Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/hardened/toolchain
diff options
context:
space:
mode:
Diffstat (limited to 'hardened/toolchain')
-rw-r--r--hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass9
-rw-r--r--hardened/toolchain/branches/pieworld/eclass/toolchain-funcs.eclass6
-rw-r--r--hardened/toolchain/branches/pieworld/eclass/toolchain.eclass24
-rw-r--r--hardened/toolchain/branches/pieworld/pieworld.README16
-rw-r--r--hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest15
-rw-r--r--hardened/toolchain/branches/pieworld/sys-devel/gcc/files/digest-gcc-4.1.2-r13
-rw-r--r--hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.2-r1.ebuild3
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest8
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5-r1.ebuild20
9 files changed, 45 insertions, 59 deletions
diff --git a/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass b/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
index 670ca84..b1455cf 100644
--- a/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
+++ b/hardened/toolchain/branches/pieworld/eclass/flag-o-matic.eclass
@@ -1,8 +1,8 @@
-# Copyright 1999-2006 Gentoo Foundation
+# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/eclass/flag-o-matic.eclass,v 1.115 2006/12/29 21:30:38 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/eclass/flag-o-matic.eclass,v 1.117 2007/03/04 21:13:17 vapier Exp $
#
-# Maintainer: base-system@gentoo.org
+# Maintainer: toolchain@gentoo.org
# need access to emktemp()
inherit eutils toolchain-funcs multilib
@@ -92,6 +92,7 @@ inherit eutils toolchain-funcs multilib
#
# C[XX]FLAGS that we allow in strip-flags
+# Note: shell globs and character lists are allowed
setup-allowed-flags() {
if [[ -z ${ALLOWED_FLAGS} ]] ; then
export ALLOWED_FLAGS="-pipe"
@@ -99,7 +100,7 @@ setup-allowed-flags() {
export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fstack-protector -fstack-protector-all"
export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fbounds-checking -fno-bounds-checking"
export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fno-PIE -fno-pie -fno-unit-at-a-time"
- export ALLOWED_FLAGS="${ALLOWED_FLAGS} -g -g0 -g1 -g2 -g3 -ggdb -ggdb0 -ggdb1 -ggdb2 -ggdb3"
+ export ALLOWED_FLAGS="${ALLOWED_FLAGS} -g -g[0-9] -ggdb -ggdb[0-9] -gstabs -gstabs+"
export ALLOWED_FLAGS="${ALLOWED_FLAGS} -fno-ident"
fi
# allow a bunch of flags that negate features / control ABI
diff --git a/hardened/toolchain/branches/pieworld/eclass/toolchain-funcs.eclass b/hardened/toolchain/branches/pieworld/eclass/toolchain-funcs.eclass
index be4261f..1cf0178 100644
--- a/hardened/toolchain/branches/pieworld/eclass/toolchain-funcs.eclass
+++ b/hardened/toolchain/branches/pieworld/eclass/toolchain-funcs.eclass
@@ -1,8 +1,8 @@
-# Copyright 1999-2006 Gentoo Foundation
+# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain-funcs.eclass,v 1.66 2007/02/16 00:12:02 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain-funcs.eclass,v 1.67 2007/03/04 21:03:58 vapier Exp $
#
-# Author: Toolchain Ninjas <toolchain@gentoo.org>
+# Maintainer: Toolchain Ninjas <toolchain@gentoo.org>
#
# This eclass contains (or should) functions to get common info
# about the toolchain (libc/compiler/binutils/etc...)
diff --git a/hardened/toolchain/branches/pieworld/eclass/toolchain.eclass b/hardened/toolchain/branches/pieworld/eclass/toolchain.eclass
index 6bb2351..a79851f 100644
--- a/hardened/toolchain/branches/pieworld/eclass/toolchain.eclass
+++ b/hardened/toolchain/branches/pieworld/eclass/toolchain.eclass
@@ -1,6 +1,8 @@
-# Copyright 1999-2006 Gentoo Foundation
+# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain.eclass,v 1.329 2007/02/22 02:09:24 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/eclass/toolchain.eclass,v 1.331 2007/03/10 13:40:51 vapier Exp $
+#
+# Maintainer: Toolchain Ninjas <toolchain@gentoo.org>
HOMEPAGE="http://gcc.gnu.org/"
LICENSE="GPL-2 LGPL-2.1"
@@ -1958,19 +1960,17 @@ gcc_quick_unpack() {
fi
fi
- if [[ -n ${D_VER} ]] ; then
+ if [[ -n ${D_VER} ]] && use d ; then
pushd "${S}"/gcc > /dev/null
unpack gdc-${D_VER}-src.tar.bz2
cd ..
