From ca9627e70852f6b2e835660df870fe3ab405882d Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Sun, 1 Sep 2019 00:00:32 +0200
Subject: Initial import
---
sys-libs/glibc/Manifest | 25 ++
.../glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c | 315 +++++++++++++++++++
.../glibc-2.10-hardened-configure-picdefault.patch | 30 ++
.../glibc-2.10-hardened-inittls-nosysenter.patch | 274 ++++++++++++++++
.../2.10/glibc-2.10-hardened-ssp-compat.patch | 168 ++++++++++
.../glibc/files/2.16/glibc-2.16-hardened-pie.patch | 39 +++
sys-libs/glibc/files/2.16/glibc-rh1183535.patch | 166 ++++++++++
.../files/2.6/glibc-2.6-gentoo-stack_chk_fail.c | 321 +++++++++++++++++++
sys-libs/glibc/files/eblits/common.eblit | 343 +++++++++++++++++++++
sys-libs/glibc/files/eblits/pkg_postinst.eblit | 27 ++
sys-libs/glibc/files/eblits/pkg_preinst.eblit | 69 +++++
sys-libs/glibc/files/eblits/pkg_setup.eblit | 125 ++++++++
sys-libs/glibc/files/eblits/src_compile.eblit | 24 ++
sys-libs/glibc/files/eblits/src_configure.eblit | 252 +++++++++++++++
sys-libs/glibc/files/eblits/src_install.eblit | 244 +++++++++++++++
sys-libs/glibc/files/eblits/src_prepare.eblit | 63 ++++
sys-libs/glibc/files/eblits/src_test.eblit | 30 ++
sys-libs/glibc/files/eblits/src_unpack.eblit | 121 ++++++++
sys-libs/glibc/files/nscd | 64 ++++
sys-libs/glibc/files/nscd.service | 15 +
sys-libs/glibc/files/nscd.tmpfilesd | 4 +
sys-libs/glibc/files/nsswitch.conf | 24 ++
sys-libs/glibc/glibc-2.16.0-r1.ebuild | 228 ++++++++++++++
23 files changed, 2971 insertions(+)
create mode 100644 sys-libs/glibc/Manifest
create mode 100644 sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c
create mode 100644 sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch
create mode 100644 sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
create mode 100644 sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch
create mode 100644 sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch
create mode 100644 sys-libs/glibc/files/2.16/glibc-rh1183535.patch
create mode 100644 sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c
create mode 100644 sys-libs/glibc/files/eblits/common.eblit
create mode 100644 sys-libs/glibc/files/eblits/pkg_postinst.eblit
create mode 100644 sys-libs/glibc/files/eblits/pkg_preinst.eblit
create mode 100644 sys-libs/glibc/files/eblits/pkg_setup.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_compile.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_configure.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_install.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_prepare.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_test.eblit
create mode 100644 sys-libs/glibc/files/eblits/src_unpack.eblit
create mode 100755 sys-libs/glibc/files/nscd
create mode 100644 sys-libs/glibc/files/nscd.service
create mode 100644 sys-libs/glibc/files/nscd.tmpfilesd
create mode 100644 sys-libs/glibc/files/nsswitch.conf
create mode 100644 sys-libs/glibc/glibc-2.16.0-r1.ebuild
(limited to 'sys-libs/glibc')
diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest
new file mode 100644
index 0000000..9ed4f60
--- /dev/null
+++ b/sys-libs/glibc/Manifest
@@ -0,0 +1,25 @@
+AUX 2.10/glibc-2.10-gentoo-chk_fail.c 9407 SHA256 7745c0f5d37b37959b43b41e39762fc35b877161bc5740d9d3e9a83021acbc0e SHA512 d1c51c573353b3b8ae6ab1bcc8c10eda5cad8b98fc7ab4848e4fbd8a8736174f3c3fd1b72dd80c72b1e54be78f1cae4dc1ab8130df25aa6d1495e5cbbaf3b9f6 WHIRLPOOL 32028ddeb422d89c0523fec994413e67c6afd9fcfdaf147d3d6a28bd02f8feabda9571ced4509253b7061a95bb2c16cecf94a4274671b33909ff545b1787f101
+AUX 2.10/glibc-2.10-hardened-configure-picdefault.patch 865 SHA256 b50b29f85d88011555bbcbe6046e6600be9344f2d78412b14aebdea515420774 SHA512 e0a09f77b209a72ab577fe1e62126609fdddedf3fba0eec749c4b506cdf793779b48390f055a3594892120f694291f8340c0b6f51862e94c03fd516897138be7 WHIRLPOOL d1b8e1536696350e0ed9eaf9a923daa7c004ef40ae94c1c3ba3d6cb293f1c19364cefbe8491089061124cbe26a9fded9f3d38d89f1bda56d408162e53702e8d4
