86 ~x86-fbsd" -IUSE="custom-cflags ncurses netboot static" - -DEPEND="ncurses? ( - >=sys-libs/ncurses-5.2-r5 - amd64? ( app-emulation/emul-linux-x86-baselibs ) - )" -PROVIDE="virtual/bootloader" - -pkg_setup() { - local arch="$(tc-arch)" - case ${arch} in - amd64) CONFIG_CHECK='~IA32_EMULATION' check_extra_config ;; - esac -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # patch breaks booting for some people #111885 - rm "${WORKDIR}"/patch/400_* - - # Grub will not handle a kernel larger than EXTENDED_MEMSIZE Mb as - # discovered in bug 160801. We can change this, however, using larger values - # for this variable means that Grub needs more memory to run and boot. For a - # kernel of size N, Grub needs (N+1)*2. Advanced users should set a custom - # value in make.conf, it is possible to make kernels ~16Mb in size, but it - # needs the kitchen sink built-in. - local t="custom" - if [[ -z ${GRUB_MAX_KERNEL_SIZE} ]] ; then - case $(tc-arch) in - amd64) GRUB_MAX_KERNEL_SIZE=7 ;; - x86) GRUB_MAX_KERNEL_SIZE=3 ;; - esac - t="default" - fi - einfo "Grub will support the ${t} maximum kernel size of ${GRUB_MAX_KERNEL_SIZE} Mb (GRUB_MAX_KERNEL_SIZE)" - - sed -i \ - -e "/^#define.*EXTENDED_MEMSIZE/s,3,${GRUB_MAX_KERNEL_SIZE},g" \ - "${S}"/grub/asmstub.c \ - || die "Failed to hack memory size" - - # Ticket 20 http://hardened.gentooexperimental.org/secure/report/1 - epatch "${FILESDIR}"/grub-0.97-gcc4-hardened.patch - - if [[ -n ${PATCHVER} ]] ; then - EPATCH_SUFFIX="patch" - epatch "${WORKDIR}"/patch - eautoreconf - fi -} - -src_compile() { - filter-flags -fPIE #168834 - - use amd64 && multilib_toolchain_setup x86 - - unset BLOCK_SIZE #73499 - - ### i686-specific code in the boot loader is a bad idea; disabling to ensure - ### at least some compatibility if the hard drive is moved to an older or - ### incompatible system. - - # grub-0.95 added -fno-stack-protector detection, to disable ssp for stage2, - # but the objcopy's (faulty) test fails if -fstack-protector is default. - # create a cache telling configure that objcopy is ok, and add -C to econf - # to make use of the cache. - # - # CFLAGS has to be undefined running econf, else -fno-stack-protector detection fails. - # STAGE2_CFLAGS is not allowed to be used on emake command-line, it overwrites - # -fno-stack-protector detected by configure, removed from netboot's emake. - use custom-cflags || unset CFLAGS - - export grub_cv_prog_objcopy_absolute=yes #79734 - use static && append-ldflags -static - - # Per bug 216625, the emul packages do not provide .a libs for performing - # suitable static linking - if use amd64 && use static ; then - if [ -z "${GRUB_STATIC_PACKAGE_BUILDING}" ]; then - die "You must use the grub-static package if you want a static Grub on amd64!" - else - eerror "You have set GRUB_STATIC_PACKAGE_BUILDING. This" - eerror "is specifically intended for building the tarballs for the" - eerror "grub-static package via USE='static -ncurses'." - eerror "All bets are now off." - ebeep 10 - fi - fi - - # build the net-bootable grub first, but only if "netboot" is set - if use netboot ; then - econf \ - --libdir=/lib \ - --datadir=/usr/lib/grub \ - --exec-prefix=/ \ - --disable-auto-linux-mem-opt \ - --enable-diskless \ - --enable-{3c{5{03,07,09,29,95},90x},cs89x0,davicom,depca,eepro{,100}} \ - --enable-{epic100,exos205,ni5210,lance,ne2100,ni{50,65}10,natsemi} \ - --enable-{ne,ns8390,wd,otulip,rtl8139,sis900,sk-g16,smc9000,tiara} \ - --enable-{tulip,via-rhine,w89c840} || die "netboot econf failed" - - emake w89c840_o_CFLAGS="-O" || die "making netboot stuff" - - mv -f stage2/{nbgrub,pxegrub} "${S}"/ - mv -f stage2/stage2 stage2/stage2.netboot - - make clean || die "make clean failed" - fi - - # Now build the regular grub - # Note that FFS and UFS2 support are broken for now - stage1_5 files too big - econf \ - --libdir=/lib \ - --datadir=/usr/lib/grub \ - --exec-prefix=/ \ - --disable-auto-linux-mem-opt \ - $(use_with ncurses curses) \ - || die "econf failed" - - # sanity check due to common failure - use ncurses && ! grep -qs "HAVE_LIBCURSES.*1" config.h && die "USE=ncurses but curses not found" - - emake || die "making regular stuff" -} - -src_test() { - # non-default block size also give false pass/fails. - unset BLOCK_SIZE - make check || die "make check failed" -} - -src_install() { - emake DESTDIR="${D}" install || die - if use netboot ; then - exeinto /usr/lib/grub/${CHOST} - doexe nbgrub pxegrub stage2/stage2.netboot || die "netboot install" - fi - - dodoc AUTHORS BUGS ChangeLog NEWS README THANKS TODO - newdoc docs/menu.lst grub.conf.sample - dodoc "${FILESDIR}"/grub.conf.gentoo - prepalldocs - - [ -n "${GRUB_STATIC_PACKAGE_BUILDING}" ] && \ - mv \ - "${D}"/usr/share/doc/${PF} \ - "${D}"/usr/share/doc/grub-static-${PF/grub-} - - insinto /usr/share/grub - doins "${DISTDIR}"/splash.xpm.gz -} - -setup_boot_dir() { - local boot_dir=$1 - local dir=${boot_dir} - - mkdir -p "${dir}" - [[ ! -L ${dir}/boot ]] && ln -s . "${dir}/boot" - dir="${dir}/grub" - if [[ ! -e ${dir} ]] ; then - mkdir "${dir}" || die "${dir} does not exist!" - fi - - # change menu.lst to grub.conf - if [[ ! -e ${dir}/grub.conf ]] && [[ -e ${dir}/menu.lst ]] ; then - mv -f "${dir}"/menu.lst "${dir}"/grub.conf - ewarn - ewarn "*** IMPORTANT NOTE: menu.lst has been renamed to grub.conf" - ewarn - fi - - if [[ ! -e ${dir}/menu.lst ]]; then - einfo "Linking from new grub.conf name to menu.lst" - ln -snf grub.conf "${dir}"/menu.lst - fi - - if [[ -e ${dir}/stage2 ]] ; then - mv "${dir}"/stage2{,.old} - ewarn "*** IMPORTANT NOTE: you must run grub and install" - ewarn "the new version's stage1 to your MBR. Until you do," - ewarn "stage1 and stage2 will still be the old version, but" - ewarn "later stages will be the new version, which could" - ewarn "cause problems such as an unbootable system." - ewarn "This means you must use either grub-install or perform" - ewarn "root/setup manually! For more help, see the handbook:" - ewarn "http://www.gentoo.org/doc/en/handbook/handbook-${ARCH}.xml?part=1&chap=10#grub-install-auto" - ebeep - fi - - einfo "Copying files from /lib/grub, /usr/lib/grub and /usr/share/grub to ${dir}" - for x in \ - "${ROOT}"/lib*/grub/*/* \ - "${ROOT}"/usr/lib*/grub/*/* \ - "${ROOT}"/usr/share/grub/* ; do - [[ -f ${x} ]] && cp -p "${x}" "${dir}"/ - done - - if [[ ! -e ${dir}/grub.conf ]] ; then - s="${ROOT}/usr/share/doc/${PF}/grub.conf.gentoo" - [[ -e "${s}" ]] && cat "${s}" >${dir}/grub.conf - [[ -e "${s}.gz" ]] && zcat "${s}.gz" >${dir}/grub.conf - [[ -e "${s}.bz2" ]] && bzcat "${s}.bz2" >${dir}/grub.conf - fi - - # Per bug 218599, we support grub.conf.install for users that want to run a - # specific set of Grub setup commands rather than the default ones. - grub_config=${dir}/grub.conf.install - [[ -e ${grub_config} ]] || grub_config=${dir}/grub.conf - if [[ -e ${grub_config} ]] ; then - egrep \ - -v '^[[:space:]]*(#|$|default|fallback|initrd|password|splashimage|timeout|title)' \ - "${grub_config}" | \ - /sbin/grub --batch \ - --device-map="${dir}"/device.map \ - > /dev/null - fi - - # the grub default commands silently piss themselves if - # the default file does not exist ahead of time - if [[ ! -e ${dir}/default ]] ; then - grub-set-default --root-directory="${boot_dir}" default - fi - einfo "Grub has been installed to ${boot_dir} successfully." -} - -pkg_postinst() { - if [[ -n ${DONT_MOUNT_BOOT} ]]; then - elog "WARNING: you have DONT_MOUNT_BOOT in effect, so you must apply" - elog "the following instructions for your /boot!" - elog "Neglecting to do so may cause your system to fail to boot!" - elog - else - setup_boot_dir "${ROOT}"/boot - # Trailing output because if this is run from pkg_postinst, it gets mixed into - # the other output. - einfo "" - fi - elog "To interactively install grub files to another device such as a USB" - elog "stick, just run the following and specify the directory as prompted:" - elog " emerge --config =${PF}" - elog "Alternately, you can export GRUB_ALT_INSTALLDIR=/path/to/use to tell" - elog "grub where to install in a non-interactive way." - -} - -pkg_config() { - local dir - if [ ! -d "${GRUB_ALT_INSTALLDIR}" ]; then - einfo "Enter the directory where you want to setup grub:" - read dir - else - dir="${GRUB_ALT_INSTALLDIR}" - fi - setup_boot_dir "${dir}" -} diff --git a/sys-devel/gcc/Manifest b/sys-devel/gcc/Manifest deleted file mode 100644 index a6e64f34..00000000 --- a/sys-devel/gcc/Manifest +++ /dev/null @@ -1,16 +0,0 @@ -DIST ecj-4.3.jar 1377431 RMD160 48fa985f763838bed750aa64a2fa997734438099 SHA1 da254944309a8387aa39323fe7bb7216a4518311 SHA256 9de193ea393ed50d868b730bad6916f7a8ef4ba80216f8606d3e1a0dd886e74b -DIST gcc-4.3.4-espf-0.3.2.tar.bz2 15001 RMD160 1e8f75486ad123df380b0d8cec64e1d264becd67 SHA1 d7d9cc7fed362596bca80a6e52166a0332101873 SHA256 8e32d4bff111a0578cf592f46cbbd0520b186521bb386473c15f7849a14212a9 -DIST gcc-4.3.4-patches-1.0.tar.bz2 74158 RMD160 3cf0f0a60996a248927d3af7b8a7a88e742d749f SHA1 885242feac53a73cc335102a78310bf729422729 SHA256 32ac6307b161b01d0f5e138564b400f9f52724f9572e02e844699e9ec7a6e425 -DIST gcc-4.3.4-specs-0.1.5.tar.bz2 1056 RMD160 c667cc15df62ab8259f1aa9759f876dea4a8f190 SHA1 4177121d989163117efabdc486fd2a633cc9116e SHA256 6b377b2163c4c080d734103eb78130e652b1a6d565c0aeab5f669bbbac90b2cd -DIST gcc-4.3.4-uclibc-patches-1.0.tar.bz2 2298 RMD160 111f83201a780a0e8af442b90edddac0465ecccb SHA1 5bbeeeec53d1a3a75a856c30dd0107606a468a03 SHA256 dc475684868cbd38abeb9759bcab1cc6f2de81ff0743a80aef2753f5b1599d00 -DIST gcc-4.3.4.tar.bz2 59368714 RMD160 f23c73a07e15faecaa1bac045f36f4d16be1ddb5 SHA1 cf5248733f26aafa361b3583e74783181eeb88b9 SHA256 e572453bdb74cc4ceebfab9ffb411d9678343dff5bf86e9338d42fdd0818aa65 -DIST gcc-4.4.1-espf-0.3.1.tar.bz2 12607 RMD160 7690eb6ecd0134647751005243dc14eb1beacd50 SHA1 9d0995870f0e9fed8ed968a9861e4959273a644f SHA256 79de861d389deccf17e77fba20239c3cb399ff10242fc9c60efadadddaf8943c -DIST gcc-4.4.1-espf-0.3.2.tar.bz2 15124 RMD160 d28547ad6683114377743b42892045436842aa26 SHA1 59bda0030d055126ff2d7a8df46ad5aa9fd0c40a SHA256 f125b42364b3469882e36f3b7122f47a8c48d8c06c7ce052b9324179a399fa56 -DIST gcc-4.4.1-patches-1.0.tar.bz2 11203 RMD160 64d3d6b586442db5313ea49f675371c2fb9fc617 SHA1 85159a40172be6a403c43b268bf23e788ce0697a SHA256 e83392612ff54e4485bad4bb1888b2d247489777807cfaafb8aff3578c39d163 -DIST gcc-4.4.1-specs-0.1.4.tar.bz2 326 RMD160 c127d76bedfe942235f34b1df8e6d49b30c31cf2 SHA1 b100d5f9740ac120cc3a0651977cc3520e11c5ec SHA256 c95fdcc59fffb024ddfc68ec911ce4e2a0835e31c5b1fde376298499a67f093f -DIST gcc-4.4.1-specs-0.1.5.tar.bz2 1056 RMD160 c667cc15df62ab8259f1aa9759f876dea4a8f190 SHA1 4177121d989163117efabdc486fd2a633cc9116e SHA256 6b377b2163c4c080d734103eb78130e652b1a6d565c0aeab5f669bbbac90b2cd -DIST gcc-4.4.1-uclibc-patches-1.1.tar.bz2 2279 RMD160 b39cd85a9ec615511bb15c65e65aa61295699eda SHA1 8d5662e57533766ed7d63609df0c9d583771a7fc SHA256 b9592d5e14ddb8868599f1da6c2366b179d5a015a7330f819dd0e4fbf8523341 -DIST gcc-4.4.1.tar.bz2 62869928 RMD160 41cb4c76d1671b1d224d2a6e167ee183dd53d096 SHA1 9156ddb7e4cc72288ec31760d6ddc7981123a8a2 SHA256 cbefa9abd4adac0931e1b556072dcd8b32a360d4b95a94d7822c86bded803d5b -EBUILD gcc-4.3.4-r1.ebuild 2534 RMD160 94d3cefe9e59d85395908dcf72eb2b682d42bf78 SHA1 0a8da92361019e833b381598aac3ebdb6ba555ad SHA256 b37ee437f23c46aa999b3547b47be043ceabc29e96e55d43fba58a2a1444c1bd -EBUILD gcc-4.4.1-r1.ebuild 2382 RMD160 ae7ff17a09e4a4616a8a746c88757dacca1d3da0 SHA1 4dd8bffedb657a3ef550ff2350a2980aeb9bdea4 SHA256 b6fbe8de4cb385dbb6471eb8879d5f38cdcac455742d535ce79f12eed79862f1 -EBUILD gcc-4.4.1-r2.ebuild 2381 RMD160 484a36e465e6a51854dd940f010e9f1f9c985a79 SHA1 65d4057f72b469cd62a3b1a0bab6e7c02a82293c SHA256 17c61b9dc93ccc47e926ab643c369048b7daa3027cd073a33858958b5adfff37 diff --git a/sys-devel/gcc/gcc-4.3.4-r1.ebuild b/sys-devel/gcc/gcc-4.3.4-r1.ebuild deleted file mode 100644 index 62720a7f..00000000 --- a/sys-devel/gcc/gcc-4.3.4-r1.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.3.4-r1.ebuild,v 1.2 2009/08/10 03:00:00 zorry Exp $ - -# Fixed in 4.3.4 and should be removed from the patchset -GENTOO_PATCH_EXCLUDE="69_all_gcc43-pr39013.patch" #262567 - -PATCH_VER="1.0" -UCLIBC_VER="1.0" - -ETYPE="gcc-compiler" -GCC_FILESDIR="${PORTDIR}/sys-devel/gcc/files" - -# Hardened gcc 4 stuff -ESPF_VER="0.3.2" -SPECS_VER="0.1.5" - -# arch/libc configurations known to be stable or untested with {PIE,SSP,FORTIFY}-by-default -ESPF_GLIBC_SUPPORT="amd64 x86 ppc ppc64 arm sparc sparc64" -ESPF_UCLIBC_SUPPORT="x86 arm" -# Hardened end - -inherit toolchain - -DESCRIPTION="The GNU Compiler Collection. Includes C/C++, java compilers, pie+ssp extensions, Haj Ten Brugge runtime bounds checking" - -LICENSE="GPL-3 LGPL-2.1 libgcc libstdc++" -KEYWORDS="~amd64 ~arm -hppa ~ppc ~ppc64 ~x86 -x86-fbsd" - -RDEPEND=">=sys-libs/zlib-1.1.4 - >=sys-devel/gcc-config-1.4 - virtual/libiconv - >=dev-libs/gmp-4.2.1 - >=dev-libs/mpfr-2.3 - !build? ( - gcj? ( - gtk? ( - x11-libs/libXt - x11-libs/libX11 - x11-libs/libXtst - x11-proto/xproto - x11-proto/xextproto - >=x11-libs/gtk+-2.2 - x11-libs/pango - ) - >=media-libs/libart_lgpl-2.1 - app-arch/zip - app-arch/unzip - ) - >=sys-libs/ncurses-5.2-r2 - nls? ( sys-devel/gettext ) - )" -DEPEND="${RDEPEND} - test? ( sys-devel/autogen dev-util/dejagnu ) - >=sys-apps/texinfo-4.2-r4 - >=sys-devel/bison-1.875 - sys-devel/flex - elibc_glibc? ( >=sys-libs/glibc-2.8 ) - amd64? ( multilib? ( gcj? ( app-emulation/emul-linux-x86-xlibs ) ) ) - ppc? ( >=${CATEGORY}/binutils-2.17 ) - ppc64? ( >=${CATEGORY}/binutils-2.17 ) - >=${CATEGORY}/binutils-2.15.94" -PDEPEND=">=sys-devel/gcc-config-1.4" -if [[ ${CATEGORY} != cross-* ]] ; then - PDEPEND="${PDEPEND} elibc_glibc? ( >=sys-libs/glibc-2.8 )" -fi - -src_unpack() { - gcc_src_unpack - - use vanilla && return 0 - - sed -i 's/use_fixproto=yes/:/' gcc/config.gcc #PR33200 - - [[ ${CHOST} == ${CTARGET} ]] && epatch "${GCC_FILESDIR}"/gcc-spec-env.patch - - [[ ${CTARGET} == *-softfloat-* ]] && epatch "${GCC_FILESDIR}"/4.3.2/gcc-4.3.2-softfloat.patch - - if use hardened ; then - einfo "Hardened toolchain for GCC 4.4 is made by Zorry, Blueness and Xake " - einfo "http://forums.gentoo.org/viewtopic-t-668885.html" - einfo "http://hardened.gentooexperimental.org/trac/secure" - einfo "Thanks KernelOfTruth, dw and everyone else helping testing," - einfo "suggesting fixes and other things we have missed." - einfo "/zorry" - fi -} diff --git a/sys-devel/gcc/gcc-4.4.1-r1.ebuild b/sys-devel/gcc/gcc-4.4.1-r1.ebuild deleted file mode 100644 index e1da5019..00000000 --- a/sys-devel/gcc/gcc-4.4.1-r1.ebuild +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.4.1-r1.ebuild,v 1.1 2009/07/25 03:00:00 zorry Exp $ - -PATCH_VER="1.0" -UCLIBC_VER="1.1" - -ETYPE="gcc-compiler" -GCC_FILESDIR="${PORTDIR}/sys-devel/gcc/files" - -# Hardened gcc 4 stuff -ESPF_VER="0.3.1" -SPECS_VER="0.1.4" - -# arch/libc configurations known to be stable or untested with {PIE,SSP,FORTIFY}-by-default -ESPF_GLIBC_SUPPORT="amd64 x86 ppc ppc64 arm sparc sparc64" -ESPF_UCLIBC_SUPPORT="x86 arm" -# Hardened end - -inherit toolchain - -DESCRIPTION="The GNU Compiler Collection. Includes C/C++, java compilers, pie+ssp extensions, Haj Ten Brugge runtime bounds checking" - -LICENSE="GPL-3 LGPL-2.1 libgcc libstdc++ gcc-runtime-library-exception-3.1" -KEYWORDS="~amd64 ~arm -hppa ~ppc ~ppc64 ~x86 -x86-fbsd" - -RDEPEND=">=sys-libs/zlib-1.1.4 - >=sys-devel/gcc-config-1.4 - virtual/libiconv - >=dev-libs/gmp-4.2.1 - >=dev-libs/mpfr-2.3 - graphite? ( - >=dev-libs/ppl-0.10 - >=dev-libs/cloog-ppl-0.15 - ) - !build? ( - gcj? ( - gtk? ( - x11-libs/libXt - x11-libs/libX11 - x11-libs/libXtst - x11-proto/xproto - x11-proto/xextproto - >=x11-libs/gtk+-2.2 - x11-libs/pango - ) - >=media-libs/libart_lgpl-2.1 - app-arch/zip - app-arch/unzip - ) - >=sys-libs/ncurses-5.2-r2 - nls? ( sys-devel/gettext ) - )" -DEPEND="${RDEPEND} - test? ( sys-devel/autogen dev-util/dejagnu ) - >=sys-apps/texinfo-4.2-r4 - >=sys-devel/bison-1.875 - amd64? ( multilib? ( gcj? ( app-emulation/emul-linux-x86-xlibs ) ) ) - >=${CATEGORY}/binutils-2.18" -PDEPEND=">=sys-devel/gcc-config-1.4" -if [[ ${CATEGORY} != cross-* ]] ; then - PDEPEND="${PDEPEND} elibc_glibc? ( >=sys-libs/glibc-2.8 )" -fi - -src_unpack() { - gcc_src_unpack - - use vanilla && return 0 - - sed -i 's/use_fixproto=yes/:/' gcc/config.gcc #PR33200 - - [[ ${CHOST} == ${CTARGET} ]] && epatch "${GCC_FILESDIR}"/gcc-spec-env.patch - - [[ ${CTARGET} == *-softfloat-* ]] && epatch "${GCC_FILESDIR}"/4.4.0/gcc-4.4.0-softfloat.patch - - if use hardened ; then - einfo "Hardened toolchain for GCC 4.4 is made by Zorry, Blueness and Xake " - einfo "http://forums.gentoo.org/viewtopic-t-668885.html" - einfo "http://hardened.gentooexperimental.org/trac/secure" - einfo "Thanks KernelOfTruth, dw and everyone else helping testing," - einfo "suggesting fixes and other things we have missed." - einfo "/zorry" - fi -} diff --git a/sys-devel/gcc/gcc-4.4.1-r2.ebuild b/sys-devel/gcc/gcc-4.4.1-r2.ebuild deleted file mode 100644 index 08e18d2c..00000000 --- a/sys-devel/gcc/gcc-4.4.1-r2.ebuild +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.4.1-r2.ebuild,v 1.2 2009/08/10 03:00:00 zorry Exp $ - -PATCH_VER="1.0" -UCLIBC_VER="1.1" - -ETYPE="gcc-compiler" -GCC_FILESDIR="${PORTDIR}/sys-devel/gcc/files" - -# Hardened gcc 4 stuff -ESPF_VER="0.3.2" -SPECS_VER="0.1.5" - -# arch/libc configurations known to be stable or untested with {PIE,SSP,FORTIFY}-by-default -ESPF_GLIBC_SUPPORT="amd64 x86 ppc ppc64 arm sparc sparc64" -ESPF_UCLIBC_SUPPORT="x86 arm" -# Hardened end - -inherit toolchain - -DESCRIPTION="The GNU Compiler Collection. Includes C/C++, java compilers, pie+ssp extensions, Haj Ten Brugge runtime bounds checking" - -LICENSE="GPL-3 LGPL-2.1 libgcc libstdc++ gcc-runtime-library-exception-3.1" -KEYWORDS="~amd64 ~arm -hppa ~ppc ~ppc64 ~x86 -x86-fbsd" - -RDEPEND=">=sys-libs/zlib-1.1.4 - >=sys-devel/gcc-config-1.4 - virtual/libiconv - >=dev-libs/gmp-4.2.1 - >=dev-libs/mpfr-2.3 - graphite? ( - >=dev-libs/ppl-0.10 - >=dev-libs/cloog-ppl-0.15 - ) - !build? ( - gcj? ( - gtk? ( - x11-libs/libXt - x11-libs/libX11 - x11-libs/libXtst - x11-proto/xproto - x11-proto/xextproto - >=x11-libs/gtk+-2.2 - x11-libs/pango - ) - >=media-libs/libart_lgpl-2.1 - app-arch/zip - app-arch/unzip - ) - >=sys-libs/ncurses-5.2-r2 - nls? ( sys-devel/gettext ) - )" -DEPEND="${RDEPEND} - test? ( sys-devel/autogen dev-util/dejagnu ) - >=sys-apps/texinfo-4.2-r4 - >=sys-devel/bison-1.875 - amd64? ( multilib? ( gcj? ( app-emulation/emul-linux-x86-xlibs ) ) ) - >=${CATEGORY}/binutils-2.18" -PDEPEND=">=sys-devel/gcc-config-1.4" -if [[ ${CATEGORY} != cross-* ]] ; then - PDEPEND="${PDEPEND} elibc_glibc? ( >=sys-libs/glibc-2.8 )" -fi - -src_unpack() { - gcc_src_unpack - - use vanilla && return 0 - - sed -i 's/use_fixproto=yes/:/' gcc/config.gcc #PR33200 - - [[ ${CHOST} == ${CTARGET} ]] && epatch "${GCC_FILESDIR}"/gcc-spec-env.patch - - [[ ${CTARGET} == *-softfloat-* ]] && epatch "${GCC_FILESDIR}"/4.4.0/gcc-4.4.0-softfloat.patch - - if use hardened ; then - einfo "Hardened toolchain for GCC 4.4 is made by Zorry, Blueness and Xake" - einfo "http://forums.gentoo.org/viewtopic-t-668885.html" - einfo "http://hardened.gentooexperimental.org/trac/secure" - einfo "Thanks KernelOfTruth, dw and everyone else helping testing," - einfo "suggesting fixes and other things we have missed." - einfo "/zorry" - fi -} diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest deleted file mode 100644 index b118ab9f..00000000 --- a/sys-libs/glibc/Manifest +++ /dev/null @@ -1,39 +0,0 @@ -AUX 2.10/glibc-2.10-hardened-configure-picdefault.patch 865 RMD160 744bdbfb73f1dbced4cb33cb5aa92f3b41d3b4fb SHA1 21e0f83598f5342032a794315f0e3dac07f647da SHA256 b50b29f85d88011555bbcbe6046e6600be9344f2d78412b14aebdea515420774 -AUX 2.10/glibc-2.10-hardened-inittls-nosysenter.patch 8823 RMD160 163e53f0f4f0bd003ef1c50a4eaaa8f4a82695fe SHA1 df23c6756114e1451e6f120723af1b621037c28e SHA256 dcf78c6524c222dbee907200a8878aff727e29d43a4962b977a16d85752e5c10 -AUX 2.5/glibc-2.5-hardened-configure-picdefault.patch 794 RMD160 7ab81bac4b9625043b1e7edea6fb5707696c144d SHA1 25a0b018eb44f3c9818876a12e9ec817e305d80b SHA256 0c0359f567e4ad2d3184618bf6ac7e6102b703eab6227c7e9a4ff4dcdeed2c91 -AUX 2.5/glibc-2.5-hardened-pie.patch 1569 RMD160 8746aeb9f9c68ca153d93cf92c9df93d0fb324d6 SHA1 c2ec8d9286af38017f5bee5a8823f642c067201d SHA256 ff9cde8857c5da89faa4039e2a81748674fbeaaa49d85c378d80711d55f2b0c1 -AUX 2.6/glibc-2.6-gentoo-chk_fail.c 9407 RMD160 230701dfacfe2481eb49e5384fe4ebb508bd3af2 SHA1 0e9330d57de714dd1ecd7040d3eabf4723cdee7c SHA256 7745c0f5d37b37959b43b41e39762fc35b877161bc5740d9d3e9a83021acbc0e -AUX 2.6/glibc-2.6-gentoo-stack_chk_fail.c 9545 RMD160 9a21c9deb6ebca5d2245e3bb50b53ce035967a5f SHA1 11ad52117fa55bbe51b429043df49767c7f58de0 SHA256 1410ded812be80d452eada5f9d6b9bd7bdb504c14f01cc27dce3e36b6f92b92a -AUX 2.6/glibc-2.6-hardened-inittls-nosysenter.patch 8674 RMD160 f4e7df0cb25292afc13e18332569d2ca288fdf92 SHA1 7f34ef26d6607321e0ec5ad0f389cb1aedf5e0da SHA256 cf58ded8fbe9fcb3dc094521feec2588c1520ff2c632b20c69d6a210325c4fcf -AUX 2.7/glibc-2.7-hardened-inittls-nosysenter.patch 8755 RMD160 b674894f3b16f63193bb8040f8a5657dce82e1f9 SHA1 79fb3a4454b85af70dac95dd79134be3fe3a9201 SHA256 b0b1bf0746f7160b89cf281502b95c38dec9cb948d6a50a907b84fd6230a2dc3 -AUX eblits/common.eblit 8751 RMD160 7e0b5242366606725ef06e0a496638cafcdac676 SHA1 aa5976529ac4a22d8924fada9fc6e50f2792902f SHA256 f32fd4017acca5f0d9aca12025ee105822030058702507b740212e8434ee36b7 -AUX eblits/pkg_postinst.eblit 1159 RMD160 4b99846819bf0471d1104a8a17dd260796644f9d SHA1 4a2980fede3edebc7960d40db7cf935c7c854859 SHA256 76c403cf5c77a3a3bb7441566335f0c8da2584eaa21f05ab400e7bb00f9db810 -AUX eblits/pkg_preinst.eblit 3285 RMD160 990d7ee7cfa1ba79a19bc6c01c05817ebfc0ee96 SHA1 3ee2fe58fa7ca246311cf5ef23fa1ccbe509cf49 SHA256 8bc7dea37213048787ce0bec61e9abe8adabb547b5385024bf2549d0a036239c -AUX eblits/pkg_setup.eblit 2357 RMD160 839227a7d00227c137e06b34cc34ae56e9fb91aa SHA1 a13f73f5f767e6fa3633d31ab72891e318b116e5 SHA256 4a100a4b2f9ca77d509411dc719d2e3a24606dd1d20a18e2ebf705a1a65398c5 -AUX eblits/src_compile.eblit 5322 RMD160 b72938a98648c744b7195f3ed62b8d9b76f33ae2 SHA1 81888c8385bd577541a8b4434efca39b57aad5ad SHA256 5a873118d72f7a851c4e87a04585adeb06a356176179a685579e740e4210639d -AUX eblits/src_install-2.6.eblit 7946 RMD160 6cc258a316b78212777ab328a3c0cb73de1616d4 SHA1 94895689b56fd712156e8ac84a2a639d8475da03 SHA256 54081c34217c230d0ff43c5df378897a37576e727fe41ee4d681767110667f3e -AUX eblits/src_install.eblit 7893 RMD160 789a4518bbb0be8a028f331e2673e423d2717a93 SHA1 7288c1bcc7f05e8aa0d4f90d4c63be128a2d225d SHA256 d5f0cb0345c33f66a90d73e7e0264867d9bcf4a137190d6ae4008d63a3b7bd56 -AUX eblits/src_test.eblit 1162 RMD160 349db09c5f2c2e412a108b8c5371adf946e1a3f0 SHA1 357ef650e1dce62d5d688133426bc62b9085009d SHA256 bac1db2da478f6e6709275c36cc1f9a98fac7fcc2e80bd8831f2077207754962 -AUX eblits/src_unpack.eblit 5134 RMD160 fba35312f25e908fa225a7803d0b194e83579d6a SHA1 e6abd0516994a86ca6836872f5acc39c4d2a866d SHA256 1edd30423009f220d98ae39e2d708fd053edfff302bfd9012b8cc4e6d81eca45 -AUX fix-sysctl_h.patch 376 RMD160 b5dd68158224b09ddc42986be02351c74f81e0a0 SHA1 5601fbea6961368bcc192aef78e96ee2c5310713 SHA256 3a589f63fd1f3f6c5a00c66a10943d3d64630aefb1eb5b37e7f2a856fcea234a -AUX glibc-2.2.2-test-lfs-timeout.patch 320 RMD160 c8baab8326b4aebf642dd5ab512fbebf2371e9d9 SHA1 df2a868fba86adba184ae9750e9dee3b2ec300a5 SHA256 28e7ebc92ed93a12daf5357f07537be3daed5f4717a075c77a3ad248ec99dcf0 -AUX glibc-sec-hotfix-20040804.patch 4319 RMD160 6f7f58794273ed0736653a09e823e8ac3031ed29 SHA1 1d86c62d5c52b59881eab006b36e3a9891607887 SHA256 9d950b2f45cfbdae6df590137e4aae938380673449fe4507536557fb4c797393 -AUX glibc-sec-hotfix-20040916.patch 3080 RMD160 3419ab628d16045042f5df9e487386e03c8d979d SHA1 b69cfa5115746f2d38fa301a55d68efe88f7bcff SHA256 9f48a55f4207bdf4a9496680f09661a06d4a4bd11dad11cb0986949c0d3cc35d -AUX locales.build 699 RMD160 2a186105be5b00ec48aedef734e9dba5aee19895 SHA1 02ce7b63d60da7bb4b936969721f78486ffe9788 SHA256 094a5e02148d522be5a5ec2b95fb7305d5503f6d13d1ffa9088e9dad21af1c8a -AUX nscd 1621 RMD160 f6d20c4c3814f70d7741f3fa2e0b53ba32c37960 SHA1 5751fe798024c2021b7b3ed3e798618e2a38244a SHA256 6165db3a2fcb251d4f3655c0461e018ce9c92a37f7f22a8fd2b75178b5435bc8 -AUX nscd.conf 1158 RMD160 50651e89a0cb206b1d37dae8840527694fe561b5 SHA1 5f5166aa6e0bffa57c52c39d3ec51ad3b0efa607 SHA256 378b7953adf5aa0e03bff49b7c654cae67b3efee7c92361b385fe7d3e9fb57c7 -AUX nsswitch.conf 503 RMD160 f375f92f6b41029c93382c39cef896261b140cfc SHA1 42f7f5cc3de75c69bf60d806ac8490106ea63326 SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d -AUX test-__thread.c 53 RMD160 dcc9960f3bf26c935f41dc5c408613963885ad58 SHA1 dcb60595b2730a8a05eb045563f13cd615830acf SHA256 28a7836b810cf21f6071126d6b19dbdbf567f2544f9283700d125ad653d7519e -AUX test-sysctl_h.c 54 RMD160 b7c2e5956e0a232193610701ccc57a8d56615a36 SHA1 d727fbe809fbec9157661fbdb6c8077a68d95044 SHA256 19337cae62f1ebc23ca8d8de8a98e7f03c9dd77a671100995d6e7c8a3833e759 -DIST glibc-2.10.1-patches-1.tar.bz2 81661 RMD160 59ad31a06f2f8b14705754873e4cf9348022684f SHA1 7fcdab040607f92bff49c64ec2902ce469f8282c SHA256 593ee293e62fd1718a96da0c44b3454209b1372fb45679a7ec0ea3b01764737a -DIST glibc-2.10.1.tar.bz2 16106243 RMD160 ca102519ab32714e788a0db5dd43c2f9962c86e9 SHA1 cb478cf9d6e2c905a1a4f4a2cae44a320b8dc50b SHA256 cbad3e637eab613184405a87a2bf08a41991a0e512a3ced60d120effc73de667 -DIST glibc-2.8-20080602.tar.bz2 16235726 RMD160 8781f2b1dbd22c6579208a689be38a444b5242c7 SHA1 68c2bfcf5f385449c3cb7efbf1f0d425d14cdaad SHA256 142eaba19eb85121206ee034fd828ca5dcd1bf2bfa940fef92c37457c06a6d48 -DIST glibc-2.8-patches-6.tar.bz2 103171 RMD160 c6a9710e53fa6b3698aea1a5f0a497155cf2a1c5 SHA1 39fe516a150621fc34418e23ac1c38cb1f7c1406 SHA256 dc335095de83ff4ff405c9aaf5b3ee3d82148888c73b31081ae1c706510973c2 -DIST glibc-2.8-ports-20080602.tar.bz2 469234 RMD160 57ae79a79c6f82f5ff217e9052f4569c136dca7d SHA1 c3a45ea27c9eb1bf99f1caafe085b50951089384 SHA256 1f3665e80b5832f7d281c109bc2f5412521cc9ccc3bd7b499fd493ff5eb9aa9b -DIST glibc-2.9-20081201.tar.bz2 16430489 RMD160 1e1feb4ee9c0892a0544c05adb6dd249544621cf SHA1 5756ca3b543a370c4ec9ffc8038b72bf0aa61c71 SHA256 6f8e515775e20ed48610860d10315adda418a3649b3465f36ee5cd467364a8f6 -DIST glibc-2.9-patches-5.tar.bz2 101693 RMD160 8cd377be020bf95a30862d77c215c16dc544602f SHA1 103839660f4e55871bf68835f8fec83d9afecdec SHA256 6f61c3e212c82eb118780573ac80d61835ff3a98fbea68b6f03a52009cce7d35 -DIST glibc-2.9-ports-20081201.tar.bz2 487663 RMD160 80eb0035ed2e021e79755d4151ccd6d73cd78d8d SHA1 90a6ecbce37aabe6093c4dd0c8817cbf86321627 SHA256 19bb6e89855171d7ae01aef92054dfe4524521fbc13c67bfaa3ee81944210744 -DIST glibc-libidn-2.10.1.tar.bz2 102248 RMD160 0fbb3ecc09f59f0b9e90e0669bd9cd6075164173 SHA1 50c1ac0d9ddff6eb83f75aa1c4cb84ba6fffa0cd SHA256 0fa72d1dd06a30642d3bb20a659f4ed0f4af54a205d7102896b68169b38676dc -EBUILD glibc-2.10.1.ebuild 7928 RMD160 5e45abd4183d185a369a56d9c1a5c76d0a5908f4 SHA1 044bf8258a601a8e7403df0299af6230e43cf694 SHA256 8d507c45e9214723f8a1427f6c7c15e19c6201842a6a833ecfdec97b28660be1 -EBUILD glibc-2.8_p20080602-r3.ebuild 13728 RMD160 d30e8a99f4457056fae2a1b9ef239f0466b45367 SHA1 a314d2b0c3c1c3bc308f25c4faa1d16bd8ca274c SHA256 f46a10aa3391d5bdd1e3b6ed1594c38029c82c56b56d8f7d4b86e1bb4c1340f5 -EBUILD glibc-2.9_p20081201-r4.ebuild 8025 RMD160 f5a744004f6788404f01c2a66f6e813aa6789769 SHA1 a7231407a92cc2cfa18c4d0e8334cf7f7b9114fa SHA256 dc009ffdf4d9ef96f692feffe1d582f19f0e77b063ccd2e07c36176bcdcb525d diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch deleted file mode 100644 index e75ccc78..00000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch +++ /dev/null @@ -1,30 +0,0 @@ -Prevent default-fPIE from confusing configure into thinking -PIC code is default. This causes glibc to build both PIC and -non-PIC code as normal, which on the hardened compiler generates -PIC and PIE. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> -Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu> - ---- configure.in -+++ configure.in -@@ -2145,7 +2145,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then - libc_cv_pic_default=no - fi - rm -f conftest.*]) ---- configure -+++ configure -@@ -7698,7 +7698,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then - libc_cv_pic_default=no - fi - rm -f conftest.* diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch deleted file mode 100644 index cb6d8e3c..00000000 --- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,274 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> -Fixed for 2.10 by Magnus Granberg <zorry@ume.nu> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - #include <errno.h> - #include <stdint.h> - #include <unistd.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch deleted file mode 100644 index 253a61bb..00000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-configure-picdefault.patch +++ /dev/null @@ -1,29 +0,0 @@ -Prevent default-fPIE from confusing configure into thinking -PIC code is default. This causes glibc to build both PIC and -non-PIC code as normal, which on the hardened compiler generates -PIC and PIE. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- configure.in -+++ configure.in -@@ -2145,7 +2145,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then - pic_default=no - fi - rm -f conftest.*]) ---- configure -+++ configure -@@ -7698,7 +7698,7 @@ - # error PIC is default. - #endif - EOF --if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then -+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then - pic_default=no - fi - rm -f conftest.* diff --git a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch b/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch deleted file mode 100644 index 46f3de4f..00000000 --- a/sys-libs/glibc/files/2.5/glibc-2.5-hardened-pie.patch +++ /dev/null @@ -1,39 +0,0 @@ -Change link commands for glibc executables to build PIEs - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- Makeconfig -+++ Makeconfig -@@ -415,10 +415,10 @@ - - # Command for linking programs with the C library. - ifndef +link --+link = $(CC) -nostdlib -nostartfiles -o $@ \ -++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \ - $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ - $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ -- $(addprefix $(csu-objpfx),$(start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -429,7 +429,7 @@ - ifndef +link-static - +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \ - $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \ -+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \ - $(+preinit) $(+prector) \ - $(filter-out $(addprefix $(csu-objpfx),start.o \ - $(start-installed-name))\ -@@ -528,8 +528,8 @@ - ifeq ($(elf),yes) - +preinit = $(addprefix $(csu-objpfx),crti.o) - +postinit = $(addprefix $(csu-objpfx),crtn.o) --+prector = `$(CC) --print-file-name=crtbegin.o` --+postctor = `$(CC) --print-file-name=crtend.o` -++prector = `$(CC) --print-file-name=crtbeginS.o` -++postctor = `$(CC) --print-file-name=crtendS.o` - +interp = $(addprefix $(elf-objpfx),interp.os) - endif - csu-objpfx = $(common-objpfx)csu/ diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-chk_fail.c b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-chk_fail.c deleted file mode 100644 index 37711e8a..00000000 --- a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-chk_fail.c +++ /dev/null @@ -1,315 +0,0 @@ -/* Copyright (C) 2004, 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006-2008 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP and FORTIFY handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - <kevquinn[@]gentoo.org> - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP and FORTIFY handler, from which this implementation draws much: - * - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory[@]visi.name> - * Mike Frysinger <vapier[@]gentoo.org> - * Magnus Granberg <zorry[@]ume.nu> - */ - -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <unistd.h> -#include <signal.h> - -#include <sys/types.h> - -#include <sysdep-cancel.h> -#include <sys/syscall.h> -#include <bp-checks.h> - -#include <kernel-features.h> - -#include <alloca.h> -/* from sysdeps */ -#include <socketcall.h> -/* for the stuff in bits/socket.h */ -#include <sys/socket.h> -#include <sys/un.h> - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# define ENABLE_SSP_SMASH_DUMPS_CORE 1 -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigaction && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG -# define _SSP_NSIG _KERNEL_NSIG -# else -# define _SSP_NSIG _NSIG -# endif -#else -# define _SSP_NSIG 0 -# define ENABLE_SSP_SMASH_DUMPS_CORE 0 -#endif - -/* Define DO_SIGACTION - default to newer rt signal interface but - * fallback to old as needed. - */ -#ifdef __NR_rt_sigaction -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) -#else -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(sigaction, 3, signum, act, oldact) -#endif - -/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ -#if defined(__NR_socket) && defined(__NR_connect) -# define USE_OLD_SOCKETCALL 0 -#else -# define USE_OLD_SOCKETCALL 1 -#endif - -/* stub out the __NR_'s so we can let gcc optimize away dead code */ -#ifndef __NR_socketcall -# define __NR_socketcall 0 -#endif -#ifndef __NR_socket -# define __NR_socket 0 -#endif -#ifndef __NR_connect -# define __NR_connect 0 -#endif -#define DO_SOCKET(result, domain, type, protocol) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ - } else \ - result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ - } while (0) -#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ - } else \ - result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ - } while (0) - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[] = _PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = "<rtld>"; -#else -extern char *__progname; -#endif - -/* Common handler code, used by chk_fail - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -__attribute__ ((__noreturn__ , __always_inline__)) -static inline void -__hardened_gentoo_chk_fail(char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[] = ": buffer overflow attack"; - static const char msg_inf[] = " in function "; - static const char msg_ssd[] = "*** buffer overflow detected ***: "; - static const char msg_terminated[] = " - terminated\n"; - static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[] = "<unknown>"; - static int log_socket, connect_result; - static struct sockaddr_un sock; - static unsigned long int socketargs[4]; - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i = 0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { - sock.sun_path[i] = path_log[i]; - i++; - } - sock.sun_path[i] = '\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result = -1; - DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - if (connect_result == -1) { - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen = 0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen = 0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func != NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - - /* Suicide */ - pid = INLINE_SYSCALL(getpid, 0); - - if (ENABLE_SSP_SMASH_DUMPS_CORE) { - static struct sigaction default_abort_act; - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) - INLINE_SYSCALL(kill, 2, pid, SIGABRT); - } - - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill, 2, pid, SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) - INLINE_SYSCALL(exit, 0); -} - -__attribute__ ((__noreturn__)) -void __chk_fail(void) -{ - __hardened_gentoo_chk_fail(NULL, 0); -} - diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c deleted file mode 100644 index 217bf1a9..00000000 --- a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c +++ /dev/null @@ -1,321 +0,0 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ - -/* Copyright (C) 2006-2007 Gentoo Foundation Inc. - * License terms as above. - * - * Hardened Gentoo SSP handler - * - * An SSP failure handler that does not use functions from the rest of - * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures - * no possibility of recursion into the handler. - * - * Direct all bug reports to http://bugs.gentoo.org/ - * - * Re-written from the glibc-2.3 Hardened Gentoo SSP handler - * by Kevin F. Quinn - <kevquinn[@]gentoo.org> - * - * The following people contributed to the glibc-2.3 Hardened - * Gentoo SSP handler, from which this implementation draws much: - * - * Ned Ludd - <solar[@]gentoo.org> - * Alexander Gabert - <pappy[@]gentoo.org> - * The PaX Team - <pageexec[@]freemail.hu> - * Peter S. Mazinger - <ps.m[@]gmx.net> - * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> - * Robert Connolly - <robert[@]linuxfromscratch.org> - * Cory Visi <cory[@]visi.name> - * Mike Frysinger <vapier[@]gentoo.org> - */ - -#include <errno.h> -#include <stdlib.h> -#include <unistd.h> -#include <signal.h> - -#include <sys/types.h> - -#include <sysdep-cancel.h> -#include <sys/syscall.h> -#include <bp-checks.h> - -#include <kernel-features.h> - -#include <alloca.h> -/* from sysdeps */ -#include <socketcall.h> -/* for the stuff in bits/socket.h */ -#include <sys/socket.h> -#include <sys/un.h> - - -/* Sanity check on SYSCALL macro names - force compilation - * failure if the names used here do not exist - */ -#if !defined __NR_socketcall && !defined __NR_socket -# error Cannot do syscall socket or socketcall -#endif -#if !defined __NR_socketcall && !defined __NR_connect -# error Cannot do syscall connect or socketcall -#endif -#ifndef __NR_write -# error Cannot do syscall write -#endif -#ifndef __NR_close -# error Cannot do syscall close -#endif -#ifndef __NR_getpid -# error Cannot do syscall getpid -#endif -#ifndef __NR_kill -# error Cannot do syscall kill -#endif -#ifndef __NR_exit -# error Cannot do syscall exit -#endif -#ifdef SSP_SMASH_DUMPS_CORE -# define ENABLE_SSP_SMASH_DUMPS_CORE 1 -# if !defined _KERNEL_NSIG && !defined _NSIG -# error No _NSIG or _KERNEL_NSIG for rt_sigaction -# endif -# if !defined __NR_sigaction && !defined __NR_rt_sigaction -# error Cannot do syscall sigaction or rt_sigaction -# endif -/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size - * of the _kernel_ sigset_t which is not the same as the user sigset_t. - * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for - * some reason. - */ -# ifdef _KERNEL_NSIG -# define _SSP_NSIG _KERNEL_NSIG -# else -# define _SSP_NSIG _NSIG -# endif -#else -# define _SSP_NSIG 0 -# define ENABLE_SSP_SMASH_DUMPS_CORE 0 -#endif - -/* Define DO_SIGACTION - default to newer rt signal interface but - * fallback to old as needed. - */ -#ifdef __NR_rt_sigaction -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8) -#else -# define DO_SIGACTION(signum, act, oldact) \ - INLINE_SYSCALL(sigaction, 3, signum, act, oldact) -#endif - -/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */ -#if defined(__NR_socket) && defined(__NR_connect) -# define USE_OLD_SOCKETCALL 0 -#else -# define USE_OLD_SOCKETCALL 1 -#endif -/* stub out the __NR_'s so we can let gcc optimize away dead code */ -#ifndef __NR_socketcall -# define __NR_socketcall 0 -#endif -#ifndef __NR_socket -# define __NR_socket 0 -#endif -#ifndef __NR_connect -# define __NR_connect 0 -#endif -#define DO_SOCKET(result, domain, type, protocol) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = domain; \ - socketargs[1] = type; \ - socketargs[2] = protocol; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \ - } else \ - result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \ - } while (0) -#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \ - do { \ - if (USE_OLD_SOCKETCALL) { \ - socketargs[0] = sockfd; \ - socketargs[1] = (unsigned long int)serv_addr; \ - socketargs[2] = addrlen; \ - socketargs[3] = 0; \ - result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \ - } else \ - result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \ - } while (0) - -#ifndef _PATH_LOG -# define _PATH_LOG "/dev/log" -#endif - -static const char path_log[] = _PATH_LOG; - -/* For building glibc with SSP switched on, define __progname to a - * constant if building for the run-time loader, to avoid pulling - * in more of libc.so into ld.so - */ -#ifdef IS_IN_rtld -static char *__progname = "<rtld>"; -#else -extern char *__progname; -#endif - - -/* Common handler code, used by stack_chk_fail and __stack_smash_handler - * Inlined to ensure no self-references to the handler within itself. - * Data static to avoid putting more than necessary on the stack, - * to aid core debugging. - */ -__attribute__ ((__noreturn__ , __always_inline__)) -static inline void -__hardened_gentoo_stack_chk_fail(char func[], int damaged) -{ -#define MESSAGE_BUFSIZ 256 - static pid_t pid; - static int plen, i; - static char message[MESSAGE_BUFSIZ]; - static const char msg_ssa[] = ": stack smashing attack"; - static const char msg_inf[] = " in function "; - static const char msg_ssd[] = "*** stack smashing detected ***: "; - static const char msg_terminated[] = " - terminated\n"; - static const char msg_report[] = "Report to http://bugs.gentoo.org/\n"; - static const char msg_unknown[] = "<unknown>"; - static int log_socket, connect_result; - static struct sockaddr_un sock; - static unsigned long int socketargs[4]; - - /* Build socket address - */ - sock.sun_family = AF_UNIX; - i = 0; - while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { - sock.sun_path[i] = path_log[i]; - i++; - } - sock.sun_path[i] = '\0'; - - /* Try SOCK_DGRAM connection to syslog */ - connect_result = -1; - DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - if (connect_result == -1) { - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - /* Try SOCK_STREAM connection to syslog */ - DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0); - if (log_socket != -1) - DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock)); - } - - /* Build message. Messages are generated both in the old style and new style, - * so that log watchers that are configured for the old-style message continue - * to work. - */ -#define strconcat(str) \ - {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \ - {\ - message[plen+i]=str[i];\ - i++;\ - }\ - plen+=i;} - - /* R.Henderson post-gcc-4 style message */ - plen = 0; - strconcat(msg_ssd); - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Dr. Etoh pre-gcc-4 style message */ - plen = 0; - if (__progname != (char *)0) - strconcat(__progname) - else - strconcat(msg_unknown); - strconcat(msg_ssa); - strconcat(msg_inf); - if (func != NULL) - strconcat(func) - else - strconcat(msg_unknown); - strconcat(msg_terminated); - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - /* Direct reports to bugs.gentoo.org */ - plen=0; - strconcat(msg_report); - message[plen++]='\0'; - - /* Write out error message to STDERR, to syslog if open */ - INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen); - if (connect_result != -1) - INLINE_SYSCALL(write, 3, log_socket, message, plen); - - if (log_socket != -1) - INLINE_SYSCALL(close, 1, log_socket); - - /* Suicide */ - pid = INLINE_SYSCALL(getpid, 0); - - if (ENABLE_SSP_SMASH_DUMPS_CORE) { - static struct sigaction default_abort_act; - /* Remove any user-supplied handler for SIGABRT, before using it */ - default_abort_act.sa_handler = SIG_DFL; - default_abort_act.sa_sigaction = NULL; - __sigfillset(&default_abort_act.sa_mask); - default_abort_act.sa_flags = 0; - if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0) - INLINE_SYSCALL(kill, 2, pid, SIGABRT); - } - - /* Note; actions cannot be added to SIGKILL */ - INLINE_SYSCALL(kill, 2, pid, SIGKILL); - - /* In case the kill didn't work, exit anyway - * The loop prevents gcc thinking this routine returns - */ - while (1) - INLINE_SYSCALL(exit, 0); -} - -__attribute__ ((__noreturn__)) -void __stack_chk_fail(void) -{ - __hardened_gentoo_stack_chk_fail(NULL, 0); -} - -#ifdef ENABLE_OLD_SSP_COMPAT -__attribute__ ((__noreturn__)) -void __stack_smash_handler(char func[], int damaged) -{ - __hardened_gentoo_stack_chk_fail(func, damaged); -} -#endif diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch deleted file mode 100644 index be8ca196..00000000 --- a/sys-libs/glibc/files/2.6/glibc-2.6-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - #endif - - # ifndef SHARED ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include <unistd.h> - #include <errno.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch deleted file mode 100644 index ecf57a91..00000000 --- a/sys-libs/glibc/files/2.7/glibc-2.7-hardened-inittls-nosysenter.patch +++ /dev/null @@ -1,273 +0,0 @@ -When building glibc PIE (which is not something upstream support), -several modifications are necessary to the glibc build process. - -First, any syscalls in PIEs must be of the PIC variant, otherwise -textrels ensue. Then, any syscalls made before the initialisation -of the TLS will fail on i386, as the sysenter variant on i386 uses -the TLS, giving rise to a chicken-and-egg situation. This patch -defines a PIC syscall variant that doesn't use sysenter, even when the sysenter -version is normally used, and uses the non-sysenter version for the brk -syscall that is performed by the TLS initialisation. Further, the TLS -initialisation is moved in this case prior to the initialisation of -dl_osversion, as that requires further syscalls. - -csu/libc-start.c: Move initial TLS initialization to before the -initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined - -csu/libc-tls.c: Use the no-sysenter version of sbrk when -INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter -version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined. - -misc/brk.c: Define a no-sysenter version of brk if -INTERNAL_SYSCALL_NOSYSENTER is defined. - -sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER -Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED. - -Patch by Kevin F. Quinn <kevquinn@gentoo.org> - ---- csu/libc-start.c -+++ csu/libc-start.c -@@ -28,6 +28,7 @@ - extern int __libc_multiple_libcs; - - #include <tls.h> -+#include <sysdep.h> - #ifndef SHARED - # include <dl-osinfo.h> - extern void __pthread_initialize_minimal (void); -@@ -129,6 +130,11 @@ - # endif - _dl_aux_init (auxvec); - # endif -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ /* Do the initial TLS initialization before _dl_osversion, -+ since the latter uses the uname syscall. */ -+ __pthread_initialize_minimal (); -+# endif - # ifdef DL_SYSDEP_OSCHECK - if (!__libc_multiple_libcs) - { -@@ -138,10 +144,12 @@ - } - # endif - -+# ifndef INTERNAL_SYSCALL_NOSYSENTER - /* Initialize the thread library at least a bit since the libgcc - functions are using thread functions if these are available and - we need to setup errno. */ - __pthread_initialize_minimal (); -+# endif - - /* Set up the stack checker's canary. */ - uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); ---- csu/libc-tls.c -+++ csu/libc-tls.c -@@ -23,6 +23,7 @@ - #include <unistd.h> - #include <stdio.h> - #include <sys/param.h> -+#include <sysdep.h> - - - #ifdef SHARED -@@ -29,6 +30,9 @@ - #error makefile bug, this file is for static only - #endif - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+extern void *__sbrk_nosysenter (intptr_t __delta); -+#endif - extern ElfW(Phdr) *_dl_phdr; - extern size_t _dl_phnum; - -@@ -141,14 +145,26 @@ - - The initialized value of _dl_tls_static_size is provided by dl-open.c - to request some surplus that permits dynamic loading of modules with -- IE-model TLS. */ -+ IE-model TLS. -+ -+ Where the normal sbrk would use a syscall that needs the TLS (i386) -+ use the special non-sysenter version instead. */ - #if TLS_TCB_AT_TP - tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align); -+# else - tlsblock = __sbrk (tcb_offset + tcbsize + max_align); -+# endif - #elif TLS_DTV_AT_TP - tcb_offset = roundup (tcbsize, align ?: 1); -+# ifdef INTERNAL_SYSCALL_NOSYSENTER -+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align -+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# else - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size)); -+# endif - tlsblock += TLS_PRE_TCB_SIZE; - #else - /* In case a model with a different layout for the TCB and DTV ---- misc/sbrk.c -+++ misc/sbrk.c -@@ -18,6 +18,7 @@ - - #include <unistd.h> - #include <errno.h> -+#include <sysdep.h> - - /* Defined in brk.c. */ - extern void *__curbrk; -@@ -29,6 +30,35 @@ - /* Extend the process's data space by INCREMENT. - If INCREMENT is negative, shrink data space by - INCREMENT. - Return start of new space allocated, or -1 for errors. */ -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ if the SYSENTER version requires the TLS (which it does on i386). -+ Obviously using the TLS before it is initialised is broken. */ -+extern int __brk_nosysenter (void *addr); -+void * -+__sbrk_nosysenter (intptr_t increment) -+{ -+ void *oldbrk; -+ -+ /* If this is not part of the dynamic library or the library is used -+ via dynamic loading in a statically linked program update -+ __curbrk from the kernel's brk value. That way two separate -+ instances of __brk and __sbrk can share the heap, returning -+ interleaved pieces of it. */ -+ if (__curbrk == NULL || __libc_multiple_libcs) -+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */ -+ return (void *) -1; -+ -+ if (increment == 0) -+ return __curbrk; -+ -+ oldbrk = __curbrk; -+ if (__brk_nosysenter (oldbrk + increment) < 0) -+ return (void *) -1; -+ -+ return oldbrk; -+} -+#endif - void * - __sbrk (intptr_t increment) - { ---- sysdeps/unix/sysv/linux/i386/brk.c -+++ sysdeps/unix/sysv/linux/i386/brk.c -@@ -31,6 +31,30 @@ - linker. */ - weak_alias (__curbrk, ___brk_addr) - -+#ifdef INTERNAL_SYSCALL_NOSYSENTER -+/* This version is used by csu/libc-tls.c whem initialising the TLS -+ * if the SYSENTER version requires the TLS (which it does on i386). -+ * Obviously using the TLS before it is initialised is broken. */ -+int -+__brk_nosysenter (void *addr) -+{ -+ void *__unbounded newbrk; -+ -+ INTERNAL_SYSCALL_DECL (err); -+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, -+ __ptrvalue (addr)); -+ -+ __curbrk = newbrk; -+ -+ if (newbrk < addr) -+ { -+ __set_errno (ENOMEM); -+ return -1; -+ } -+ -+ return 0; -+} -+#endif - int - __brk (void *addr) - { ---- sysdeps/unix/sysv/linux/i386/sysdep.h -+++ sysdeps/unix/sysv/linux/i386/sysdep.h -@@ -187,7 +187,7 @@ - /* The original calling convention for system calls on Linux/i386 is - to use int $0x80. */ - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET - # else - # define ENTER_KERNEL call *_dl_sysinfo -@@ -358,7 +358,7 @@ - possible to use more than four parameters. */ - #undef INTERNAL_SYSCALL - #ifdef I386_USE_SYSENTER --# ifdef SHARED -+# if defined SHARED || defined __PIC__ - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ - register unsigned int resultvar; \ -@@ -384,6 +384,18 @@ - : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \ - ASMFMT_##nr(args) : "memory", "cc"); \ - (int) resultvar; }) -+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \ -+ ({ \ -+ register unsigned int resultvar; \ -+ EXTRAVAR_##nr \ -+ asm volatile ( \ -+ LOADARGS_NOSYSENTER_##nr \ -+ "movl %1, %%eax\n\t" \ -+ "int $0x80\n\t" \ -+ RESTOREARGS_NOSYSENTER_##nr \ -+ : "=a" (resultvar) \ -+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \ -+ (int) resultvar; }) - # else - # define INTERNAL_SYSCALL(name, err, nr, args...) \ - ({ \ -@@ -447,12 +459,20 @@ - - #define LOADARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define LOADARGS_1 \ - "bpushl .L__X'%k3, %k3\n\t" - # define LOADARGS_5 \ - "movl %%ebx, %4\n\t" \ - "movl %3, %%ebx\n\t" -+# define LOADARGS_NOSYSENTER_1 \ -+ "bpushl .L__X'%k2, %k2\n\t" -+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1 -+# define LOADARGS_NOSYSENTER_3 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_4 LOADARGS_3 -+# define LOADARGS_NOSYSENTER_5 \ -+ "movl %%ebx, %3\n\t" \ -+ "movl %2, %%ebx\n\t" - # else - # define LOADARGS_1 \ - "bpushl .L__X'%k2, %k2\n\t" -@@ -474,11 +495,18 @@ - - #define RESTOREARGS_0 - #ifdef __PIC__ --# if defined I386_USE_SYSENTER && defined SHARED -+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ ) - # define RESTOREARGS_1 \ - "bpopl .L__X'%k3, %k3\n\t" - # define RESTOREARGS_5 \ - "movl %4, %%ebx" -+# define RESTOREARGS_NOSYSENTER_1 \ -+ "bpopl .L__X'%k2, %k2\n\t" -+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1 -+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3 -+# define RESTOREARGS_NOSYSENTER_5 \ -+ "movl %3, %%ebx" - # else - # define RESTOREARGS_1 \ - "bpopl .L__X'%k2, %k2\n\t" diff --git a/sys-libs/glibc/files/eblits/common.eblit b/sys-libs/glibc/files/eblits/common.eblit deleted file mode 100644 index 6160c0fe..00000000 --- a/sys-libs/glibc/files/eblits/common.eblit +++ /dev/null @@ -1,288 +0,0 @@ -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/common.eblit,v 1.9 2009/01/28 18:11:41 vapier Exp $ - -# We need to be able to set alternative headers for -# compiling for non-native platform -# Will also become useful for testing kernel-headers without screwing up -# the whole system. -# note: intentionally undocumented. -alt_headers() { - if [[ -z ${ALT_HEADERS} ]] ; then - if is_crosscompile ; then - ALT_HEADERS="/usr/${CTARGET}/usr/include" - else - ALT_HEADERS="/usr/include" - fi - fi - echo "${ALT_HEADERS}" -} -alt_build_headers() { - if [[ -z ${ALT_BUILD_HEADERS} ]] ; then - ALT_BUILD_HEADERS=$(alt_headers) - if tc-is-cross-compiler ; then - ALT_BUILD_HEADERS=${ROOT}$(alt_headers) - if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then - local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h') - ALT_BUILD_HEADERS=${header_path%/linux/version.h} - fi - fi - fi - echo "${ALT_BUILD_HEADERS}" -} - -alt_usrlibdir() { - if is_crosscompile ; then - echo /usr/${CTARGET}/usr/$(get_libdir) - else - echo /usr/$(get_libdir) - fi -} - -setup_flags() { - # Make sure host make.conf doesn't pollute us - if is_crosscompile || tc-is-cross-compiler ; then - CHOST=${CTARGET} strip-unsupported-flags - fi - - # Store our CFLAGS because it's changed depending on which CTARGET - # we are building when pulling glibc on a multilib profile - CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}} - CFLAGS=${CFLAGS_BASE} - CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}} - CXXFLAGS=${CXXFLAGS_BASE} - ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}} - ASFLAGS=${ASFLAGS_BASE} - - # Over-zealous CFLAGS can often cause problems. What may work for one - # person may not work for another. To avoid a large influx of bugs - # relating to failed builds, we strip most CFLAGS out to ensure as few - # problems as possible. - strip-flags - strip-unsupported-flags - filter-flags -m32 -m64 -mabi=* - - unset CBUILD_OPT CTARGET_OPT - if has_multilib_profile ; then - CTARGET_OPT=$(get_abi_CTARGET) - [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST) - fi - - case $(tc-arch) in - x86) - # -march needed for #185404 - local t=${CTARGET_OPT:-${CTARGET}} - t=${t%%-*} - if ! echo "" | $(tc-getCC) ${CFLAGS} -E -dD - | grep -qs __${t}__ ; then - filter-flags '-march=*' - export CFLAGS="-march=${t} ${CFLAGS}" - fi - ;; - amd64) - # Punt this when amd64's 2004.3 is removed - CFLAGS_x86="-m32" - - # -march needed for #185404 - local t=${CTARGET_OPT:-${CTARGET}} - t=${t%%-*} - if ! echo "" | $(tc-getCC) ${CFLAGS} ${CFLAGS_x86} -m32 -E -dD - | grep -qs __${t}__ ; then - filter-flags '-march=*' - export CFLAGS_x86="${CFLAGS_x86} -march=${t}" - fi - ;; - ppc) - append-flags "-freorder-blocks" - ;; - sparc) - # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though. - filter-flags "-fcall-used-g7" - append-flags "-fcall-used-g6" - filter-flags "-mvis" - - GLIBCMAJOR=$(get_version_component_range 1 ${PV}) - GLIBCMINOR=$(get_version_component_range 2 ${PV}) - - # set CTARGET_OPT so glibc can use cpu-specific .S files for better performance - # - UltraSPARC T1 (niagara) support requires >= glibc 2.8 - # - UltraSPARC T2 (niagara2) support requires >= glibc 2.7 - - if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then - case ${ABI} in - sparc64) - filter-flags -Wa,-xarch -Wa,-A - - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparc64v2-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparc64v-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparc64b-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9b" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b" - else - CTARGET_OPT="sparc64-unknown-linux-gnu" - append-flags "-Wa,-xarch=v9a" - export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a" - fi - ;; - *) - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparcv9v2-unknown-linux-gnu" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparcv9v-unknown-linux-gnu" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparcv9b-unknown-linux-gnu" - else - CTARGET_OPT="sparcv9-unknown-linux-gnu" - fi - ;; - esac - else - if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then - CTARGET_OPT="sparcv9v2-unknown-linux-gnu" - elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then - CTARGET_OPT="sparcv9v-unknown-linux-gnu" - elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then - CTARGET_OPT="sparcv9b-unknown-linux-gnu" - elif { is_crosscompile && want_nptl; } || is-flagq "-mcpu=ultrasparc2" || is-flagq "-mcpu=ultrasparc"; then - CTARGET_OPT="sparcv9-unknown-linux-gnu" - fi - fi - ;; - esac - - if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then - CBUILD_OPT=${CTARGET_OPT} - fi - - # Lock glibc at -O2 -- linuxthreads needs it and we want to be - # conservative here. -fno-strict-aliasing is to work around #155906 - filter-flags -O? - append-flags -O2 -fno-strict-aliasing - - # Cant build glibc itself with fortify code - append-cppflags -U_FORTIFY_SOURCE - - # building glibc with SSP is fraught with difficulty, especially - # due to __stack_chk_fail_local which would mean significant changes - # to the glibc build process. See bug #94325 - filter-flags -fstack-protector - - if use hardened && gcc-specs-pie ; then - # Force PIC macro definition for all compilations since they're all - # either -fPIC or -fPIE with the default-PIE compiler. - append-cppflags -DPIC - else - # Don't build -fPIE without the default-PIE compiler and the - # hardened-pie patch - filter-flags -fPIE - fi -} - -want_nptl() { - [[ -z ${LT_VER} ]] && return 0 - want_tls || return 1 - use nptl || return 1 - - # Only list the arches that cannot do NPTL - case $(tc-arch) in - m68k) return 1;; - sparc) - # >= v9 is needed for nptl. - [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 - ;; - esac - - return 0 -} - -want_linuxthreads() { - [[ -z ${LT_VER} ]] && return 1 - ! use nptlonly && return 0 - want_nptl || return 0 - return 1 -} - -want_tls() { - # Archs that can use TLS (Thread Local Storage) - case $(tc-arch) in - sparc) - # 2.3.6 should have tls support on sparc64 - # when using newer binutils - case ${CTARGET/-*} in - sparc64*) return 1 ;; - *) return 0 ;; - esac - ;; - x86) - # requires i486 or better #106556 - [[ ${CTARGET} == i[4567]86* ]] && return 0 - return 1 - ;; - esac - - return 0 -} - -want__thread() { - want_tls || return 1 - - # For some reason --with-tls --with__thread is causing segfaults on sparc32. - [[ ${PROFILE_ARCH} == "sparc" ]] && return 1 - - [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD} - - echo 'extern __thread int i;' > "${T}"/test-__thread.c - $(tc-getCC ${CTARGET}) -c "${T}"/test-__thread.c -o "${T}"/test-__thread.o &> /dev/null - WANT__THREAD=$? - rm -f "${T}"/test-__thread.[co] - - return ${WANT__THREAD} -} - -use_multilib() { - case ${CTARGET} in - sparc*|mips64*|x86_64*|powerpc64*|s390x*) - has_multilib_profile || use multilib ;; - *) false ;; - esac -} - -# Setup toolchain variables that would be defined in the profiles for these archs. -setup_env() { - # silly users - unset LD_RUN_PATH - - if is_crosscompile || tc-is-cross-compiler ; then - multilib_env ${CTARGET} - if ! use multilib ; then - MULTILIB_ABIS=${DEFAULT_ABI} - else - MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}} - fi - - # If the user has CFLAGS_<CTARGET> in their make.conf, use that, - # and fall back on CFLAGS. - local VAR=CFLAGS_${CTARGET//[-.]/_} - CFLAGS=${!VAR-${CFLAGS}} - fi - - setup_flags - - export ABI=${ABI:-${DEFAULT_ABI:-default}} - - if is_crosscompile || tc-is-cross-compiler ; then - local VAR=CFLAGS_${ABI} - # We need to export CFLAGS with abi information in them because - # glibc's configure script checks CFLAGS for some targets (like mips) - export CFLAGS="${!VAR} ${CFLAGS}" - fi -} - -just_headers() { - is_crosscompile && use crosscompile_opts_headers-only -} diff --git a/sys-libs/glibc/files/eblits/pkg_postinst.eblit b/sys-libs/glibc/files/eblits/pkg_postinst.eblit deleted file mode 100644 index 2566eed3..00000000 --- a/sys-libs/glibc/files/eblits/pkg_postinst.eblit +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_postinst.eblit,v 1.1 2009/03/01 21:06:22 vapier Exp $ - -eblit-glibc-pkg_postinst() { - # nothing to do if just installing headers - just_headers && return - - if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then - # Generate fastloading iconv module configuration file. - "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" - fi - - if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then - # Reload init ... if in a chroot or a diff init package, ignore - # errors from this step #253697 - /sbin/telinit U 2>/dev/null - - # if the host locales.gen contains no entries, we'll install everything - local locale_list="${ROOT}etc/locale.gen" - if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then - ewarn "Generating all locales; edit /etc/locale.gen to save time/space" - locale_list="${ROOT}usr/share/i18n/SUPPORTED" - fi - local x jobs - for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done - locale-gen -j ${jobs:-1} --config "${locale_list}" - fi -} diff --git a/sys-libs/glibc/files/eblits/pkg_preinst.eblit b/sys-libs/glibc/files/eblits/pkg_preinst.eblit deleted file mode 100644 index dcc5d9b1..00000000 --- a/sys-libs/glibc/files/eblits/pkg_preinst.eblit +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_preinst.eblit,v 1.1 2009/03/01 21:06:22 vapier Exp $ - -fix_lib64_symlinks() { - # the original Gentoo/AMD64 devs decided that since 64bit is the native - # bitdepth for AMD64, lib should be used for 64bit libraries. however, - # this ignores the FHS and breaks multilib horribly... especially - # since it wont even work without a lib64 symlink anyways. *rolls eyes* - # see bug 59710 for more information. - # Travis Tilley <lv@gentoo.org> (08 Aug 2004) - if [ -L ${ROOT}/lib64 ] ; then - ewarn "removing /lib64 symlink and moving lib to lib64..." - ewarn "dont hit ctrl-c until this is done" - rm ${ROOT}/lib64 - # now that lib64 is gone, nothing will run without calling ld.so - # directly. luckily the window of brokenness is almost non-existant - use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - # all better :) - ldconfig - ln -s lib64 ${ROOT}/lib - einfo "done! :-)" - einfo "fixed broken lib64/lib symlink in ${ROOT}" - fi - if [ -L ${ROOT}/usr/lib64 ] ; then - rm ${ROOT}/usr/lib64 - mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 - ln -s lib64 ${ROOT}/usr/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" - fi - if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then - rm ${ROOT}/usr/X11R6/lib64 - mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 - ln -s lib64 ${ROOT}/usr/X11R6/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" - fi -} - -eblit-glibc-pkg_preinst() { - # nothing to do if just installing headers - just_headers && return - - # PPC64+others may want to eventually be added to this logic if they - # decide to be multilib compatible and FHS compliant. note that this - # chunk of FHS compliance only applies to 64bit archs where 32bit - # compatibility is a major concern (not IA64, for example). - - # amd64's 2005.0 is the first amd64 profile to not need this code. - # 2005.0 is setup properly, and this is executed as part of the - # 2004.3 -> 2005.0 upgrade script. - # It can be removed after 2004.3 has been purged from portage. - { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks - - # it appears that /lib/tls is sometimes not removed. See bug - # 69258 for more info. - if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then - ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." - rm -r "${ROOT}"/$(alt_libdir)/tls || die - fi - - # simple test to make sure our new glibc isnt completely broken. - # make sure we don't test with statically built binaries since - # they will fail. also, skip if this glibc is a cross compiler. - [[ ${ROOT} != "/" ]] && return 0 - [[ -d ${D}/$(get_libdir) ]] || return 0 - cd / #228809 - local x striptest - for x in date env ls true uname ; do - x=$(type -p ${x}) - [[ -z ${x} ]] && continue - striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) - [[ -z ${striptest} ]] && continue - [[ ${striptest} == *"statically linked"* ]] && continue - "${D}"/$(get_libdir)/ld-*.so \ - --library-path "${D}"/$(get_libdir) \ - ${x} > /dev/null \ - || die "simple run test (${x}) failed" - done -} diff --git a/sys-libs/glibc/files/eblits/pkg_setup.eblit b/sys-libs/glibc/files/eblits/pkg_setup.eblit deleted file mode 100644 index 35b47478..00000000 --- a/sys-libs/glibc/files/eblits/pkg_setup.eblit +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_setup.eblit,v 1.3 2009/03/23 18:48:48 vapier Exp $ - -eblit-glibc-pkg_setup() { - # prevent native builds from downgrading ... maybe update to allow people - # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) - if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then - if has_version '>'${CATEGORY}/${PF} ; then - eerror "Sanity check to keep you from breaking your system:" - eerror " Downgrading glibc is not supported and a sure way to destruction" - die "aborting to save your system" - fi - - # Check for broken kernels #262698 - cd "${T}" - printf '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' > kern-clo-test.c - emake kern-clo-test || die - if ! ./kern-clo-test ; then - eerror "Your patched vendor kernel is broken. You need to get an" - eerror "update from whoever is providing the kernel to you." - eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" - die "keeping your system alive, say thank you" - fi - fi - - # users have had a chance to phase themselves, time to give em the boot - if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then - eerror "You still haven't deleted ${ROOT}/etc/locales.build." - eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." - die "lazy upgrader detected" - fi - - if [[ ${CTARGET} == i386-* ]] ; then - eerror "i386 CHOSTs are no longer supported." - eerror "Chances are you don't actually want/need i386." - eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" - die "please fix your CHOST" - fi - - if [[ -n ${LT_VER} ]] ; then - if use nptlonly && ! use nptl ; then - eerror "If you want nptlonly, add nptl to your USE too ;p" - die "nptlonly without nptl" - fi - fi - - if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then - ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." - ewarn "This will result in a 50% performance penalty when running with a 32bit" - ewarn "hypervisor, which is probably not what you want." - fi - - use hardened && ! gcc-specs-pie && \ - ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" -} diff --git a/sys-libs/glibc/files/eblits/src_compile.eblit b/sys-libs/glibc/files/eblits/src_compile.eblit deleted file mode 100644 index b4d0318a..00000000 --- a/sys-libs/glibc/files/eblits/src_compile.eblit +++ /dev/null @@ -1,189 +0,0 @@ -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_compile.eblit,v 1.7 2009/05/02 02:38:25 halcy0n Exp $ - -glibc_do_configure() { - local myconf - - # set addons - pushd "${S}" > /dev/null - local ADDONS=$(echo */configure | sed \ - -e 's:/configure::g' \ - -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \ - -e 's: \+$::' \ - -e 's! !,!g' \ - -e 's!