- if use d ; then
- ebegin "Adding support for the D language"
- ./gcc/d/setup-gcc.sh >& "${T}"/dgcc.log
- if ! eend $? ; then
- eerror "The D gcc package failed to apply"
- eerror "Please include this log file when posting a bug report:"
- eerror " ${T}/dgcc.log"
- die "failed to include the D language"
- fi
+ ebegin "Adding support for the D language"
+ ./gcc/d/setup-gcc.sh >& "${T}"/dgcc.log
+ if ! eend $? ; then
+ eerror "The D gcc package failed to apply"
+ eerror "Please include this log file when posting a bug report:"
+ eerror " ${T}/dgcc.log"
+ die "failed to include the D language"
fi
popd > /dev/null
fi
diff --git a/hardened/toolchain/branches/pieworld/pieworld.README b/hardened/toolchain/branches/pieworld/pieworld.README
index e514a69..30efac6 100644
--- a/hardened/toolchain/branches/pieworld/pieworld.README
+++ b/hardened/toolchain/branches/pieworld/pieworld.README
@@ -29,14 +29,14 @@ binaries containing PIE code, although the executable has a fixed location.
Upgrade path
------------
-1) Switch to vanilla compiler (gcc-config)
-2) emerge --oneshot =sys-devel/binutils-2.17
-3) Switch to 2.17 binutils (binutils-config)
-4) USE="-hardened" emerge --oneshot =sys-libs/glibc-2.5
-5) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.22
+1) emerge --oneshot =sys-devel/binutils-2.17
+2) Switch to 2.17 binutils (binutils-config)
+3) Switch to vanilla compiler (gcc-config)
+4) USE="-hardened" emerge --oneshot =sys-libs/glibc-2.5-r1
+5) USE="-hardened" emerge --oneshot =sys-devel/gcc-4.1.2-r1
6) switch to hardened compiler
-7) emerge --oneshot =sys-libs/glibc-2.5
-8) emerge --oneshot =sys-devel/gcc-4.1.2
+7) emerge --oneshot =sys-libs/glibc-2.5-r1
+8) emerge --oneshot =sys-devel/gcc-4.1.2-r1
9) emerge -e world :)
There maybe quicker/shorter ways - but the above should always work. Care has
@@ -217,7 +217,7 @@ Things to work out:
Investigation ongoing...
Turns out it was PAX_UDEREF - which I had failed to switch off even in my 'non-hardened' kernels :/
- This'll be fixed in later kernels (certainly by 2.16.20)
+ This is fixed in hardened-sources-2.6.19-r6
2) Why x86 passes elf/tst-tls{1,2}-static when all other arches fail it
3) What's different about x86_64 that it fails a whole bunch that are ok for other arches
diff --git a/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest b/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
index 66a9078..e3953bd 100644
--- a/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
+++ b/hardened/toolchain/branches/pieworld/sys-devel/gcc/Manifest
@@ -159,6 +159,7 @@ DIST gcc-4.1.1.tar.bz2 39172003 RMD160 0edeac242d900b075a7e36796380492b5b3c8564
DIST gcc-4.1.2-patches-1.0.tar.bz2 42559 RMD160 9c9e3211bf84c151c700d62d0645fb6bb4f98f58 SHA1 f17c7d530e82ff6d723a6af70180c2e376eff6c8 SHA256 1bff9e6fcc9046dcca01ffc967764d4032679e631fef79f27d17e15d54692be6