+AUX 2.10/glibc-2.10-hardened-inittls-nosysenter.patch 8823 SHA256 dcf78c6524c222dbee907200a8878aff727e29d43a4962b977a16d85752e5c10 SHA512 0605b7964af87d1d6bdccea5c4d1bfe6267d4401b8bbf0c8bb689663e6bb3ef92eebad8be6c23ffdf6632a4d5e6098d8a403c3e84ffb21b5e87b5b1d1ec3512d WHIRLPOOL 635261b547883bbfbe23c802fcf97916dee823b367f96732ccecd7506dff004b87f2d36d97ed398510711330f3a53f039a14e226d20a681cc201a8c7a3450833
+AUX 2.10/glibc-2.10-hardened-ssp-compat.patch 4802 SHA256 bd6f0aa8eace0a935731749e101d5fe30210f9edb65f2f5ccd425cef581ddce4 SHA512 16fc6cbf366c3a0f476f28da8d4e465b1d894f68d33ebdb02de60d6b22bdc6341915d8529952fa4213b11c377302f18a63c462898fe0e4b13f5ec9e3ceda96c7 WHIRLPOOL 059e84269286b285261cc57846b34462524661fef3582396a6b301ee2dd156d2511c88f17f52679e4d5fd96ae0ed6673c8b75a32048e40efa87fad34da6cc066
+AUX 2.16/glibc-2.16-hardened-pie.patch 1570 SHA256 9a8d8a8268605251782b1fba509cda090f39f56edc8a5497c7b4acfc428041f7 SHA512 1dff16b1ce4ba6246336d19fac21ea6e8d5710e138a23603fa6b79896d895834b6d28bb1948c83648120ca1d038805db7dd7138ba3e28e9071254d6320cdc092 WHIRLPOOL f96487ac4bd95a99e9e70204c686c3f19bb8238cfd4a9856b031be58ac23927886f228a8b4add14213e0489a204c51ebbeb8a376311305025116b8ae45fc90c2
+AUX 2.16/glibc-rh1183535.patch 4610 SHA256 877dd39fe70f05972b41992044dd8eeac29e6261396ca11797f7ef36f43b74d9 SHA512 894d9d0b685f540fa955aaf245d0cd12c1c71aeb9f6adc42c67bb741ea6a7e940882c9022bcd9c51f61cef8d4143e1ec385490fcac256b1599adee3500ba717a WHIRLPOOL 1c842c4eb1de21b4f4f3abdb80b827664a5c618eb46950d49de18f6783774aa33780d06d27d2ef0a9911fec01b944b60f898f2f0139710586d311a35922a3204
+AUX 2.6/glibc-2.6-gentoo-stack_chk_fail.c 9545 SHA256 1410ded812be80d452eada5f9d6b9bd7bdb504c14f01cc27dce3e36b6f92b92a SHA512 360b77df2d19d14060e19e763878297bf042eccd5206ce4829a33c78c982b59b46144116d237a7cac73a22dd6cb4987c8dd50f1d16003baa22c2cb2942d2cbdf WHIRLPOOL 44e14dacdd258c46201a44c2c6aae4d975b960a914c24e49f2b39dae960636512049daa052d3cd8e8d93819d263327c28eac947efdb5d9e240d1bc6e9964016f
+AUX eblits/common.eblit 10757 SHA256 215864e0d2cf57239efab1fd903b4410892698651b4d8c7e0a2fbcc09da8a5e6 SHA512 bc08d1cf6ac17dd526bfeb175fcc1079389ee53901e892c39688381bba8bbcc69516ae92becf170f75f816e246e59bbed1aba9d327f1069a2ab7f9c9fb265c2c WHIRLPOOL 276d2d477616427d124b41160c4692af7242dc7fb172c1b5ea8cf65a868f69122193a6ec2a6f842b67aca0c9fd9aacbf9b0f88436f0c5f00434e5f89554351db
+AUX eblits/pkg_postinst.eblit 1081 SHA256 21c349d6999841b277dd00ed6f2bf4b33d14724510da3c15a99e775cb71bd180 SHA512 b491761a0923b779535b4a5abf6e00efb6f2c0bbb68e7fb01b2cad54034b63ddfa271afce16b17b17b53ac809ed869c55f94c44443d661052779770f4302318b WHIRLPOOL 8e3a3f35a4cefa903bc578d2fb6b22506f3ac94939f9ad1e703f470b13ba0fd3353061e38e3142ecb5c693749c84d4a1e4f4a5920e36ce20dc2f7e3b6b67ed9f
+AUX eblits/pkg_preinst.eblit 2608 SHA256 e49f274efe309b4bfed88195d413afa3363f40fb6c2caf50b4ab8ce5ab548864 SHA512 debfe0679d51eff7a154f7772179cf6bfe01beacf63fe101370c172e71b0524da0ceb7b0571e69a8050e5b75953b1d4c8968e1982ff4bc7362caeedde0be595e WHIRLPOOL 7b5c69c319651d860b3495d658b7275308f69504050699aada21ce5ecdd3114c1ea50ee7eac4436ee33738d02a0eb4bc6fff41484ff840aa2400bdd484ae3e93
+AUX eblits/pkg_setup.eblit 3964 SHA256 dee8e88f26fbe8a1dca329a5119e0efe407f6417933ed564f3940c32c8c95fbb SHA512 7951670d99915699f2f02ef91eb78b4a6ebda8190c53bf4724cde36ebf6d9646d200423edc185067d5cc9fae00ae4f388d277e9283bcf503630659d2868c87ef WHIRLPOOL f60784e42e37907d07e64abf62f5fc37a086b4262842ab6c183449fb3bb2d0977478784c449b954e1a89f865796955a7161a680f474ff59939664eaae4842c82
+AUX eblits/src_compile.eblit 712 SHA256 2f7250659b1ea316dd67a0baa229b9248693b55738416e242bcacbd6efec96b2 SHA512 f812075621013eb9db7748e16997f7785e6029f691147ef63c9c5e4c0ec98ca47cad81a9aa135e69dd57296454d158191deced0cb47201343698d9495b8dd34e WHIRLPOOL 0692b14ac23a7f995e68c15fc91643bd72707f4072e319460a31014a91fe789794b10ac155021b48f02b9bea636305408ec56bb161664a21ec7f5ff86ccff7fe