^!,!' \ - -e '/^,\*$/d') - [[ -d ports ]] && ADDONS="${ADDONS},ports" - popd > /dev/null - - use nls || myconf="${myconf} --disable-nls" - myconf="${myconf} $(use_enable hardened stackguard-randomization)" - if [[ $(<"${T}"/.ssp.compat) == "yes" ]] ; then - myconf="${myconf} --enable-old-ssp-compat" - else - myconf="${myconf} --disable-old-ssp-compat" - fi - - use glibc-omitfp && myconf="${myconf} --enable-omitfp" - - [[ ${CTARGET//_/-} == *-softfloat-* ]] && myconf="${myconf} --without-fp" - - if [[ $1 == "linuxthreads" ]] ; then - if want_tls ; then - myconf="${myconf} --with-tls" - - if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then - myconf="${myconf} --without-__thread" - else - myconf="${myconf} --with-__thread" - fi - else - myconf="${myconf} --without-tls --without-__thread" - fi - - myconf="${myconf} --disable-sanity-checks" - myconf="${myconf} --enable-add-ons=linuxthreads${ADDONS}" - myconf="${myconf} --enable-kernel=${LT_KER_VER}" - elif [[ $1 == "nptl" ]] ; then - myconf="${myconf} --enable-add-ons=nptl${ADDONS}" - myconf="${myconf} --enable-kernel=${NPTL_KERN_VER}" - else - die "invalid pthread option" - fi - - # Since SELinux support is only required for nscd, only enable it if: - # 1. USE selinux - # 2. only for the primary ABI on multilib systems - # 3. Not a crosscompile - if ! is_crosscompile && use selinux ; then - if use multilib || has_multilib_profile ; then - if is_final_abi ; then - myconf="${myconf} --with-selinux" - else - myconf="${myconf} --without-selinux" - fi - else - myconf="${myconf} --with-selinux" - fi - else - myconf="${myconf} --without-selinux" - fi - - myconf="${myconf} - --without-cvs - --enable-bind-now - --build=${CBUILD_OPT:-${CBUILD}} - --host=${CTARGET_OPT:-${CTARGET}} - $(use_enable profile) - $(use_with gd) - --with-headers=$(alt_build_headers) - --prefix=/usr - --libdir=/usr/$(get_libdir) - --mandir=/usr/share/man - --infodir=/usr/share/info - --libexecdir=/usr/$(get_libdir)/misc/glibc - ${EXTRA_ECONF}" - - # There is no configure option for this and we need to export it - # since the glibc build will re-run configure on itself - export libc_cv_slibdir=/$(get_libdir) - - has_version app-admin/eselect-compiler || export CC=$(tc-getCC ${CTARGET}) - - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1 - mkdir -p "${GBUILDDIR}" - cd "${GBUILDDIR}" - einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}" - "${S}"/configure ${myconf} || die "failed to configure glibc" - - # since we'll be punting them for cross-compilers, and they can cause - # problems (ia64+static), we'll just skip building altogether - is_crosscompile && sed -i '1ibuild-programs = no' config.make -} - -toolchain-glibc_src_compile() { - echo - local v - for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC CFLAGS ; do - einfo " $(printf '%15s' ${v}:) ${!v}" - done - echo - - if want_linuxthreads ; then - glibc_do_configure linuxthreads - einfo "Building GLIBC with linuxthreads..." - make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" - fi - if want_nptl ; then - # ... and then do the optional nptl build - unset LD_ASSUME_KERNEL - glibc_do_configure nptl - einfo "Building GLIBC with NPTL..." - make PARALLELMFLAGS="${MAKEOPTS}" || die "make for ${ABI} failed" - fi -} - -toolchain-glibc_headers_compile() { - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers - mkdir -p "${GBUILDDIR}" - cd "${GBUILDDIR}" - - # if we don't have a compiler yet, we cant really test it now - export \ - libc_cv_mlong_double_128=yes \ - libc_cv_mlong_double_128ibm=yes \ - libc_cv_ppc_machine=yes - - # Pick out the correct location for build headers - local ports="" myconf="--disable-sanity-checks --enable-hacker-mode" - [[ -d ${S}/ports ]] && ports=",ports" - myconf="${myconf} - --enable-add-ons=nptl${ports} - --without-cvs - --enable-bind-now - --build=${CBUILD_OPT:-${CBUILD}} - --host=${CTARGET_OPT:-${CTARGET}} - --with-headers=$(alt_build_headers) - --prefix=/usr - ${EXTRA_ECONF}" - - # Nothing is compiled here which would affect the headers for the target. - # so forcing CC/CFLAGS is sane. unless you dont have `gcc`. then i - # dont care :p. - einfo "Configuring GLIBC headers with: ${myconf// /\n\t\t}" - CC=gcc \ - CFLAGS="-O1 -pipe" \ - "${S}"/configure ${myconf} || die "failed to configure glibc" -} - -eblit-glibc-src_compile() { - if just_headers ; then - toolchain-glibc_headers_compile - return - fi - - setup_env - - if [[ -z ${OABI} ]] ; then - local abilist="" - if has_multilib_profile ; then - abilist=$(get_install_abis) - einfo "Building multilib glibc for ABIs: ${abilist}" - elif is_crosscompile || tc-is-cross-compiler ; then - abilist=${DEFAULT_ABI} - fi - if [[ -n ${abilist} ]] ; then - OABI=${ABI} - for ABI in ${abilist} ; do - export ABI - src_compile - done - ABI=${OABI} - unset OABI - return 0 - fi - fi - - toolchain-glibc_src_compile -} diff --git a/sys-libs/glibc/files/eblits/src_install-2.6.eblit b/sys-libs/glibc/files/eblits/src_install-2.6.eblit deleted file mode 100644 index 15bbf310..00000000 --- a/sys-libs/glibc/files/eblits/src_install-2.6.eblit +++ /dev/null @@ -1,250 +0,0 @@ -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install-2.6.eblit,v 1.2 2008/06/29 16:39:23 vapier Exp $ - -toolchain-glibc_src_install() { - # These should not be set, else the - # zoneinfo do not always get installed ... - unset LANGUAGE LANG LC_ALL - - local GBUILDDIR - if want_linuxthreads ; then - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads - else - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl - fi - - local install_root=${D} - is_crosscompile && install_root="${install_root}/usr/${CTARGET}" - if want_linuxthreads ; then - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads - einfo "Installing GLIBC ${ABI} with linuxthreads ..." - make PARALLELMFLAGS="${MAKEOPTS}" \ - install_root="${install_root}" \ - install || die - else # nptlonly - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - einfo "Installing GLIBC ${ABI} with NPTL ..." - make PARALLELMFLAGS="${MAKEOPTS}" \ - install_root="${install_root}" \ - install || die - fi - - if is_crosscompile ; then - # punt all the junk not needed by a cross-compiler - cd "${D}"/usr/${CTARGET} || die - rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} - fi - - if want_linuxthreads && want_nptl ; then - einfo "Installing NPTL to $(alt_libdir)/tls/..." - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl - - local l src_lib - for l in libc libm librt libpthread libthread_db ; do - # take care of shared lib first ... - l=${l}.so - if [[ -e ${l} ]] ; then - src_lib=${l} - else - src_lib=$(eval echo */${l}) - fi - cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" - fperms a+rx $(alt_libdir)/tls/${l} - dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) - - # then grab the linker script or the symlink ... - if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then - dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} - else - sed \ - -e "s:/${l}:/tls/${l}:g" \ - -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ - "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} - fi - - # then grab the static lib ... - src_lib=${src_lib/%.so/.a} - [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - src_lib=${src_lib/%.a/_nonshared.a} - if [[ -e ${src_lib} ]] ; then - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - fi - done - - # use the nptl linker instead of the linuxthreads one as the linuxthreads - # one may lack TLS support and that can be really bad for business - cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" - fi - - # We'll take care of the cache ourselves - rm -f "${D}"/etc/ld.so.cache - - # Some things want this, notably ash. - dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a - - # Handle includes for different ABIs - prep_ml_includes $(alt_headers) - - # When cross-compiling for a non-multilib setup, make sure we have - # lib and a proper symlink setup - if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then - cd "${D}"$(alt_libdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - cd "${D}"$(alt_usrlibdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - fi - - ################################################################# - # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # - # Make sure we install some symlink hacks so that when we build - # a 2nd stage cross-compiler, gcc finds the target system - # headers correctly. See gcc/doc/gccinstall.info - if is_crosscompile ; then - dosym usr/include /usr/${CTARGET}/sys-include - return 0 - fi - - # Everything past this point just needs to be done once ... - is_final_abi || return 0 - - # Make sure the non-native interp can be found on multilib systems - if has_multilib_profile ; then - case $(tc-arch) in - amd64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib - dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 - ;; - ppc64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib - dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 - ;; - esac - fi - - # Files for Debian-style locale updating - dodir /usr/share/i18n - sed \ - -e "/^#/d" \ - -e "/SUPPORTED-LOCALES=/d" \ - -e "s: \\\\::g" -e "s:/: :g" \ - "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ - || die "generating /usr/share/i18n/SUPPORTED failed" - cd "${WORKDIR}"/extra/locale - dosbin locale-gen || die - doman *.[0-8] - insinto /etc - doins locale.gen || die - - # Make sure all the ABI's can find the locales and so we only - # have to generate one set - local a - keepdir /usr/$(get_libdir)/locale - for a in $(get_install_abis) ; do - if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then - dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale - fi - done - - if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then - einfo "Installing info pages..." - - make \ - -C "${GBUILDDIR}" \ - PARALLELMFLAGS="${MAKEOPTS}" \ - install_root="${install_root}" \ - info -i || die - fi - - if [[ -n ${MANPAGE_VER} ]] ; then - einfo "Installing man pages..." - - # Install linuxthreads man pages even if nptl is enabled - cd "${WORKDIR}"/man - doman *.3thr - fi - - cd "${S}" - - # Install misc network config files - insinto /etc - doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die - doins "${WORKDIR}"/extra/etc/*.conf || die - doinitd "${WORKDIR}"/extra/etc/nscd || die - - dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* - - # Prevent overwriting of the /etc/localtime symlink. We'll handle the - # creation of the "factory" symlink in pkg_postinst(). - rm -f "${D}"/etc/localtime -} - -toolchain-glibc_headers_install() { - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers - cd "${GBUILDDIR}" - make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" - # Copy over headers that are not part of install-headers ... these - # are pretty much taken verbatim from crosstool, see it for more details - insinto $(alt_headers)/bits - doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" - insinto $(alt_headers)/gnu - doins "${S}"/include/gnu/stubs.h || die "doins include gnu" - # Make sure we install the sys-include symlink so that when - # we build a 2nd stage cross-compiler, gcc finds the target - # system headers correctly. See gcc/doc/gccinstall.info - dosym usr/include /usr/${CTARGET}/sys-include -} - -src_strip() { - # gdb is lame and requires some debugging information to remain in - # libpthread, so we need to strip it by hand. libthread_db makes no - # sense stripped as it is only used when debugging. - local pthread=$(hasq splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") - env \ - -uRESTRICT \ - CHOST=${CTARGET} \ - STRIP_MASK="/*/{,tls/}${pthread}*" \ - prepallstrip - # if user has stripping enabled and does not have split debug turned on, - # then leave the debugging sections in libpthread. - if ! hasq nostrip ${FEATURES} && ! hasq splitdebug ${FEATURES} ; then - ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so - fi -} - -eblit-glibc-src_install() { - if just_headers ; then - toolchain-glibc_headers_install - return - fi - - setup_env - - if [[ -z ${OABI} ]] ; then - local abilist="" - if has_multilib_profile ; then - abilist=$(get_install_abis) - einfo "Installing multilib glibc for ABIs: ${abilist}" - elif is_crosscompile || tc-is-cross-compiler ; then - abilist=${DEFAULT_ABI} - fi - if [[ -n ${abilist} ]] ; then - OABI=${ABI} - for ABI in ${abilist} ; do - export ABI - eblit-glibc-src_install - done - ABI=${OABI} - unset OABI - src_strip - return 0 - fi - fi - - toolchain-glibc_src_install - [[ -z ${OABI} ]] && src_strip -} diff --git a/sys-libs/glibc/files/eblits/src_install.eblit b/sys-libs/glibc/files/eblits/src_install.eblit deleted file mode 100644 index aa1d4e7a..00000000 --- a/sys-libs/glibc/files/eblits/src_install.eblit +++ /dev/null @@ -1,247 +0,0 @@ -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install.eblit,v 1.7 2008/12/29 09:22:45 vapier Exp $ - -toolchain-glibc_src_install() { - local GBUILDDIR - if want_linuxthreads ; then - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-linuxthreads - else - GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-nptl - fi - - local install_root=${D} - is_crosscompile && install_root="${install_root}/usr/${CTARGET}" - if want_linuxthreads ; then - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-linuxthreads - einfo "Installing GLIBC ${ABI} with linuxthreads ..." - else # nptlonly - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - einfo "Installing GLIBC ${ABI} with NPTL ..." - fi - make PARALLELMFLAGS="${MAKEOPTS}" \ - install_root="${install_root}" \ - install || die - - if is_crosscompile ; then - # punt all the junk not needed by a cross-compiler - cd "${D}"/usr/${CTARGET} || die - rm -rf ./{,usr/}{bin,etc,sbin,share} ./{,usr/}*/{gconv,misc} - fi - - if want_linuxthreads && want_nptl ; then - einfo "Installing NPTL to $(alt_libdir)/tls/..." - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-nptl - dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl - - local l src_lib - for l in libc libm librt libpthread libthread_db ; do - # take care of shared lib first ... - l=${l}.so - if [[ -e ${l} ]] ; then - src_lib=${l} - else - src_lib=$(eval echo */${l}) - fi - cp -a ${src_lib} "${D}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}" - fperms a+rx $(alt_libdir)/tls/${l} - dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib}) - - # then grab the linker script or the symlink ... - if [[ -L ${D}$(alt_usrlibdir)/${l} ]] ; then - dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l} - else - sed \ - -e "s:/${l}:/tls/${l}:g" \ - -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \ - "${D}"$(alt_usrlibdir)/${l} > "${D}"$(alt_usrlibdir)/nptl/${l} - fi - - # then grab the static lib ... - src_lib=${src_lib/%.so/.a} - [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a} - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - src_lib=${src_lib/%.a/_nonshared.a} - if [[ -e ${src_lib} ]] ; then - cp -a ${src_lib} "${D}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}" - fi - done - - # use the nptl linker instead of the linuxthreads one as the linuxthreads - # one may lack TLS support and that can be really bad for business - cp -a elf/ld.so "${D}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp" - fi - - # We'll take care of the cache ourselves - rm -f "${D}"/etc/ld.so.cache - - # Some things want this, notably ash. - dosym libbsd-compat.a $(alt_usrlibdir)/libbsd.a - - # Handle includes for different ABIs if glibc itself doesn't do it - # XXX: curr glibc should finally handle all of them correctly - #case $(tc-arch) in - # amd64|mips|ppc|s390) ;; - # *) prep_ml_includes $(alt_headers) ;; - #esac - - # When cross-compiling for a non-multilib setup, make sure we have - # lib and a proper symlink setup - if is_crosscompile && ! use multilib && ! has_multilib_profile && [[ $(get_libdir) != "lib" ]] ; then - cd "${D}"$(alt_libdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - cd "${D}"$(alt_usrlibdir)/.. - mv $(get_libdir) lib || die - ln -s lib $(get_libdir) || die - fi - - ################################################################# - # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY # - # Make sure we install some symlink hacks so that when we build - # a 2nd stage cross-compiler, gcc finds the target system - # headers correctly. See gcc/doc/gccinstall.info - if is_crosscompile ; then - dosym usr/include /usr/${CTARGET}/sys-include - return 0 - fi - - # Everything past this point just needs to be done once ... - is_final_abi || return 0 - - # Make sure the non-native interp can be found on multilib systems - if has_multilib_profile ; then - case $(tc-arch) in - amd64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR amd64) /lib - dosym ../$(get_abi_LIBDIR x86)/ld-linux.so.2 /lib/ld-linux.so.2 - ;; - ppc64) - [[ ! -e ${D}/lib ]] && dosym $(get_abi_LIBDIR ppc64) /lib - dosym ../$(get_abi_LIBDIR ppc)/ld.so.1 /lib/ld.so.1 - ;; - esac - fi - - # Files for Debian-style locale updating - dodir /usr/share/i18n - sed \ - -e "/^#/d" \ - -e "/SUPPORTED-LOCALES=/d" \ - -e "s: \\\\::g" -e "s:/: :g" \ - "${S}"/localedata/SUPPORTED > "${D}"/usr/share/i18n/SUPPORTED \ - || die "generating /usr/share/i18n/SUPPORTED failed" - cd "${WORKDIR}"/extra/locale - dosbin locale-gen || die - doman *.