DIST gcc-4.1.2-uclibc-patches-1.0.tar.bz2 20980 RMD160 22e0f27e863e3b7c8fe0a5e4846daee17a49d409 SHA1 28033f25fd9b80102c2ae533b78ba332d490e21d SHA256 c6ed88711a727ed11847c9b9f1cef7023037bc80c0840eda5fca6d60fa02e35a
DIST gcc-4.1.2.tar.bz2 39707720 RMD160 7c5d78e666ccf4c2b2c3db41e2388f08b6cdf722 SHA1 7981b8d1b58b10ddfd7d5142eab16352d9206f3b SHA256 cfc0efbcc6fcde0d416a32dfb246c9df022515a312683fac412578c4fd09a9bc
+DIST gdc-0.23-src.tar.bz2 1001644 RMD160 a208ea83f8049633ef067a5182320dc821ee96eb SHA1 ca29514902e05f861ab1bfa73d601cfa85b86d84 SHA256 4f642904f93973dc791c93125d1d227cefe0eb47fc39e364d03cda4784c0a38d
EBUILD gcc-3.4.6-r3.ebuild 5024 RMD160 447d015fe832316eec29bbde1963acad73acd4b5 SHA1 9126ed31179145830472e421f256e207ba349bce SHA256 d79ef43bc13a04992776a42de612f1c3c03be628833ac54c832e7c111acfbc69
MD5 9a4b9092452554690d3a48e216f3e35e gcc-3.4.6-r3.ebuild 5024
RMD160 447d015fe832316eec29bbde1963acad73acd4b5 gcc-3.4.6-r3.ebuild 5024
@@ -167,16 +168,16 @@ EBUILD gcc-4.1.1-r3.ebuild 3621 RMD160 6680af1e737c03742241b9e52531d45822a66d49
MD5 beadc390569c05a5d7c0dfe2f73e43e3 gcc-4.1.1-r3.ebuild 3621
RMD160 6680af1e737c03742241b9e52531d45822a66d49 gcc-4.1.1-r3.ebuild 3621
SHA256 aadbf598501f69904bf605c1a1e9c1ad8a57d2a2734093381d04e09d4099f688 gcc-4.1.1-r3.ebuild 3621
-EBUILD gcc-4.1.2-r1.ebuild 3623 RMD160 1568495c9eea77716163f97547300b8ae2700f80 SHA1 75dc8b156089708a96b8393e11aec9ef79d9e77e SHA256 6e6ffdbda4f2f9d4ab59ad57b0b1c1e1874876adac4dbd1977ecb799424fcf2f
-MD5 7041224ff12c7ba36f67a2891d109417 gcc-4.1.2-r1.ebuild 3623
-RMD160 1568495c9eea77716163f97547300b8ae2700f80 gcc-4.1.2-r1.ebuild 3623
-SHA256 6e6ffdbda4f2f9d4ab59ad57b0b1c1e1874876adac4dbd1977ecb799424fcf2f gcc-4.1.2-r1.ebuild 3623
+EBUILD gcc-4.1.2-r1.ebuild 3636 RMD160 c4297eb2d4314ea396bcac891ef7e9c6d7eff1d6 SHA1 7be5618cce173632613e443ca0bc1234322afbc6 SHA256 913d229f3020c4f6142959a3dd671a9e1355d126530124454881f6d7c121a78f
+MD5 43b756c19f8fc9efd0f10c8dfae91a27 gcc-4.1.2-r1.ebuild 3636
+RMD160 c4297eb2d4314ea396bcac891ef7e9c6d7eff1d6 gcc-4.1.2-r1.ebuild 3636
+SHA256 913d229f3020c4f6142959a3dd671a9e1355d126530124454881f6d7c121a78f gcc-4.1.2-r1.ebuild 3636
MD5 f2ae42150d118fee847851b13498c67d files/digest-gcc-3.4.6-r3 1623
RMD160 61cd90be115485be70bc0c6511848949fd86e3ff files/digest-gcc-3.4.6-r3 1623
SHA256 fb9bc05b7f310a0ce63c7538d07315a3432bced82fc26c656e9ec0d843df2468 files/digest-gcc-3.4.6-r3 1623
MD5 3279035e9f313a53c1ba32e561f3a1df files/digest-gcc-4.1.1-r3 1072
RMD160 91219e23ecedf352e4fa56a0a112c4c549ae133c files/digest-gcc-4.1.1-r3 1072
SHA256 b95ab9fdf4c17f090e474ffdfd9f4be7632849c428000e8161e851d061e46757 files/digest-gcc-4.1.1-r3 1072
-MD5 9eff0a0d4b0438703f5d3702dd422bc6 files/digest-gcc-4.1.2-r1 1069