+AUX eblits/src_configure.eblit 7352 SHA256 edf770bfcdf428b3d648da30f253e089abbb6920f0955f7962d932646660f61c SHA512 12cd060ec7b497df7a9e47c5a7c228a610289953e8c401489b3cf26228c0aae7ba95a24ee117b99c85673c8368a436d45619b98b243ebda653a87808ce2ae25b WHIRLPOOL 985962dbe5ed1201d290dc75281ae4facb9053d892664e8f7e371b2eb65fb4ecf5d50714f3f1de1c9ce32e50a3f7fd52a7535491304da49bbcb8988f28d13355
+AUX eblits/src_install.eblit 7927 SHA256 d0c6dc3c96dce898bdef54a3211828526aeb7ed93d39f817ba81c84b4d183926 SHA512 f2f9775e2a6788ac894e917c96179360c4209e3c48f394741a7a977481a34a01e1db2fc474589e24c49d61427bb6e6b88de4d015a9e59868c520d1afe9eeefa3 WHIRLPOOL cb52b17487d58cae8fbb1069c0783de9318841ef510501f9c65ca3f62cae3d2bbbb0a34b2ca1416928604d180e8e944d83e817212883e3bfe727c1626c85f17a
+AUX eblits/src_prepare.eblit 2344 SHA256 7898682539bc85f126e491bc9c9a727cc5d922680f91dd409aec50c068ca93aa SHA512 30d706f26475db2dfe8cfaaa003c3a21988328ba0cc7cdca439d248c968430308d8d0afefa60302315d4c76011e4de51925307ee19d15eba10e24f1ede2b956f WHIRLPOOL 3a5ad0de18649805d97b0d78ea33e52608e7b6694ac567313db9e09da18a0bca9b95a027fe0181b50738b5bfe83ac49254d29b077cef36fb311a9707683261b5
+AUX eblits/src_test.eblit 808 SHA256 8a652acb87e941fe767ddfbe0e0a42e3b5f208f5408606c5d9de22a85b1f8ebe SHA512 b8a37cd8294f5b6d2735d9971e7bc4bde1a7671540d6f76764d06203f5f179c143c487f57c57747c8e72e7a1d89d05928df51331a44f46d4290e9b89449eed63 WHIRLPOOL c33b33b71431f3438fbe350c8c1d3c67d17fdccef61687bc645397635875d09af8b4e2b545a4405429c2b8ee4a012fd753205e4b5ce3bb2f93e4341d34a18eb4
+AUX eblits/src_unpack.eblit 3209 SHA256 82b23ecfe2fc3b7e93545af4b67e2525e1ee3c9f2d4eac3af435cf44e8254da4 SHA512 4f9cb34be2869864c0f814141bf1b6504b4138c3c672dd1fef9c5ad448c6fabab98445551cb364035978898c9e7829168ef702b068b4dadf325cf925c70ab42f WHIRLPOOL bdcf238477e6148dcdb8371eee40cb8ee920e039848e1088923922e615529fea70089fb5f1094630269d3a876c4752f41d0433b2948f5b5283a532938c9858df
+AUX nscd 1621 SHA256 6165db3a2fcb251d4f3655c0461e018ce9c92a37f7f22a8fd2b75178b5435bc8 SHA512 3e1255ab014b3806112120000c3d2189a7c1c69dcd6639d5ce55e96bec721683a22b141982f6a6c6d44b14481c33fbbaa470863bef04e9b9eab7ccad1ddd5d95 WHIRLPOOL b7152f8d888fca13a16ea403c44eadbf1da2249dae3add11f73999259061824460a5479aa7e58c012bd737b62ecc81814109832cee33638279d90d4c08bfdbdc
+AUX nscd.service 337 SHA256 de7bc9946309d34f0ab44aa22a4d3cf259fe91c57e8000d741cb09ecd3a6caa0 SHA512 2001100f3b054843c69b6fd2d38852c7c824282aa8998c25a3c0352db993705429d25c70d8ce6cb3579f836b7089644c520acac423ebd69cb1b36e94a77c5bea WHIRLPOOL f01d191971b0dc45f541c9ebaaa1a40f3497e2cc838cff6a20a7b1828d726c248abbd94322a5a5ff30c33ddb7d9086cd4d2ba3bdc1811fed59ff292ef3983a72
+AUX nscd.tmpfilesd 111 SHA256 f0f64c4612d2097173854d2ec2e94ecbf4b77c7a6e94d950874e37346aa90d72 SHA512 53b80b331e1a85d8ee16eb2ce547a7249e944926c3d1cdd4a47a5301a5c842ffc7ec1e3dc0a731542a8facf8261c1c57121802d01741aa89898a3476c09da340 WHIRLPOOL cf1fed1a7e2ac1623a84f1cfa2062645afe3f791da2f4ace3859d12aa05df0e282b4c2e367a460015956ac2a8d01fee4cda84917a3adf2c38561dff200335270
+AUX nsswitch.conf 503 SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d SHA512 c13714110f3ccc9a2270f51d0da9293ab19b9df368092d19b1a84d5051d888297bd9439a322eca1ea60d6d5e58952797d803a368a295f2db6d5e97e173907373 WHIRLPOOL 0d37755ba5928ff894c355b3fdcf7079f19c1cb7a4f3676634084da89c74d7175823a4659b8c66d8dc1395d086991857162822ddf977dbe8dff9a59bccab821e
+DIST glibc-2.16.0-patches-12.tar.bz2 95047 SHA256 e8fd08ee1af5ba4c2999657ea7ec3a0669c10fcf36151874a22f9d8e20d535ed SHA512 f377043d51e7b1d9d74af2ae1d40543329b9d6d5e07f7f9d84b1db9773f61864dc1f52253a952b2618bfe170f9cae32fdf748919460605bafaea6bc0c1f1befe WHIRLPOOL 69fe1b2a9ca0f2521bb59089cfccb7393c3fdd335498ab397d17dcb441a8ea0c579a35e3f175025d2c348b72d08ce496a0ed6d577bc1e0b5a65eb5fcef88e04c