[0-8] - insinto /etc - doins locale.gen || die - - # Make sure all the ABI's can find the locales and so we only - # have to generate one set - local a - keepdir /usr/$(get_libdir)/locale - for a in $(get_install_abis) ; do - if [[ ! -e ${D}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then - dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale - fi - done - - if ! has noinfo ${FEATURES} && [[ -n ${INFOPAGE_VER} ]] ; then - einfo "Installing info pages..." - - make \ - -C "${GBUILDDIR}" \ - PARALLELMFLAGS="${MAKEOPTS}" \ - install_root="${install_root}" \ - info -i || die - fi - - if [[ -n ${MANPAGE_VER} ]] ; then - einfo "Installing man pages..." - - # Install linuxthreads man pages even if nptl is enabled - cd "${WORKDIR}"/man - doman *.3thr - fi - - cd "${S}" - - # Install misc network config files - insinto /etc - doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die - doins "${WORKDIR}"/extra/etc/*.conf || die - doinitd "${WORKDIR}"/extra/etc/nscd || die - - dodoc BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* - - # Prevent overwriting of the /etc/localtime symlink. We'll handle the - # creation of the "factory" symlink in pkg_postinst(). - rm -f "${D}"/etc/localtime -} - -toolchain-glibc_headers_install() { - local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-headers - cd "${GBUILDDIR}" - make install_root="${D}/usr/${CTARGET}" install-headers || die "install-headers failed" - # Copy over headers that are not part of install-headers ... these - # are pretty much taken verbatim from crosstool, see it for more details - insinto $(alt_headers)/bits - doins misc/syscall-list.h bits/stdio_lim.h || die "doins include bits" - insinto $(alt_headers)/gnu - doins "${S}"/include/gnu/stubs.h || die "doins include gnu" - # Make sure we install the sys-include symlink so that when - # we build a 2nd stage cross-compiler, gcc finds the target - # system headers correctly. See gcc/doc/gccinstall.info - dosym usr/include /usr/${CTARGET}/sys-include -} - -src_strip() { - # gdb is lame and requires some debugging information to remain in - # libpthread, so we need to strip it by hand. libthread_db makes no - # sense stripped as it is only used when debugging. - local pthread=$(hasq splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}") - env \ - -uRESTRICT \ - CHOST=${CTARGET} \ - STRIP_MASK="/*/{,tls/}${pthread}*" \ - prepallstrip - # if user has stripping enabled and does not have split debug turned on, - # then leave the debugging sections in libpthread. - if ! hasq nostrip ${FEATURES} && ! hasq splitdebug ${FEATURES} ; then - ${STRIP:-${CTARGET}-strip} --strip-debug "${D}"/*/libpthread-*.so - fi -} - -eblit-glibc-src_install() { - if just_headers ; then - toolchain-glibc_headers_install - return - fi - - setup_env - - if [[ -z ${OABI} ]] ; then - local abilist="" - if has_multilib_profile ; then - abilist=$(get_install_abis) - einfo "Installing multilib glibc for ABIs: ${abilist}" - elif is_crosscompile || tc-is-cross-compiler ; then - abilist=${DEFAULT_ABI} - fi - if [[ -n ${abilist} ]] ; then - OABI=${ABI} - for ABI in ${abilist} ; do - export ABI - eblit-glibc-src_install - done - ABI=${OABI} - unset OABI - src_strip - return 0 - fi - fi - - toolchain-glibc_src_install - [[ -z ${OABI} ]] && src_strip -} diff --git a/sys-libs/glibc/files/eblits/src_test.eblit b/sys-libs/glibc/files/eblits/src_test.eblit deleted file mode 100644 index 0d733a35..00000000 --- a/sys-libs/glibc/files/eblits/src_test.eblit +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_test.eblit,v 1.3 2008/03/23 18:06:18 vapier Exp $ - -toolchain-glibc_src_test() { - cd "${WORKDIR}"/build-${ABI}-${CTARGET}-$1 || die "cd build-${ABI}-${CTARGET}-$1" - unset LD_ASSUME_KERNEL - make check && return 0 - einfo "make check failed - re-running with --keep-going to get the rest of the results" - make -k check - ewarn "make check failed for ${ABI}-${CTARGET}-$1" - return 1 -} - -eblit-glibc-src_test() { - local ret=0 - - setup_env - - # give tests more time to complete - export TIMEOUTFACTOR=5 - - if [[ -z ${OABI} ]] && has_multilib_profile ; then - OABI=${ABI} - einfo "Testing multilib glibc for ABIs: $(get_install_abis)" - for ABI in $(get_install_abis) ; do - export ABI - einfo " Testing ${ABI} glibc" - src_test - ((ret+=$?)) - done - ABI=${OABI} - unset OABI - [[ ${ret} -ne 0 ]] \ - && die "tests failed" \ - || return 0 - fi - - want_linuxthreads && toolchain-glibc_src_test linuxthreads ; ((ret+=$?)) - want_nptl && toolchain-glibc_src_test nptl ; ((ret+=$?)) - return ${ret} -} diff --git a/sys-libs/glibc/files/eblits/src_unpack.eblit b/sys-libs/glibc/files/eblits/src_unpack.eblit deleted file mode 100644 index 0935889b..00000000 --- a/sys-libs/glibc/files/eblits/src_unpack.eblit +++ /dev/null @@ -1,168 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_unpack.eblit,v 1.8 2009/05/17 22:17:56 vapier Exp $ - -int_to_KV() { - local version=$1 major minor micro - major=$((version / 65536)) - minor=$(((version % 65536) / 256)) - micro=$((version % 256)) - echo ${major}.${minor}.${micro} -} - -eend_KV() { - [[ $(KV_to_int $1) -ge $(KV_to_int $2) ]] - eend $? -} - -get_kheader_version() { - printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \ - $(tc-getCPP ${CTARGET}) -I "$(alt_build_headers)" | \ - tail -n 1 -} - -check_nptl_support() { - # don't care about the compiler here as we arent using it - just_headers && return - - local run_kv build_kv want_kv - run_kv=$(int_to_KV $(get_KV)) - build_kv=$(int_to_KV $(get_kheader_version)) - want_kv=${NPTL_KERN_VER} - - ebegin "Checking gcc for __thread support" - if ! eend $(want__thread ; echo $?) ; then - echo - eerror "Could not find a gcc that supports the __thread directive!" - eerror "Please update your binutils/gcc and try again." - die "No __thread support in gcc!" - fi - - if ! is_crosscompile && ! tc-is-cross-compiler ; then - # Building fails on an non-supporting kernel - ebegin "Checking kernel version (${run_kv} >= ${want_kv})" - if ! eend_KV ${run_kv} ${want_kv} ; then - echo - eerror "You need a kernel of at least ${want_kv} for NPTL support!" - die "Kernel version too low!" - fi - fi - - ebegin "Checking linux-headers version (${build_kv} >= ${want_kv})" - if ! eend_KV ${build_kv} ${want_kv} ; then - echo - eerror "You need linux-headers of at least ${want_kv} for NPTL support!" - die "linux-headers version too low!" - fi -} - -unpack_pkg() { - local a=${PN} - [[ -n ${SNAP_VER} ]] && a="${a}-${RELEASE_VER}" - [[ -n $1 ]] && a="${a}-$1" - [[ -n ${SNAP_VER} ]] && a="${a}-${SNAP_VER}" || a="${a}-${RELEASE_VER}" - unpack ${a}.tar.bz2 - [[ -n $1 ]] && mv ${a} $1 -} - -toolchain-glibc_src_unpack() { - # Check NPTL support _before_ we unpack things to save some time - want_nptl && check_nptl_support - - unpack_pkg - - cd "${S}" - touch locale/C-translit.h #185476 #218003 - [[ -n ${LT_VER} ]] && unpack_pkg linuxthreads ${LT_VER} - [[ -n ${PORTS_VER} ]] && unpack_pkg ports ${PORTS_VER} - [[ -n ${LIBIDN_VER} ]] && unpack_pkg libidn - - if [[ -n ${PATCH_VER} ]] ; then - cd "${WORKDIR}" - unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 - # pull out all the addons - local d - for d in extra/*/configure ; do - d=${d%/configure} - [[ -d ${S}/${d} ]] && die "${d} already exists in \${S}" - mv "${d}" "${S}" || die "moving ${d} failed" - done - fi - - # XXX: We should do the branchupdate, before extracting the manpages and - # infopages else it does not help much (mtimes change if there is a change - # to them with branchupdate) - if [[ -n ${BRANCH_UPDATE} ]] ; then - cd "${S}" - epatch "${DISTDIR}"/glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - - # Snapshot date patch - einfo "Patching version to display snapshot date ..." - sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h - fi - - if [[ -n ${MANPAGE_VER} ]] ; then - cd "${WORKDIR}" - unpack glibc-manpages-${MANPAGE_VER}.tar.bz2 - fi - - if [[ -n ${INFOPAGE_VER} ]] ; then - cd "${S}" - unpack glibc-infopages-${INFOPAGE_VER}.tar.bz2 - fi - - # tag, glibc is it - cd "${S}" - [[ -e csu/Banner ]] && die "need new banner location" - [[ -n ${SNAP_VER} ]] && echo "Gentoo snapshot ${SNAP_VER}" >> csu/Banner - [[ -n ${BRANCH_UPDATE} ]] && echo "Gentoo branch ${BRANCH_UPDATE}" >> csu/Banner - if [[ -n ${PATCH_VER} ]] && ! use vanilla ; then - cd "${S}" - EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER} ..." \ - EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \ - EPATCH_SUFFIX="patch" \ - ARCH=$(tc-arch) \ - epatch "${WORKDIR}"/patches - echo "Gentoo patchset ${PATCH_VER}" >> csu/Banner - fi - - gnuconfig_update -} - -eblit-glibc-src_unpack() { - setup_env - - toolchain-glibc_src_unpack - - # Backwards SSP support - cd "${S}" -# For now, we force everyone to have the extra symbols -# einfon "Scanning system for __guard to see if we need SSP compat ... " -# if [[ -n $(scanelf -qyls__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then - echo "yes" > "${T}"/.ssp.compat -# else -# # ok, a quick scan didnt find it, so lets do a deep scan ... -# if [[ -n $(scanelf -qyRlps__guard -F'#s%F' | grep -v '^/lib.*/libc-2.*.so$') ]] ; then -# echo "yes" > "${T}"/.ssp.compat -# else -# echo "no" > "${T}"/.ssp.compat -# fi -# fi -# cat "${T}"/.ssp.compat - - # Glibc is stupid sometimes, and doesn't realize that with a - # static C-Only gcc, -lgcc_eh doesn't exist. - # http://sources.redhat.com/ml/libc-alpha/2003-09/msg00100.html - # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html - echo 'int main(){}' > "${T}"/gcc_eh_test.c - if ! $(tc-getCC ${CTARGET}) "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then - sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh" - fi - - cd "${WORKDIR}" - find . -type f '(' -size 0 -o -name "*.orig" ')' -exec rm -f {} \; - find . -name configure -exec touch {} \; - - # Fix permissions on some of the scripts - chmod u+x "${S}"/scripts/*.sh -} diff --git a/sys-libs/glibc/files/fix-sysctl_h.patch b/sys-libs/glibc/files/fix-sysctl_h.patch deleted file mode 100644 index 2c490844..00000000 --- a/sys-libs/glibc/files/fix-sysctl_h.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- linux.orig/include/linux/sysctl.h.orig 2003-05-18 22:12:39.000000000 +0200 -+++ linux.fixed/include/linux/sysctl.h 2003-05-18 22:13:58.000000000 +0200 -@@ -35,6 +35,10 @@ - the largest acceptable value for the nlen - member of a struct __sysctl_args to have? */ - -+#ifndef __user -+#define __user -+#endif -+ - struct __sysctl_args { - int __user *name; - int nlen; diff --git a/sys-libs/glibc/files/glibc-2.2.2-test-lfs-timeout.patch b/sys-libs/glibc/files/glibc-2.2.2-test-lfs-timeout.patch deleted file mode 100644 index ac4de72d..00000000 --- a/sys-libs/glibc/files/glibc-2.2.2-test-lfs-timeout.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- test-lfs.c~ Fri Feb 9 18:04:07 2001 -+++ test-lfs.c Sat Feb 17 04:30:18 2001 -@@ -34,7 +34,7 @@ - #define PREPARE do_prepare - - /* We might need a bit longer timeout. */ --#define TIMEOUT 20 /* sec */ -+#define TIMEOUT 120 /* sec */ - - /* This defines the `main' function and some more. */ - #include <test-skeleton.c> diff --git a/sys-libs/glibc/files/glibc-sec-hotfix-20040804.patch b/sys-libs/glibc/files/glibc-sec-hotfix-20040804.patch deleted file mode 100644 index 14ffd90b..00000000 --- a/sys-libs/glibc/files/glibc-sec-hotfix-20040804.patch +++ /dev/null @@ -1,128 +0,0 @@ -#! /bin/sh -e - -# All lines beginning with `# DP:' are a description of the patch. -# DP: Add grsecurity enhancements to glibc -# DP: * Adds Stefan Esser's unlink sanity check -# DP: * Removes LD_DEBUG for suid apps -# DP: * Fixes a glibc bug where certain envvars are interpreted -# DP: even if UNSECURE_ENVVARS says to drop them - -if [ $# -ne 2 ]; then - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -fi -case "$1" in - -patch) patch -d "$2" -f --no-backup-if-mismatch -p0 < $0;; - -unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p0 < $0;; - *) - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -esac -exit 0 - ---- malloc/malloc.c 2004-08-03 18:06:35 -0400 -+++ malloc/malloc.c 2004-08-03 18:08:53 -0400 -@@ -311,6 +311,10 @@ - #define assert(x) ((void)0) - #endif - -+#include <abort-instr.h> -+#ifndef ABORT_INSTRUCTION -+#define ABORT_INSTRUCTION -+#endif - - /* - INTERNAL_SIZE_T is the word-size used for internal bookkeeping -@@ -1951,6 +1955,13 @@ - #define unlink(P, BK, FD) { \ - FD = P->fd; \ - BK = P->bk; \ -+ if (FD->bk != P || BK->fd != P) \ -+ { \ -+ ABORT_INSTRUCTION; \ -+ _exit(127); \ -+ while (1) \ -+ ABORT_INSTRUCTION; \ -+ } \ - FD->bk = BK; \ - BK->fd = FD; \ - } ---- sysdeps/generic/unsecvars.h 2004-08-03 18:13:13 -0400 -+++ sysdeps/generic/unsecvars.h 2004-08-03 18:11:41 -0400 -@@ -3,6 +3,8 @@ - with a '\0' explicitly. */ - #define UNSECURE_ENVVARS \ - "LD_PRELOAD\0" \ -+ "LD_DEBUG\0" \ -+ "LD_TRACE_PRELINKING\0" \ - "LD_LIBRARY_PATH\0" \ - "LD_ORIGIN_PATH\0" \ - "LD_DEBUG_OUTPUT\0" \ ---- elf/rtld.c 2003-01-07 13:47:35 -0500 -+++ elf/rtld.c 2004-08-03 22:15:51 -0400 -@@ -1762,6 +1762,30 @@ - GL(dl_profile_output) - = &"/var/tmp\0/var/profile"[INTUSE(__libc_enable_secure) ? 9 : 0]; - -+ /* Extra security for SUID binaries. Remove all dangerous environment -+ variables. */ -+ if (__builtin_expect (INTUSE(__libc_enable_secure), 0)) -+ { -+ static const char unsecure_envvars[] = -+#ifdef EXTRA_UNSECURE_ENVVARS -+ EXTRA_UNSECURE_ENVVARS -+#endif -+ UNSECURE_ENVVARS; -+ const char *nextp; -+ -+ nextp = unsecure_envvars; -+ do -+ { -+ unsetenv (nextp); -+ /* We could use rawmemchr but this need not be fast. */ -+ nextp = (char *) (strchr) (nextp, '\0') + 1; -+ } -+ while (*nextp != '\0'); -+ -+ if (__access ("/etc/suid-debug", F_OK) != 0) -+ unsetenv ("MALLOC_CHECK_"); -+ } -+ - while ((envline = _dl_next_ld_env_entry (&runp)) != NULL) - { - size_t len = 0; -@@ -1897,33 +1921,10 @@ - /* The caller wants this information. */ - *modep = mode; - -- /* Extra security for SUID binaries. Remove all dangerous environment -- variables. */ -- if (__builtin_expect (INTUSE(__libc_enable_secure), 0)) -- { -- static const char unsecure_envvars[] = --#ifdef EXTRA_UNSECURE_ENVVARS -- EXTRA_UNSECURE_ENVVARS --#endif -- UNSECURE_ENVVARS; -- const char *nextp; -- -- nextp = unsecure_envvars; -- do -- { -- unsetenv (nextp); -- /* We could use rawmemchr but this need not be fast. */ -- nextp = (char *) (strchr) (nextp, '\0') + 1; -- } -- while (*nextp != '\0'); -- -- if (__access ("/etc/suid-debug", F_OK) != 0) -- unsetenv ("MALLOC_CHECK_"); -- } - /* If we have to run the dynamic linker in debugging mode and the - LD_DEBUG_OUTPUT environment variable is given, we write the debug - messages to this file. */ -- else if (any_debug && debug_output != NULL) -+ if (any_debug && debug_output != NULL) - { - #ifdef O_NOFOLLOW - const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW; diff --git a/sys-libs/glibc/files/glibc-sec-hotfix-20040916.patch b/sys-libs/glibc/files/glibc-sec-hotfix-20040916.patch deleted file mode 100644 index 3858a0f9..00000000 --- a/sys-libs/glibc/files/glibc-sec-hotfix-20040916.patch +++ /dev/null @@ -1,95 +0,0 @@ -diff -Nru glibc-2.3.3.old/elf/rtld.c glibc-2.3.3/elf/rtld.c ---- glibc-2.3.3.old/elf/rtld.c 2004-09-16 15:02:16.000000000 -0400 -+++ glibc-2.3.3/elf/rtld.c 2004-09-16 15:04:58.000000000 -0400 -@@ -2041,6 +2041,30 @@ - GLRO(dl_profile_output) - = &"/var/tmp\0/var/profile"[INTUSE(__libc_enable_secure) ? 