-RMD160 95731b5f30fa2f656cc21201dc33f8d9229156e6 files/digest-gcc-4.1.2-r1 1069
-SHA256 4af940a6a7261b191a778d52eee82dc0aa9eb5b42fa511f95d4e74cf80f534cd files/digest-gcc-4.1.2-r1 1069
+MD5 2bdc8c1fb4306849f458840686a803d4 files/digest-gcc-4.1.2-r1 1313
+RMD160 e69196a6dadfb6a8241bcd5aac43953b0491badc files/digest-gcc-4.1.2-r1 1313
+SHA256 820a110d4aa3813b786b1571b83596d6fa2a63b32ac9025337c9b983ab0eb1b0 files/digest-gcc-4.1.2-r1 1313
diff --git a/hardened/toolchain/branches/pieworld/sys-devel/gcc/files/digest-gcc-4.1.2-r1 b/hardened/toolchain/branches/pieworld/sys-devel/gcc/files/digest-gcc-4.1.2-r1
index 344a2ac..c890489 100644
--- a/hardened/toolchain/branches/pieworld/sys-devel/gcc/files/digest-gcc-4.1.2-r1
+++ b/hardened/toolchain/branches/pieworld/sys-devel/gcc/files/digest-gcc-4.1.2-r1
@@ -10,3 +10,6 @@ SHA256 c6ed88711a727ed11847c9b9f1cef7023037bc80c0840eda5fca6d60fa02e35a gcc-4.1.
MD5 a4a3eb15c96030906d8494959eeda23c gcc-4.1.2.tar.bz2 39707720
RMD160 7c5d78e666ccf4c2b2c3db41e2388f08b6cdf722 gcc-4.1.2.tar.bz2 39707720
SHA256 cfc0efbcc6fcde0d416a32dfb246c9df022515a312683fac412578c4fd09a9bc gcc-4.1.2.tar.bz2 39707720
+MD5 facee49bd9f7b3c586d4ed96e9682ead gdc-0.23-src.tar.bz2 1001644
+RMD160 a208ea83f8049633ef067a5182320dc821ee96eb gdc-0.23-src.tar.bz2 1001644
+SHA256 4f642904f93973dc791c93125d1d227cefe0eb47fc39e364d03cda4784c0a38d gdc-0.23-src.tar.bz2 1001644
diff --git a/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.2-r1.ebuild b/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.2-r1.ebuild
index c067297..73477ef 100644
--- a/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.2-r1.ebuild
+++ b/hardened/toolchain/branches/pieworld/sys-devel/gcc/gcc-4.1.2-r1.ebuild
@@ -1,11 +1,12 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.1.2.ebuild,v 1.1 2007/02/14 11:09:17 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-devel/gcc/gcc-4.1.2.ebuild,v 1.2 2007/03/09 22:13:12 vapier Exp $
PATCH_VER="1.0"
UCLIBC_VER="1.0"
PIE_VER="9.0.7"
PIE_GCC_VER="4.1.1"
+D_VER="0.23"
ETYPE="gcc-compiler"
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
index 20e5c9c..5d6448d 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/Manifest
@@ -35,10 +35,10 @@ DIST glibc-2.5.tar.bz2 15321839 RMD160 25a0a460c0db1e5b7c570e5087461696f2096fd2
DIST glibc-libidn-2.5.tar.bz2 102330 RMD160 e10e85e0ee7cdab2e5518a93978cb688ccabee88 SHA1 ee7e019e01aa338e28db1eeb34abb2cb09d2f30a SHA256 de77e49e0beee6061d4c6e480f322566ba25d4e5e018c456a18ea4a8da5c0ede
DIST glibc-linuxthreads-2.5.tar.bz2 242445 RMD160 788484d035d53ac39aac18f6e3409a912eea1cfa SHA1 eb7765e5c0a14c7475f1c8b92cbe1f625a8fd76f SHA256 ee27aeba6124a8b351c720eb898917f0f8874d9a384cc2f17aa111a3d679bd2c