+DIST glibc-2.16.0.tar.xz 9990512 SHA256 1edc36aa2a6cb7127971fce8e02eecffe9c7956297ad3ef10dd4c09f486d5924 SHA512 be9acc11b77ab3c01d5766fe626a6a51bc3192ac98f9554fbb5c37120cfc6f636c0b7a80beddc180f13b32ad06051d24c1999fa2e64eeb724d55a9498f0f634e WHIRLPOOL 9bfd4358a4488080e12e08deca5fca59c1555853d1c1978b7d1bb3b480eb8fb125dccab38c55644248ae5e18b0167aec85f8a7850bab9e11f980aae6f171eac3
+DIST glibc-ports-2.16.0.tar.xz 925916 SHA256 93a10ac3b9ab70ccc59dfe50a4747d48a7e92f9481656f8a37558a2767ac02f3 SHA512 8653ad9f5cf239a55eb2e236f9510ba227e910168efefd74df8e4951f2e1e4bca69598bc23daa6581e0ba94fe334ac625524fb22f0d38c2a07e373eda1db821b WHIRLPOOL 60b0cb559e28bcab9c6625ccd24a13ecfc301cc055d7e18d1324627912b528ca8cc7c2f999e1e979d2685e407879b1bfffdb61f1536d91fa143cffb7ded72a8a
+EBUILD glibc-2.16.0-r1.ebuild 7575 SHA256 008a3a40a5f486f9ecd5f703bdf80bba3f214700ea0d017b891e23b9bbd8b220 SHA512 f5d7e6d6c1133980358337c1fd4db12f29e8c29d9ad36f8eae126291bd0cf4fa9dd87ed46fa4e3b43c66fd58497db0a5f20ad074b5fcafd2930568e4a072274c WHIRLPOOL 6ee95ffe3f4fc1371e8ca62d8c031dcbd600d55ee7bdec71d98c085869fddd3a55719ea07f636715e92c62996075ba5ddb3185a2dd1eccd27cb7673f61611cc3
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c
new file mode 100644
index 0000000..37711e8
--- /dev/null
+++ b/sys-libs/glibc/files/2.10/glibc-2.10-gentoo-chk_fail.c
@@ -0,0 +1,315 @@
+/* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+/* Copyright (C) 2006-2008 Gentoo Foundation Inc.
+ * License terms as above.
+ *
+ * Hardened Gentoo SSP and FORTIFY handler
+ *
+ * An SSP failure handler that does not use functions from the rest of
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures
+ * no possibility of recursion into the handler.
+ *
+ * Direct all bug reports to http://bugs.gentoo.org/
+ *
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org>
+ *
+ * The following people contributed to the glibc-2.3 Hardened
+ * Gentoo SSP and FORTIFY handler, from which this implementation draws much:
+ *
+ * Ned Ludd - <solar[@]gentoo.org>
+ * Alexander Gabert - <pappy[@]gentoo.org>
+ * The PaX Team - <pageexec[@]freemail.hu>
+ * Peter S. Mazinger - <ps.m[@]gmx.net>
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+ * Robert Connolly - <robert[@]linuxfromscratch.org>
+ * Cory Visi <cory[@]visi.name>
+ * Mike Frysinger <vapier[@]gentoo.org>
+ * Magnus Granberg <zorry[@]ume.nu>
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <signal.h>
+
+#include <sys/types.h>
+
+#include <sysdep-cancel.h>
+#include <sys/syscall.h>
+#include <bp-checks.h>
+
+#include <kernel-features.h>
+
+#include <alloca.h>
+/* from sysdeps */
+#include <socketcall.h>
+/* for the stuff in bits/socket.h */
+#include <sys/socket.h>
+#include <sys/un.h>
+
+/* Sanity check on SYSCALL macro names - force compilation
+ * failure if the names used here do not exist
+ */
+#if !defined __NR_socketcall && !defined __NR_socket
+# error Cannot do syscall socket or socketcall
+#endif
+#if !defined __NR_socketcall && !defined __NR_connect
+# error Cannot do syscall connect or socketcall
+#endif
+#ifndef __NR_write
+# error Cannot do syscall write
+#endif
+#ifndef __NR_close
+# error Cannot do syscall close
+#endif
+#ifndef __NR_getpid
+# error Cannot do syscall getpid
+#endif
+#ifndef __NR_kill
+# error Cannot do syscall kill
+#endif
+#ifndef __NR_exit
+# error Cannot do syscall exit
+#endif
+#ifdef SSP_SMASH_DUMPS_CORE
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1
+# if !defined _KERNEL_NSIG && !defined _NSIG
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction
+# endif
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction
+# error Cannot do syscall sigaction or rt_sigaction
+# endif
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t.
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
+ * some reason.