9 : 0]; - -+ /* Extra security for SUID binaries. Remove all dangerous environment -+ variables. */ -+ if (__builtin_expect (INTUSE(__libc_enable_secure), 0)) -+ { -+ static const char unsecure_envvars[] = -+#ifdef EXTRA_UNSECURE_ENVVARS -+ EXTRA_UNSECURE_ENVVARS -+#endif -+ UNSECURE_ENVVARS; -+ const char *nextp; -+ -+ nextp = unsecure_envvars; -+ do -+ { -+ unsetenv (nextp); -+ /* We could use rawmemchr but this need not be fast. */ -+ nextp = (char *) (strchr) (nextp, '\0') + 1; -+ } -+ while (*nextp != '\0'); -+ -+ if (__access ("/etc/suid-debug", F_OK) != 0) -+ unsetenv ("MALLOC_CHECK_"); -+ } -+ - while ((envline = _dl_next_ld_env_entry (&runp)) != NULL) - { - size_t len = 0; -@@ -2188,33 +2212,10 @@ - /* The caller wants this information. */ - *modep = mode; - -- /* Extra security for SUID binaries. Remove all dangerous environment -- variables. */ -- if (__builtin_expect (INTUSE(__libc_enable_secure), 0)) -- { -- static const char unsecure_envvars[] = --#ifdef EXTRA_UNSECURE_ENVVARS -- EXTRA_UNSECURE_ENVVARS --#endif -- UNSECURE_ENVVARS; -- const char *nextp; -- -- nextp = unsecure_envvars; -- do -- { -- unsetenv (nextp); -- /* We could use rawmemchr but this need not be fast. */ -- nextp = (char *) (strchr) (nextp, '\0') + 1; -- } -- while (*nextp != '\0'); -- -- if (__access ("/etc/suid-debug", F_OK) != 0) -- unsetenv ("MALLOC_CHECK_"); -- } - /* If we have to run the dynamic linker in debugging mode and the - LD_DEBUG_OUTPUT environment variable is given, we write the debug - messages to this file. */ -- else if (any_debug && debug_output != NULL) -+ if (any_debug && debug_output != NULL) - { - #ifdef O_NOFOLLOW - const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW; -diff -Nru glibc-2.3.3.old/malloc/malloc.c glibc-2.3.3/malloc/malloc.c ---- glibc-2.3.3.old/malloc/malloc.c 2004-09-16 15:03:22.000000000 -0400 -+++ glibc-2.3.3/malloc/malloc.c 2004-09-16 15:04:58.000000000 -0400 -@@ -321,6 +321,10 @@ - #define assert(x) ((void)0) - #endif - -+#include <abort-instr.h> -+#ifndef ABORT_INSTRUCTION -+#define ABORT_INSTRUCTION -+#endif - - /* - INTERNAL_SIZE_T is the word-size used for internal bookkeeping -diff -Nru glibc-2.3.3.old/sysdeps/generic/unsecvars.h glibc-2.3.3/sysdeps/generic/unsecvars.h ---- glibc-2.3.3.old/sysdeps/generic/unsecvars.h 2004-09-16 15:03:11.000000000 -0400 -+++ glibc-2.3.3/sysdeps/generic/unsecvars.h 2004-09-16 15:04:58.000000000 -0400 -@@ -3,6 +3,8 @@ - with a '\0' explicitly. */ - #define UNSECURE_ENVVARS \ - "LD_PRELOAD\0" \ -+ "LD_DEBUG\0" \ -+ "LD_TRACE_PRELINKING\0" \ - "LD_LIBRARY_PATH\0" \ - "LD_ORIGIN_PATH\0" \ - "LD_DEBUG_OUTPUT\0" \ diff --git a/sys-libs/glibc/files/locales.build b/sys-libs/glibc/files/locales.build deleted file mode 100644 index ce2a88cf..00000000 --- a/sys-libs/glibc/files/locales.build +++ /dev/null @@ -1,25 +0,0 @@ -# This file names the list of locales to be built when glibc is installed. -# The format is <locale>/<charmap>, where <locale> is a locale from the -# /usr/share/i18n/locales directory, and <charmap> is name of one of the files -# in /usr/share/i18n/charmaps/. All blank lines and lines starting with # are -# ignored. Here is an example: -# en_US/ISO-8859-1 -# -# For the full list, see the file SUPPORTED in the glibc tarball: -# glibc/localedata/SUPPORTED - -en_US/ISO-8859-1 -en_US.UTF-8/UTF-8 -ja_JP.EUC-JP/EUC-JP -ja_JP.UTF-8/UTF-8 -ja_JP/EUC-JP -en_HK/ISO-8859-1 -en_PH/ISO-8859-1 -de_DE/ISO-8859-1 -de_DE@euro/ISO-8859-15 -es_MX/ISO-8859-1 -fa_IR/UTF-8 -fr_FR/ISO-8859-1 -fr_FR@euro/ISO-8859-15 -it_IT/ISO-8859-1 - diff --git a/sys-libs/glibc/files/nscd b/sys-libs/glibc/files/nscd deleted file mode 100755 index b102de07..00000000 --- a/sys-libs/glibc/files/nscd +++ /dev/null @@ -1,64 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nscd,v 1.7 2007/02/23 12:09:39 uberlord Exp $ - -depend() { - use dns ldap net slapd -} - -checkconfig() { - if [ ! -d /var/run/nscd ] ; then - mkdir -p /var/run/nscd - chmod 755 /var/run/nscd - fi - if [ -z "${NSCD_PERMS_OK}" ] && [ "$(stat -c %a /var/run/nscd)" != "755" ] ; then - echo "" - ewarn "nscd run dir is not world readable, you should reset the perms:" - ewarn "chmod 755 /var/run/nscd" - ewarn "chmod a+rw /var/run/nscd/socket" - echo "" - ewarn "To disable this warning, set 'NSCD_PERMS_OK' in /etc/conf.d/nscd" - echo "" - fi -} - -start() { - checkconfig - - ebegin "Starting Name Service Cache Daemon" - local secure=`while read curline ; do - table=${curline%:*} - entries=${curline##$table:} - table=${table%%[^a-z]*} - case $table in - passwd*|group*|hosts) - for entry in $entries ; do - case $entry in - nisplus*) - /usr/sbin/nscd_nischeck $table || \ - /echo "-S $table,yes" - ;; - esac - done - ;; - esac - done < /etc/nsswitch.conf` - local pidfile="$(strings /usr/sbin/nscd | grep nscd.pid)" - mkdir -p "$(dirname ${pidfile})" - save_options pidfile "${pidfile}" - start-stop-daemon --start --quiet \ - --exec /usr/sbin/nscd --pidfile "${pidfile}" \ - -- $secure - eend $? -} - -stop() { - local pidfile="$(get_options pidfile)" - [ -n "${pidfile}" ] && pidfile="--pidfile ${pidfile}" - ebegin "Shutting down Name Service Cache Daemon" - start-stop-daemon --stop --quiet --exec /usr/sbin/nscd ${pidfile} - eend $? -} - -# vim:ts=4 diff --git a/sys-libs/glibc/files/nscd.conf b/sys-libs/glibc/files/nscd.conf deleted file mode 100644 index 226dda37..00000000 --- a/sys-libs/glibc/files/nscd.conf +++ /dev/null @@ -1,45 +0,0 @@ -# -# /etc/nscd.conf -# -# An example Name Service Cache config file. This file is needed by nscd. -# -# Legal entries are: -# -# logfile <file> -# debug-level <level> -# threads <#threads to use> -# server-user <user to run server as instead of root> -# server-user is ignored if nscd is started with -S parameters -# -# enable-cache <service> <yes|no> -# positive-time-to-live <service> <time in seconds> -# negative-time-to-live <service> <time in seconds> -# suggested-size <service> <prime number> -# check-files <service> <yes|no> -# -# Currently supported cache names (services): passwd, group, hosts -# - - -# logfile /var/log/nscd.log -# threads 6 -# server-user nobody - debug-level 0 - - enable-cache passwd yes - positive-time-to-live passwd 600 - negative-time-to-live passwd 20 - suggested-size passwd 211 - check-files passwd yes - - enable-cache group yes - positive-time-to-live group 3600 - negative-time-to-live group 60 - suggested-size group 211 - check-files group yes - - enable-cache hosts yes - positive-time-to-live hosts 3600 - negative-time-to-live hosts 20 - suggested-size hosts 211 - check-files hosts yes diff --git a/sys-libs/glibc/files/nsswitch.conf b/sys-libs/glibc/files/nsswitch.conf deleted file mode 100644 index eb169614..00000000 --- a/sys-libs/glibc/files/nsswitch.conf +++ /dev/null @@ -1,24 +0,0 @@ -# /etc/nsswitch.conf: -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nsswitch.conf,v 1.1 2005/05/17 00:52:41 vapier Exp $ - -passwd: compat -shadow: compat -group: compat - -# passwd: db files nis -# shadow: db files nis -# group: db files nis - -hosts: files dns -networks: files dns - -services: db files -protocols: db files -rpc: db files -ethers: db files -netmasks: files -netgroup: files -bootparams: files - -automount: files -aliases: files diff --git a/sys-libs/glibc/files/test-__thread.c b/sys-libs/glibc/files/test-__thread.c deleted file mode 100644 index be37c0e2..00000000 --- a/sys-libs/glibc/files/test-__thread.c +++ /dev/null @@ -1,7 +0,0 @@ -extern __thread int i; - -int main() { - - return 0; -} - diff --git a/sys-libs/glibc/files/test-sysctl_h.c b/sys-libs/glibc/files/test-sysctl_h.c deleted file mode 100644 index 1512b4d5..00000000 --- a/sys-libs/glibc/files/test-sysctl_h.c +++ /dev/null @@ -1,7 +0,0 @@ -#include <linux/sysctl.h> - -int main() -{ - return 0; -} - diff --git a/sys-libs/glibc/glibc-2.10.1.ebuild b/sys-libs/glibc/glibc-2.10.1.ebuild deleted file mode 100644 index 6ffd9f72..00000000 --- a/sys-libs/glibc/glibc-2.10.1.ebuild +++ /dev/null @@ -1,236 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.10.1.ebuild,v 1.1 2009/05/18 04:41:59 vapier Exp $ - -inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib - -DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" - -LICENSE="LGPL-2" -KEYWORDS="~amd64 ~x86" -RESTRICT="strip" # strip ourself #46186 -EMULTILIB_PKG="true" - -# Configuration variables -if [[ ${PV} == *_p* ]] ; then -RELEASE_VER=${PV%_p*} -BRANCH_UPDATE="" -SNAP_VER=${PV#*_p} -LIBIDN_VER="" -else -RELEASE_VER=${PV} -BRANCH_UPDATE="" -SNAP_VER="" -LIBIDN_VER=${RELEASE_VER} -fi -MANPAGE_VER="" # pregenerated manpages -INFOPAGE_VER="" # pregenerated infopages -PATCH_VER="1" # Gentoo patchset -PORTS_VER="" #${RELEASE_VER} # version of glibc ports addon -LT_VER="" # version of linuxthreads addon -NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires -#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires - -IUSE="debug gd glibc-omitfp hardened multilib nls selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" -S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}} - -# Here's how the cross-compile logic breaks down ... -# CTARGET - machine that will target the binaries -# CHOST - machine that will host the binaries -# CBUILD - machine that will build the binaries -# If CTARGET != CHOST, it means you want a libc for cross-compiling. -# If CHOST != CBUILD, it means you want to cross-compile the libc. -# CBUILD = CHOST = CTARGET - native build/install -# CBUILD != (CHOST = CTARGET) - cross-compile a native build -# (CBUILD = CHOST) != CTARGET - libc for cross-compiler -# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler -# For install paths: -# CHOST = CTARGET - install into / -# CHOST != CTARGET - install into /usr/CTARGET/ - -export CBUILD=${CBUILD:-${CHOST}} -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} == ${CHOST} ]] ; then - if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - export CTARGET=${CATEGORY/cross-} - fi -fi - -[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} - -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} -alt_libdir() { - if is_crosscompile ; then - echo /usr/${CTARGET}/$(get_libdir) - else - echo /$(get_libdir) - fi -} - -if is_crosscompile ; then - SLOT="${CTARGET}-2.2" -else - # Why SLOT 2.2 you ask yourself while sippin your tea ? - # Everyone knows 2.2 > 0, duh. - SLOT="2.2" - PROVIDE="virtual/libc" -fi - -# General: We need a new-enough binutils for as-needed -# arch: we need to make sure our binutils/gcc supports TLS -DEPEND=">=sys-devel/gcc-3.4.4 - arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) - ppc? ( >=sys-devel/gcc-4.1.0 ) - ppc64? ( >=sys-devel/gcc-4.1.0 ) - >=sys-devel/binutils-2.15.94 - ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} - >=sys-devel/gcc-config-1.3.12 - >=app-misc/pax-utils-0.1.10 - virtual/os-headers - nls? ( sys-devel/gettext ) - >=sys-apps/sandbox-1.2.18.1-r2 - >=sys-apps/portage-2.1.2 - selinux? ( sys-libs/libselinux )" -RDEPEND="nls? ( sys-devel/gettext ) - selinux? ( sys-libs/libselinux )" - -if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - DEPEND="${DEPEND} ${CATEGORY}/gcc" - [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" -else - DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" - RDEPEND="${RDEPEND} sys-libs/timezone-data" -fi - -SRC_URI=$( - upstream_uris() { - echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 - } - gentoo_uris() { - local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" - devspace=${devspace//HTTP/http://dev.gentoo.org/} - echo mirror://gentoo/$1 ${devspace//URI/$1} - } - - TARNAME=${PN} - if [[ -n ${SNAP_VER} ]] ; then - TARNAME="${PN}-${RELEASE_VER}" - [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} - upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 - else - upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 - fi - [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 - [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 - [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 - [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 - [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 - [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 -) - -# eblit-include [--skip] <function> [version] -eblit-include() { - local skipable=false - [[ $1 == "--skip" ]] && skipable=true && shift - [[ $1 == pkg_* ]] && skipable=true - - local e v func=$1 ver=$2 - [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" - for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do - e="${FILESDIR}/eblits/${func}${v}.eblit" - if [[ -e ${e} ]] ; then - source "${e}" - return 0 - fi - done - ${skipable} && return 0 - die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" -} - -# eblit-run-maybe <function> -# run the specified function if it is defined -eblit-run-maybe() { - [[ $(type -t "$@") == "function" ]] && "$@" -} - -# eblit-run <function> [version] -# aka: src_unpack() { eblit-run src_unpack ; } -eblit-run() { - eblit-include --skip common "${*:2}" - eblit-include "$@" - eblit-run-maybe eblit-$1-pre - eblit-${PN}-$1 - eblit-run-maybe eblit-$1-post -} - -src_unpack() { eblit-run src_unpack ; } -src_compile() { eblit-run src_compile ; } -src_test() { eblit-run src_test ; } -src_install() { eblit-run src_install ; } - -# FILESDIR might not be available during binpkg install -for x in setup {pre,post}inst ; do - e="${FILESDIR}/eblits/pkg_${x}.eblit" - if [[ -e ${e} ]] ; then - . "${e}" - eval "pkg_${x}() { eblit-run pkg_${x} ; }" - fi -done - -eblit-src_unpack-post() { - if use hardened ; then - cd "${S}" - einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch - epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch - epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch - - einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ - debug/stack_chk_fail.c || die - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-chk_fail.c \ - debug/chk_fail.c || die - - if use debug ; then - # When using Hardened Gentoo stack handler, have smashes dump core for - # analysis - debug only, as core could be an information leak - # (paranoia). - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug stack handler" - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug fortify handler" - fi - - # Build nscd with ssp-all - sed -i \ - -e 's:-fstack-protector$:-fstack-protector-all:' \ - nscd/Makefile \ - || die "Failed to ensure nscd builds with ssp-all" - fi -} - -maint_pkg_create() { - local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}" - cd ${base} - local stamp=$(date +%Y%m%d) - local d - for d in libc ports ; do - #(cd ${d} && cvs up) - case ${d} in - libc) tarball="${P}";; - ports) tarball="${PN}-ports-${PV}";; - esac - rm -f ${tarball}* - ln -sf ${d} ${tarball} - tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma - du -b "${T}"/${tarball}.tar.lzma - done -} diff --git a/sys-libs/glibc/glibc-2.8_p20080602-r3.ebuild b/sys-libs/glibc/glibc-2.8_p20080602-r3.ebuild deleted file mode 100644 index 0f91b005..00000000 --- a/sys-libs/glibc/glibc-2.8_p20080602-r3.ebuild +++ /dev/null @@ -1,381 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.8_p20080602-r1.ebuild,v 1.16 2009/04/13 15:17:59 jer Exp $ - -inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib - -DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" - -LICENSE="LGPL-2" -KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" -RESTRICT="strip" # strip ourself #46186 -EMULTILIB_PKG="true" - -# Configuration variables -if [[ ${PV} == *_p* ]] ; then -RELEASE_VER=${PV%_p*} -BRANCH_UPDATE="" -SNAP_VER=${PV#*_p} -else -RELEASE_VER=${PV} -BRANCH_UPDATE="" -SNAP_VER="" -fi -MANPAGE_VER="" # pregenerated manpages -INFOPAGE_VER="" # pregenerated infopages -PATCH_VER="6" # Gentoo patchset -PORTS_VER=${RELEASE_VER} # version of glibc ports addon -LIBIDN_VER="" # version of libidn addon -LT_VER="" # version of linuxthreads addon -NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires -#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires - -IUSE="debug gd glibc-omitfp hardened multilib nls selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" -S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER+-${SNAP_VER}} - -# Here's how the cross-compile logic breaks down ... -# CTARGET - machine that will target the binaries -# CHOST - machine that will host the binaries -# CBUILD - machine that will build the binaries -# If CTARGET != CHOST, it means you want a libc for cross-compiling. -# If CHOST != CBUILD, it means you want to cross-compile the libc. -# CBUILD = CHOST = CTARGET - native build/install -# CBUILD != (CHOST = CTARGET) - cross-compile a native build -# (CBUILD = CHOST) != CTARGET - libc for cross-compiler -# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler -# For install paths: -# CHOST = CTARGET - install into / -# CHOST != CTARGET - install into /usr/CTARGET/ - -export CBUILD=${CBUILD:-${CHOST}} -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} == ${CHOST} ]] ; then - if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - export CTARGET=${CATEGORY/cross-} - fi -fi - -[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} - -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} -alt_libdir() { - if is_crosscompile ; then - echo /usr/${CTARGET}/$(get_libdir) - else - echo /$(get_libdir) - fi -} - -if is_crosscompile ; then - SLOT="${CTARGET}-2.2" -else - # Why SLOT 2.2 you ask yourself while sippin your tea ? - # Everyone knows 2.2 > 0, duh. - SLOT="2.2" - PROVIDE="virtual/libc" -fi - -# General: We need a new-enough binutils for as-needed -# arch: we need to make sure our binutils/gcc supports TLS -DEPEND=">=sys-devel/gcc-3.4.4 - arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) - ppc? ( >=sys-devel/gcc-4.1.0 ) - ppc64? ( >=sys-devel/gcc-4.1.0 ) - >=sys-devel/binutils-2.15.94 - ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} - >=sys-devel/gcc-config-1.3.12 - >=app-misc/pax-utils-0.1.10 - virtual/os-headers - nls? ( sys-devel/gettext ) - >=sys-apps/sandbox-1.2.18.1-r2 - >=sys-apps/portage-2.1.2 - selinux? ( sys-libs/libselinux )" -RDEPEND="nls? ( sys-devel/gettext ) - selinux? ( sys-libs/libselinux )" - -if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - DEPEND="${DEPEND} ${CATEGORY}/gcc" - [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" -else - DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" - RDEPEND="${RDEPEND} sys-libs/timezone-data" -fi - -SRC_URI=$( - upstream_uris() { - echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 - } - gentoo_uris() { - local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" - devspace=${devspace//HTTP/http://dev.gentoo.org/} - echo mirror://gentoo/$1 ${devspace//URI/$1} - } - - TARNAME=${PN} - if [[ -n ${SNAP_VER} ]] ; then - TARNAME="${PN}-${RELEASE_VER}" - [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} - upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 - else - upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 - fi - [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 - [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 - [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 - [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 - [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 - [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 -) - -# eblit-include [--skip] <function> [version] -eblit-include() { - local skipable=false - [[ $1 == "--skip" ]] && skipable=true && shift - - local e v func=$1 ver=$2 - [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" - for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do - e="${FILESDIR}/eblits/${func}${v}.eblit" - if [[ -e ${e} ]] ; then - source "${e}" - return 0 - fi - done - ${skipable} && return 0 - die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" -} - -# eblit-run-maybe <function> -# run the specified function if it is defined -eblit-run-maybe() { - [[ $(type -t "$@") == "function" ]] && "$@" -} - -# eblit-run <function> [version] -# aka: src_unpack() { eblit-run src_unpack ; } -eblit-run() { - eblit-include --skip common "${*:2}" - eblit-include "$@" - eblit-run-maybe eblit-$1-pre - eblit-${PN}-$1 || die - eblit-run-maybe eblit-$1-post -} - -src_unpack() { eblit-run src_unpack ; } -src_compile() { eblit-run src_compile ; } -src_test() { eblit-run src_test ; } -src_install() { eblit-run src_install ; } - -eblit-src_unpack-post() { - if use hardened ; then - cd "${S}" - einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch - epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch - epatch "${FILESDIR}"/2.7/glibc-2.7-hardened-inittls-nosysenter.patch - - einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ - debug/stack_chk_fail.c || die - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-chk_fail.c \ - debug/chk_fail.c || die - - if use debug ; then - # When using Hardened Gentoo stack handler, have smashes dump core for - # analysis - debug only, as core could be an information leak - # (paranoia). - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug stack handler" - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug fortify handler" - fi - - # Build nscd with ssp-all - sed -i \ - -e 's:-fstack-protector$:-fstack-protector-all:' \ - nscd/Makefile \ - || die "Failed to ensure nscd builds with ssp-all" - fi -} - -maint_pkg_create() { - local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}" - cd ${base} - local stamp=$(date +%Y%m%d) - local d - for d in libc ports ; do - #(cd ${d} && cvs up) - case ${d} in - libc) tarball="${P}";; - ports) tarball="${PN}-ports-${PV}";; - esac - rm -f ${tarball}* - ln -sf ${d} ${tarball} - tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma - du -b "${T}"/${tarball}.tar.lzma - done -} - -pkg_setup() { - # prevent native builds from downgrading ... maybe update to allow people - # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2) - if [[ ${ROOT} == "/" ]] && [[ ${CBUILD} == ${CHOST} ]] && [[ ${CHOST} == ${CTARGET} ]] ; then - if has_version '>'${CATEGORY}/${PF} ; then - eerror "Sanity check to keep you from breaking your system:" - eerror " Downgrading glibc is not supported and a sure way to destruction" - die "aborting to save your system" - fi - - # Check for broken kernels #262698 - cd "${T}" - printf '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n' > kern-clo-test.c - emake kern-clo-test || die - if ! ./kern-clo-test ; then - eerror "Your patched vendor kernel is broken. You need to get an" - eerror "update from whoever is providing the kernel to you." - eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227" - die "keeping your system alive, say thank you" - fi - fi - - # users have had a chance to phase themselves, time to give em the boot - if [[ -e ${ROOT}/etc/locale.gen ]] && [[ -e ${ROOT}/etc/locales.build ]] ; then - eerror "You still haven't deleted ${ROOT}/etc/locales.build." - eerror "Do so now after making sure ${ROOT}/etc/locale.gen is kosher." - die "lazy upgrader detected" - fi - - if [[ ${CTARGET} == i386-* ]] ; then - eerror "i386 CHOSTs are no longer supported." - eerror "Chances are you don't actually want/need i386." - eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml" - die "please fix your CHOST" - fi - - if [[ -n ${LT_VER} ]] ; then - if use nptlonly && ! use nptl ; then - eerror "If you want nptlonly, add nptl to your USE too ;p" - die "nptlonly without nptl" - fi - fi - - if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then - ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS." - ewarn "This will result in a 50% performance penalty, which is probably not what you want." - fi - - use hardened && ! gcc-specs-pie && \ - ewarn "PIE hardening not applied, as your compiler doesn't default to PIE" - - export LC_ALL=C #252802 -} - -fix_lib64_symlinks() { - # the original Gentoo/AMD64 devs decided that since 64bit is the native - # bitdepth for AMD64, lib should be used for 64bit libraries. however, - # this ignores the FHS and breaks multilib horribly... especially - # since it wont even work without a lib64 symlink anyways. *rolls eyes* - # see bug 59710 for more information. - # Travis Tilley <lv@gentoo.org> (08 Aug 2004) - if [ -L ${ROOT}/lib64 ] ; then - ewarn "removing /lib64 symlink and moving lib to lib64..." - ewarn "dont hit ctrl-c until this is done" - rm ${ROOT}/lib64 - # now that lib64 is gone, nothing will run without calling ld.so - # directly. luckily the window of brokenness is almost non-existant - use amd64 && /lib/ld-linux-x86-64.so.2 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - use ppc64 && /lib/ld64.so.1 /bin/mv ${ROOT}/lib ${ROOT}/lib64 - # all better :) - ldconfig - ln -s lib64 ${ROOT}/lib - einfo "done! :-)" - einfo "fixed broken lib64/lib symlink in ${ROOT}" - fi - if [ -L ${ROOT}/usr/lib64 ] ; then - rm ${ROOT}/usr/lib64 - mv ${ROOT}/usr/lib ${ROOT}/usr/lib64 - ln -s lib64 ${ROOT}/usr/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr" - fi - if [ -L ${ROOT}/usr/X11R6/lib64 ] ; then - rm ${ROOT}/usr/X11R6/lib64 - mv ${ROOT}/usr/X11R6/lib ${ROOT}/usr/X11R6/lib64 - ln -s lib64 ${ROOT}/usr/X11R6/lib - einfo "fixed broken lib64/lib symlink in ${ROOT}/usr/X11R6" - fi -} - -pkg_preinst() { - # nothing to do if just installing headers - just_headers && return - - # PPC64+others may want to eventually be added to this logic if they - # decide to be multilib compatible and FHS compliant. note that this - # chunk of FHS compliance only applies to 64bit archs where 32bit - # compatibility is a major concern (not IA64, for example). - - # amd64's 2005.0 is the first amd64 profile to not need this code. - # 2005.0 is setup properly, and this is executed as part of the - # 2004.3 -> 2005.0 upgrade script. - # It can be removed after 2004.3 has been purged from portage. - { use amd64 || use ppc64; } && [ "$(get_libdir)" == "lib64" ] && ! has_multilib_profile && fix_lib64_symlinks - - # it appears that /lib/tls is sometimes not removed. See bug - # 69258 for more info. - if [[ -d ${ROOT}/$(alt_libdir)/tls ]] && [[ ! -d ${D}/$(alt_libdir)/tls ]] ; then - ewarn "nptlonly or -nptl in USE, removing /${ROOT}$(alt_libdir)/tls..." - rm -r "${ROOT}"/$(alt_libdir)/tls || die - fi - - # simple test to make sure our new glibc isnt completely broken. - # make sure we don't test with statically built binaries since - # they will fail. also, skip if this glibc is a cross compiler. - [[ ${ROOT} != "/" ]] && return 0 - [[ -d ${D}/$(get_libdir) ]] || return 0 - cd / #228809 - local x striptest - for x in date env ls true uname ; do - x=$(type -p ${x}) - [[ -z ${x} ]] && continue - striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) - [[ -z ${striptest} ]] && continue - [[ ${striptest} == *"statically linked"* ]] && continue - "${D}"/$(get_libdir)/ld-*.so \ - --library-path "${D}"/$(get_libdir) \ - ${x} > /dev/null \ - || die "simple run test (${x}) failed" - done -} - -pkg_postinst() { - # nothing to do if just installing headers - just_headers && return - - if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then - # Generate fastloading iconv module configuration file. - "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}" - fi - - if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then - # Reload init ... - /sbin/telinit U - - # if the host locales.gen contains no entries, we'll install everything - local locale_list="${ROOT}etc/locale.gen" - if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then - ewarn "Generating all locales; edit /etc/locale.gen to save time/space" - locale_list="${ROOT}usr/share/i18n/SUPPORTED" - fi - local x jobs - for x in ${MAKEOPTS} ; do [[ ${x} == -j* ]] && jobs=${x#-j} ; done - locale-gen -j ${jobs:-1} --config "${locale_list}" - fi -} diff --git a/sys-libs/glibc/glibc-2.9_p20081201-r4.ebuild b/sys-libs/glibc/glibc-2.9_p20081201-r4.ebuild deleted file mode 100644 index c9a8c5b6..00000000 --- a/sys-libs/glibc/glibc-2.9_p20081201-r4.ebuild +++ /dev/null @@ -1,235 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.9_p20081201-r2.ebuild,v 1.7 2009/04/01 06:17:18 vapier Exp $ - -inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib - -DESCRIPTION="GNU libc6 (also called glibc2) C library" -HOMEPAGE="http://www.gnu.org/software/libc/libc.html" - -LICENSE="LGPL-2" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -RESTRICT="strip" # strip ourself #46186 -EMULTILIB_PKG="true" - -# Configuration variables -if [[ ${PV} == *_p* ]] ; then -RELEASE_VER=${PV%_p*} -BRANCH_UPDATE="" -SNAP_VER=${PV#*_p} -else -RELEASE_VER=${PV} -BRANCH_UPDATE="" -SNAP_VER="" -fi -MANPAGE_VER="" # pregenerated manpages -INFOPAGE_VER="" # pregenerated infopages -PATCH_VER="5" # Gentoo patchset -PORTS_VER=${RELEASE_VER} # version of glibc ports addon -LIBIDN_VER="" # version of libidn addon -LT_VER="" # version of linuxthreads addon -NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"} # min kernel version nptl requires -#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"} # min kernel version linuxthreads requires - -IUSE="debug gd glibc-omitfp hardened multilib nls selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}" -S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER+-${SNAP_VER}} - -# Here's how the cross-compile logic breaks down ... -# CTARGET - machine that will target the binaries -# CHOST - machine that will host the binaries -# CBUILD - machine that will build the binaries -# If CTARGET != CHOST, it means you want a libc for cross-compiling. -# If CHOST != CBUILD, it means you want to cross-compile the libc. -# CBUILD = CHOST = CTARGET - native build/install -# CBUILD != (CHOST = CTARGET) - cross-compile a native build -# (CBUILD = CHOST) != CTARGET - libc for cross-compiler -# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler -# For install paths: -# CHOST = CTARGET - install into / -# CHOST != CTARGET - install into /usr/CTARGET/ - -export CBUILD=${CBUILD:-${CHOST}} -export CTARGET=${CTARGET:-${CHOST}} -if [[ ${CTARGET} == ${CHOST} ]] ; then - if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - export CTARGET=${CATEGORY/cross-} - fi -fi - -[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20} - -is_crosscompile() { - [[ ${CHOST} != ${CTARGET} ]] -} -alt_libdir() { - if is_crosscompile ; then - echo /usr/${CTARGET}/$(get_libdir) - else - echo /$(get_libdir) - fi -} - -if is_crosscompile ; then - SLOT="${CTARGET}-2.2" -else - # Why SLOT 2.2 you ask yourself while sippin your tea ? - # Everyone knows 2.2 > 0, duh. - SLOT="2.2" - PROVIDE="virtual/libc" -fi - -# General: We need a new-enough binutils for as-needed -# arch: we need to make sure our binutils/gcc supports TLS -DEPEND=">=sys-devel/gcc-3.4.4 - arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 ) - ppc? ( >=sys-devel/gcc-4.1.0 ) - ppc64? ( >=sys-devel/gcc-4.1.0 ) - >=sys-devel/binutils-2.15.94 - ${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)} - >=sys-devel/gcc-config-1.3.12 - >=app-misc/pax-utils-0.1.10 - virtual/os-headers - nls? ( sys-devel/gettext ) - >=sys-apps/sandbox-1.2.18.1-r2 - >=sys-apps/portage-2.1.2 - selinux? ( sys-libs/libselinux )" -RDEPEND="nls? ( sys-devel/gettext ) - selinux? ( sys-libs/libselinux )" - -if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then - DEPEND="${DEPEND} ${CATEGORY}/gcc" - [[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers" -else - DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c" - RDEPEND="${RDEPEND} sys-libs/timezone-data" -fi - -SRC_URI=$( - upstream_uris() { - echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1 - } - gentoo_uris() { - local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI" - devspace=${devspace//HTTP/http://dev.gentoo.org/} - echo mirror://gentoo/$1 ${devspace//URI/$1} - } - - TARNAME=${PN} - if [[ -n ${SNAP_VER} ]] ; then - TARNAME="${PN}-${RELEASE_VER}" - [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER} - upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2 - else - upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2 - fi - [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2 - [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2 - [[ -n ${LT_VER} ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2 - [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2 - [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2 - [[ -n ${MANPAGE_VER} ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2 - [[ -n ${INFOPAGE_VER} ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2 -) - -# eblit-include [--skip] <function> [version] -eblit-include() { - local skipable=false - [[ $1 == "--skip" ]] && skipable=true && shift - [[ $1 == pkg_* ]] && skipable=true - - local e v func=$1 ver=$2 - [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]" - for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do - e="${FILESDIR}/eblits/${func}${v}.eblit" - if [[ -e ${e} ]] ; then - source "${e}" - return 0 - fi - done - ${skipable} && return 0 - die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/" -} - -# eblit-run-maybe <function> -# run the specified function if it is defined -eblit-run-maybe() { - [[ $(type -t "$@") == "function" ]] && "$@" -} - -# eblit-run <function> [version] -# aka: src_unpack() { eblit-run src_unpack ; } -eblit-run() { - eblit-include --skip common "${*:2}" - eblit-include "$@" - eblit-run-maybe eblit-$1-pre - eblit-${PN}-$1 - eblit-run-maybe eblit-$1-post -} - -src_unpack() { eblit-run src_unpack ; } -src_compile() { eblit-run src_compile ; } -src_test() { eblit-run src_test ; } -src_install() { eblit-run src_install ; } - -# FILESDIR might not be available during binpkg install -for x in setup {pre,post}inst ; do - e="${FILESDIR}/eblits/pkg_${x}.eblit" - if [[ -e ${e} ]] ; then - . "${e}" - eval "pkg_${x}() { eblit-run pkg_${x} ; }" - fi -done - -eblit-src_unpack-post() { - if use hardened ; then - cd "${S}" - einfo "Patching to get working PIE binaries on PIE (hardened) platforms" - gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch - epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-configure-picdefault.patch - epatch "${FILESDIR}"/2.7/glibc-2.7-hardened-inittls-nosysenter.patch - - einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler" - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \ - debug/stack_chk_fail.c || die - cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-chk_fail.c \ - debug/chk_fail.c || die - - if use debug ; then - # When using Hardened Gentoo stack handler, have smashes dump core for - # analysis - debug only, as core could be an information leak - # (paranoia). - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug stack handler" - sed -i \ - -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \ - debug/Makefile \ - || die "Failed to modify debug/Makefile for debug fortify handler" - fi - - # Build nscd with ssp-all - sed -i \ - -e 's:-fstack-protector$:-fstack-protector-all:' \ - nscd/Makefile \ - || die "Failed to ensure nscd builds with ssp-all" - fi -} - -maint_pkg_create() { - local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}" - cd ${base} - local stamp=$(date +%Y%m%d) - local d - for d in libc ports ; do - #(cd ${d} && cvs up) - case ${d} in - libc) tarball="${P}";; - ports) tarball="${PN}-ports-${PV}";; - esac - rm -f ${tarball}* - ln -sf ${d} ${tarball} - tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma - du -b "${T}"/${tarball}.tar.lzma - done -} |