DIST glibc-ports-2.5.tar.bz2 409372 RMD160 e7e29df135a5f0f72760d10e5ad46de038e40725 SHA1 7da6257e641759ed29c4d316700fce6f604bc812 SHA256 80c38a005325e7539012bd665fb8e06af9ee9bfc74efb236ebff121265bfd463
-EBUILD glibc-2.5-r1.ebuild 40687 RMD160 d362b490fa31d6a5b88ea5e560212c142f837a35 SHA1 7e09b38e071b1743ddc6bad581329fd73a0770f4 SHA256 d36a6269eaa0be2000e7f13730066a2f833446af33351ded268529642b8b4d76
-MD5 960673c487d64542ca473f4861893979 glibc-2.5-r1.ebuild 40687
-RMD160 d362b490fa31d6a5b88ea5e560212c142f837a35 glibc-2.5-r1.ebuild 40687
-SHA256 d36a6269eaa0be2000e7f13730066a2f833446af33351ded268529642b8b4d76 glibc-2.5-r1.ebuild 40687
+EBUILD glibc-2.5-r1.ebuild 39927 RMD160 46506b8d94e7c9134ee738f25414b340936485ec SHA1 114c5afd352128e8add1f63be3c92d5b97f6f056 SHA256 949cf1859506d85fecff8000cf2eb10a739d3a48f66518c949fd2f3e883b5d42
+MD5 d46d28b4b7f80169c482fd932046ccec glibc-2.5-r1.ebuild 39927
+RMD160 46506b8d94e7c9134ee738f25414b340936485ec glibc-2.5-r1.ebuild 39927
+SHA256 949cf1859506d85fecff8000cf2eb10a739d3a48f66518c949fd2f3e883b5d42 glibc-2.5-r1.ebuild 39927
MD5 5b7e320e8b8b1a96ace60aa95385c122 files/digest-glibc-2.5-r1 1286
RMD160 6302561abceb3a88449dfe74bd6f2e373f00dec3 files/digest-glibc-2.5-r1 1286
SHA256 c20b8f42085597085e3589fbfd2dc5351f0c63a5492a55f82b59a1481b2a28f3 files/digest-glibc-2.5-r1 1286
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5-r1.ebuild b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5-r1.ebuild
index 6f8463b..6feb1dc 100644
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5-r1.ebuild
+++ b/hardened/toolchain/branches/pieworld/sys-libs/glibc/glibc-2.5-r1.ebuild
@@ -739,23 +739,6 @@ setup_flags() {
# Don't let the compiler automatically build PIEs unless USE=hardened.
use hardened || filter-flags -fPIE
-
- # When building hardened, define PIC always as many files use libtool-style
- # macro PIC rather than the builtin macro __PIC__ to differentiate.
-#1 if use hardened; then
-#1 mkdir -p ${T}/include
-#1 [[ -f ${T}/include/define-pic.h ]] ||
-#1 cat > ${T}/include/define-pic.h <<-EOF
-#1 #if defined __PIC__ && !defined PIC
-#1 # define PIC
-#1 #endif
-#1 EOF
-#1 append-flags "-I${T}/include -imacrosdefine-pic.h"
-#1 # Note; the glibc build process filters out -I* from CFLAGS -
-#1 # define-pic.h will be moved to the build directory in
-#1 # the configure phase.
-#1 fi
-#2 #use hardened && append-flags -DPIC
}
check_kheader_version() {
@@ -954,9 +937,6 @@ glibc_do_configure() {
local GBUILDDIR=${WORKDIR}/build-${ABI}-${CTARGET}-$1
mkdir -p "${GBUILDDIR}"
cd "${GBUILDDIR}"
-#1 # Copy define-pic.h into the build directory, where glibc's build process
-#1 # will find it.
-#1 use hardened && cp ${T}/include/define-pic.h .
einfo "Configuring GLIBC for $1 with: ${myconf// /\n\t\t}"
"${S}"/configure ${myconf} || die "failed to configure glibc"
}