+ */
+# ifdef _KERNEL_NSIG
+# define _SSP_NSIG _KERNEL_NSIG
+# else
+# define _SSP_NSIG _NSIG
+# endif
+#else
+# define _SSP_NSIG 0
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0
+#endif
+
+/* Define DO_SIGACTION - default to newer rt signal interface but
+ * fallback to old as needed.
+ */
+#ifdef __NR_rt_sigaction
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8)
+#else
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact)
+#endif
+
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */
+#if defined(__NR_socket) && defined(__NR_connect)
+# define USE_OLD_SOCKETCALL 0
+#else
+# define USE_OLD_SOCKETCALL 1
+#endif
+
+/* stub out the __NR_'s so we can let gcc optimize away dead code */
+#ifndef __NR_socketcall
+# define __NR_socketcall 0
+#endif
+#ifndef __NR_socket
+# define __NR_socket 0
+#endif
+#ifndef __NR_connect
+# define __NR_connect 0
+#endif
+#define DO_SOCKET(result, domain, type, protocol) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = domain; \
+ socketargs[1] = type; \
+ socketargs[2] = protocol; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \
+ } while (0)
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = sockfd; \
+ socketargs[1] = (unsigned long int)serv_addr; \
+ socketargs[2] = addrlen; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \
+ } while (0)
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+static const char path_log[] = _PATH_LOG;
+
+/* For building glibc with SSP switched on, define __progname to a
+ * constant if building for the run-time loader, to avoid pulling
+ * in more of libc.so into ld.so
+ */
+#ifdef IS_IN_rtld
+static char *__progname = "<rtld>";
+#else
+extern char *__progname;
+#endif
+
+/* Common handler code, used by chk_fail
+ * Inlined to ensure no self-references to the handler within itself.
+ * Data static to avoid putting more than necessary on the stack,
+ * to aid core debugging.
+ */
+__attribute__ ((__noreturn__ , __always_inline__))
+static inline void
+__hardened_gentoo_chk_fail(char func[], int damaged)
+{
+#define MESSAGE_BUFSIZ 256
+ static pid_t pid;
+ static int plen, i;
+ static char message[MESSAGE_BUFSIZ];
+ static const char msg_ssa[] = ": buffer overflow attack";
+ static const char msg_inf[] = " in function ";
+ static const char msg_ssd[] = "*** buffer overflow detected ***: ";
+ static const char msg_terminated[] = " - terminated\n";
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n";
+ static const char msg_unknown[] = "<unknown>";
+ static int log_socket, connect_result;
+ static struct sockaddr_un sock;
+ static unsigned long int socketargs[4];
+
+ /* Build socket address
+ */
+ sock.sun_family = AF_UNIX;
+ i = 0;
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) {
+ sock.sun_path[i] = path_log[i];
+ i++;
+ }
+ sock.sun_path[i] = '\0';
+
+ /* Try SOCK_DGRAM connection to syslog */
+ connect_result = -1;
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ if (connect_result == -1) {
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+ /* Try SOCK_STREAM connection to syslog */
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ }
+
+ /* Build message. Messages are generated both in the old style and new style,
+ * so that log watchers that are configured for the old-style message continue
+ * to work.
+ */
+#define strconcat(str) \
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \
+ {\
+ message[plen+i]=str[i];\
+ i++;\
+ }\
+ plen+=i;}
+
+ /* R.Henderson post-gcc-4 style message */
+ plen = 0;
+ strconcat(msg_ssd);
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Dr. Etoh pre-gcc-4 style message */
+ plen = 0;
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_ssa);
+ strconcat(msg_inf);
+ if (func != NULL)
+ strconcat(func)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Direct reports to bugs.gentoo.org */
+ plen=0;
+ strconcat(msg_report);
+ message[plen++]='\0';
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+
+ /* Suicide */
+ pid = INLINE_SYSCALL(getpid, 0);
+
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) {
+ static struct sigaction default_abort_act;
+ /* Remove any user-supplied handler for SIGABRT, before using it */
+ default_abort_act.sa_handler = SIG_DFL;
+ default_abort_act.sa_sigaction = NULL;
+ __sigfillset(&default_abort_act.sa_mask);
+ default_abort_act.sa_flags = 0;
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0)
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+ }
+
+ /* Note; actions cannot be added to SIGKILL */
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL);
+
+ /* In case the kill didn't work, exit anyway
+ * The loop prevents gcc thinking this routine returns
+ */
+ while (1)
+ INLINE_SYSCALL(exit, 0);
+}
+
+__attribute__ ((__noreturn__))
+void __chk_fail(void)
+{
+ __hardened_gentoo_chk_fail(NULL, 0);
+}
+
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch
new file mode 100644
index 0000000..e75ccc7
--- /dev/null
+++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch
@@ -0,0 +1,30 @@
+Prevent default-fPIE from confusing configure into thinking
+PIC code is default. This causes glibc to build both PIC and
+non-PIC code as normal, which on the hardened compiler generates
+PIC and PIE.
+
+Patch by Kevin F. Quinn <kevquinn@gentoo.org>
+Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu>
+
+--- configure.in
++++ configure.in
+@@ -2145,7 +2145,7 @@
+ # error PIC is default.
+ #endif
+ EOF
+-if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
+ libc_cv_pic_default=no
+ fi
+ rm -f conftest.*])
+--- configure
++++ configure
+@@ -7698,7 +7698,7 @@
+ # error PIC is default.
+ #endif
+ EOF
+-if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then
++if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then
+ libc_cv_pic_default=no
+ fi
+ rm -f conftest.*
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
new file mode 100644
index 0000000..cb6d8e3
--- /dev/null
+++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
@@ -0,0 +1,274 @@
+When building glibc PIE (which is not something upstream support),
+several modifications are necessary to the glibc build process.
+
+First, any syscalls in PIEs must be of the PIC variant, otherwise
+textrels ensue. Then, any syscalls made before the initialisation
+of the TLS will fail on i386, as the sysenter variant on i386 uses
+the TLS, giving rise to a chicken-and-egg situation. This patch
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter
+version is normally used, and uses the non-sysenter version for the brk
+syscall that is performed by the TLS initialisation. Further, the TLS
+initialisation is moved in this case prior to the initialisation of
+dl_osversion, as that requires further syscalls.
+
+csu/libc-start.c: Move initial TLS initialization to before the
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined
+
+csu/libc-tls.c: Use the no-sysenter version of sbrk when
+INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+misc/brk.c: Define a no-sysenter version of brk if
+INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED.
+
+Patch by Kevin F. Quinn <kevquinn@gentoo.org>
+Fixed for 2.10 by Magnus Granberg <zorry@ume.nu>
+
+--- csu/libc-start.c
++++ csu/libc-start.c
+@@ -28,6 +28,7 @@
+ extern int __libc_multiple_libcs;
+
+ #include <tls.h>
++#include <sysdep.h>
+ #ifndef SHARED
+ # include <dl-osinfo.h>
+ extern void __pthread_initialize_minimal (void);
+@@ -129,6 +130,11 @@
+ # endif
+ _dl_aux_init (auxvec);
+ # endif
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ /* Do the initial TLS initialization before _dl_osversion,
++ since the latter uses the uname syscall. */
++ __pthread_initialize_minimal ();
++# endif
+ # ifdef DL_SYSDEP_OSCHECK
+ if (!__libc_multiple_libcs)
+ {
+@@ -138,10 +144,12 @@
+ }
+ # endif
+
++# ifndef INTERNAL_SYSCALL_NOSYSENTER
+ /* Initialize the thread library at least a bit since the libgcc
+ functions are using thread functions if these are available and
+ we need to setup errno. */
+ __pthread_initialize_minimal ();
++# endif
+
+ /* Set up the stack checker's canary. */
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
+--- csu/libc-tls.c
++++ csu/libc-tls.c
+@@ -23,6 +23,7 @@
+ #include <unistd.h>
+ #include <stdio.h>
+ #include <sys/param.h>
++#include <sysdep.h>
+
+
+ #ifdef SHARED
+@@ -29,6 +30,9 @@
+ #error makefile bug, this file is for static only
+ #endif
+
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++extern void *__sbrk_nosysenter (intptr_t __delta);
++#endif
+ extern ElfW(Phdr) *_dl_phdr;
+ extern size_t _dl_phnum;
+
+@@ -141,14 +145,26 @@
+
+ The initialized value of _dl_tls_static_size is provided by dl-open.c
+ to request some surplus that permits dynamic loading of modules with
+- IE-model TLS. */
++ IE-model TLS.
++
++ Where the normal sbrk would use a syscall that needs the TLS (i386)
++ use the special non-sysenter version instead. */
+ #if TLS_TCB_AT_TP
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign);
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align);
++# else
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align);
++# endif
+ #elif TLS_DTV_AT_TP
+ tcb_offset = roundup (tcbsize, align ?: 1);
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
++# else
+ tlsblock = __sbrk (tcb_offset + memsz + max_align
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
++# endif
+ tlsblock += TLS_PRE_TCB_SIZE;
+ #else
+ /* In case a model with a different layout for the TCB and DTV
+--- misc/sbrk.c
++++ misc/sbrk.c
+@@ -18,6 +18,7 @@
+ #include <errno.h>
+ #include <stdint.h>
+ #include <unistd.h>
++#include <sysdep.h>
+
+ /* Defined in brk.c. */
+ extern void *__curbrk;
+@@ -29,6 +30,35 @@
+ /* Extend the process's data space by INCREMENT.
+ If INCREMENT is negative, shrink data space by - INCREMENT.
+ Return start of new space allocated, or -1 for errors. */
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++/* This version is used by csu/libc-tls.c whem initialising the TLS
++ if the SYSENTER version requires the TLS (which it does on i386).
++ Obviously using the TLS before it is initialised is broken. */
++extern int __brk_nosysenter (void *addr);
++void *
++__sbrk_nosysenter (intptr_t increment)
++{
++ void *oldbrk;
++
++ /* If this is not part of the dynamic library or the library is used
++ via dynamic loading in a statically linked program update
++ __curbrk from the kernel's brk value. That way two separate
++ instances of __brk and __sbrk can share the heap, returning
++ interleaved pieces of it. */
++ if (__curbrk == NULL || __libc_multiple_libcs)
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */
++ return (void *) -1;
++
++ if (increment == 0)
++ return __curbrk;
++
++ oldbrk = __curbrk;
++ if (__brk_nosysenter (oldbrk + increment) < 0)
++ return (void *) -1;
++
++ return oldbrk;
++}
++#endif
+ void *
+ __sbrk (intptr_t increment)
+ {
+--- sysdeps/unix/sysv/linux/i386/brk.c
++++ sysdeps/unix/sysv/linux/i386/brk.c
+@@ -31,6 +31,30 @@
+ linker. */
+ weak_alias (__curbrk, ___brk_addr)
+
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++/* This version is used by csu/libc-tls.c whem initialising the TLS
++ * if the SYSENTER version requires the TLS (which it does on i386).
++ * Obviously using the TLS before it is initialised is broken. */
++int
++__brk_nosysenter (void *addr)
++{
++ void *__unbounded newbrk;
++
++ INTERNAL_SYSCALL_DECL (err);
++ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1,
++ __ptrvalue (addr));
++
++ __curbrk = newbrk;
++
++ if (newbrk < addr)
++ {
++ __set_errno (ENOMEM);
++ return -1;
++ }
++
++ return 0;
++}
++#endif
+ int
+ __brk (void *addr)
+ {
+--- sysdeps/unix/sysv/linux/i386/sysdep.h
++++ sysdeps/unix/sysv/linux/i386/sysdep.h
+@@ -187,7 +187,7 @@
+ /* The original calling convention for system calls on Linux/i386 is
+ to use int $0x80. */
+ #ifdef I386_USE_SYSENTER
+-# ifdef SHARED
++# if defined SHARED || defined __PIC__
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET
+ # else
+ # define ENTER_KERNEL call *_dl_sysinfo
+@@ -358,7 +358,7 @@
+ possible to use more than four parameters. */
+ #undef INTERNAL_SYSCALL
+ #ifdef I386_USE_SYSENTER
+-# ifdef SHARED
++# if defined SHARED || defined __PIC__
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \
+ ({ \
+ register unsigned int resultvar; \
+@@ -384,6 +384,18 @@
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \
+ ASMFMT_##nr(args) : "memory", "cc"); \
+ (int) resultvar; })
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \
++ ({ \
++ register unsigned int resultvar; \
++ EXTRAVAR_##nr \
++ asm volatile ( \
++ LOADARGS_NOSYSENTER_##nr \
++ "movl %1, %%eax\n\t" \
++ "int $0x80\n\t" \
++ RESTOREARGS_NOSYSENTER_##nr \
++ : "=a" (resultvar) \
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \
++ (int) resultvar; })
+ # else
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \
+ ({ \
+@@ -447,12 +459,20 @@
+
+ #define LOADARGS_0
+ #ifdef __PIC__
+-# if defined I386_USE_SYSENTER && defined SHARED
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
+ # define LOADARGS_1 \
+ "bpushl .L__X'%k3, %k3\n\t"
+ # define LOADARGS_5 \
+ "movl %%ebx, %4\n\t" \
+ "movl %3, %%ebx\n\t"
++# define LOADARGS_NOSYSENTER_1 \
++ "bpushl .L__X'%k2, %k2\n\t"
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3
++# define LOADARGS_NOSYSENTER_5 \
++ "movl %%ebx, %3\n\t" \
++ "movl %2, %%ebx\n\t"
+ # else
+ # define LOADARGS_1 \
+ "bpushl .L__X'%k2, %k2\n\t"
+@@ -474,11 +495,18 @@
+
+ #define RESTOREARGS_0
+ #ifdef __PIC__
+-# if defined I386_USE_SYSENTER && defined SHARED
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
+ # define RESTOREARGS_1 \
+ "bpopl .L__X'%k3, %k3\n\t"
+ # define RESTOREARGS_5 \
+ "movl %4, %%ebx"
++# define RESTOREARGS_NOSYSENTER_1 \
++ "bpopl .L__X'%k2, %k2\n\t"
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3
++# define RESTOREARGS_NOSYSENTER_5 \
++ "movl %3, %%ebx"
+ # else
+ # define RESTOREARGS_1 \
+ "bpopl .L__X'%k2, %k2\n\t"
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch
new file mode 100644
index 0000000..a1c9eef
--- /dev/null
+++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch
@@ -0,0 +1,168 @@
+Add backwards compat support for gcc-3.x ssp ... older ssp versions
+used __guard and __stack_smash_handler symbols while gcc-4.1 and newer
+uses __stack_chk_guard and __stack_chk_fail.
+
+--- config.h.in
++++ config.h.in
+@@ -42,6 +42,9 @@
+ assembler instructions per line. Default is `;' */
+ #undef ASM_LINE_SEP
+
++/* Define if we want to enable support for old ssp symbols */
++#undef ENABLE_OLD_SSP_COMPAT
++
+ /* Define if not using ELF, but `.init' and `.fini' sections are available. */
+ #undef HAVE_INITFINI
+
+--- configure
++++ configure
+@@ -1378,6 +1378,9 @@ Optional Features:
+ --enable-kernel=VERSION compile for compatibility with kernel not older than
+ VERSION
+ --enable-all-warnings enable all useful warnings gcc can issue
++ --disable-old-ssp-compat
++ enable support for older ssp symbols
++ [default=no]
+ --enable-multi-arch enable single DSO with optimizations for multiple
+ architectures
+ --enable-experimental-malloc
+@@ -6462,6 +6465,20 @@ fi
+ $as_echo "$libc_cv_ssp" >&6; }
+
+
++# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given.
++if test "${enable_old_ssp_compat+set}" = set; then
++ enableval="$enable_old_ssp_compat"
++ enable_old_ssp_compat=$enableval
++else
++ enable_old_ssp_compat=no
++fi;
++if test "x$enable_old_ssp_compat" = "xyes"; then
++ cat >>confdefs.h <<\_ACEOF
++#define ENABLE_OLD_SSP_COMPAT 1
++_ACEOF
++
++fi
++
+ { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5
+ $as_echo_n "checking for -fgnu89-inline... " >&6; }
+ if test "${libc_cv_gnu89_inline+set}" = set; then
+--- configure.in
++++ configure.in
+@@ -1641,6 +1641,15 @@ fi
+ rm -f conftest*])
+ AC_SUBST(libc_cv_ssp)
+
++AC_ARG_ENABLE([old-ssp-compat],
++ AC_HELP_STRING([--enable-old-ssp-compat],
++ [enable support for older ssp symbols @<:@default=no@:>@]),
++ [enable_old_ssp_compat=$enableval],
++ [enable_old_ssp_compat=no])
++if test "x$enable_old_ssp_compat" = "xyes"; then
++ AC_DEFINE(ENABLE_OLD_SSP_COMPAT)
++fi
++
+ AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl
+ cat > conftest.c <<EOF
+ int foo;
+--- csu/libc-start.c
++++ csu/libc-start.c
+@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal
+ uintptr_t __stack_chk_guard attribute_relro;
+ # endif
+ #endif
++#ifdef ENABLE_OLD_SSP_COMPAT
++uintptr_t __guard attribute_relro;
++#endif
+
+ #ifdef HAVE_PTR_NTHREADS
+ /* We need atomic operations. */
+@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char
+
+ /* Set up the stack checker's canary. */
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
++#ifdef ENABLE_OLD_SSP_COMPAT
++ __guard = stack_chk_guard;
++#endif
+ # ifdef THREAD_SET_STACK_GUARD
+ THREAD_SET_STACK_GUARD (stack_chk_guard);
+ # else
+--- csu/Versions
++++ csu/Versions
+@@ -17,6 +17,12 @@ libc {
+ # New special glibc functions.
+ gnu_get_libc_release; gnu_get_libc_version;
+ }
++ GLIBC_2.3.2 {
++%ifdef ENABLE_OLD_SSP_COMPAT
++ # global objects and functions for the old propolice patch in gcc
++ __guard;
++%endif
++ }
+ GLIBC_PRIVATE {
+ %if HAVE___THREAD
+ # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol.
+--- debug/Versions
++++ debug/Versions
+@@ -10,6 +10,12 @@ libc {
+ # These are to support some gcc features.
+ __cyg_profile_func_enter; __cyg_profile_func_exit;
+ }
++%ifdef ENABLE_OLD_SSP_COMPAT
++ GLIBC_2.3.2 {
++ # backwards ssp compat support; alias to __stack_chk_fail
++ __stack_smash_handler;
++ }
++%endif
+ GLIBC_2.3.4 {
+ __chk_fail;
+ __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk;
+--- elf/rtld.c
++++ elf/rtld.c
+@@ -89,6 +89,9 @@ INTDEF(_dl_argv)
+ in thread local area. */
+ uintptr_t __stack_chk_guard attribute_relro;
+ #endif
++#ifdef ENABLE_OLD_SSP_COMPAT
++uintptr_t __guard attribute_relro;
++#endif
+
+ /* Only exported for architectures that don't store the pointer guard
+ value in thread local area. */
+@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load
+
+ /* Set up the stack checker's canary. */
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
++#ifdef ENABLE_OLD_SSP_COMPAT
++ __guard = stack_chk_guard;
++#endif
+ #ifdef THREAD_SET_STACK_GUARD
+ THREAD_SET_STACK_GUARD (stack_chk_guard);
+ #else
+--- elf/Versions
++++ elf/Versions
+@@ -43,6 +43,12 @@ ld {
+ # runtime interface to TLS
+ __tls_get_addr;
+ }
++%ifdef ENABLE_OLD_SSP_COMPAT
++ GLIBC_2.3.2 {
++ # backwards ssp compat support
++ __guard;
++ }
++%endif
+ GLIBC_2.4 {
+ # stack canary
+ __stack_chk_guard;
+--- Versions.def
++++ Versions.def
+@@ -109,6 +109,9 @@ ld {
+ GLIBC_2.0
+ GLIBC_2.1
+ GLIBC_2.3
++%ifdef ENABLE_OLD_SSP_COMPAT
++ GLIBC_2.3.2
++%endif
+ GLIBC_2.4
+ GLIBC_PRIVATE
+ }
diff --git a/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch
new file mode 100644
index 0000000..a850a61
--- /dev/null
+++ b/sys-libs/glibc/files/2.16/glibc-2.16-hardened-pie.patch
@@ -0,0 +1,39 @@
+2012-11-11 Magnus Granberg <zorry@gentoo.org>
+
+ #442712
+ * Makeconfig (+link): Set to +link-pie.
+ (+link-static-before-libc): Change $(static-start-installed-name) to
+ S$(static-start-installed-name).
+ (+prector): Set to +prectorS.
+ (+postctor): Set to +postctorS.
+
+--- libc/Makeconfig
++++ libc/Makeconfig
+@@ -447,11 +447,12 @@
+ $(common-objpfx)libc% $(+postinit),$^) \
+ $(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit)
+ endif
+++link = $(+link-pie)
+ # Command for statically linking programs with the C library.
+ ifndef +link-static
+ +link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \
+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
+- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \
++ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \
+ $(+preinit) $(+prector) \
+ $(filter-out $(addprefix $(csu-objpfx),start.o \
+ $(start-installed-name))\
+@@ -549,11 +550,10 @@
+ ifeq ($(elf),yes)
+ +preinit = $(addprefix $(csu-objpfx),crti.o)
+ +postinit = $(addprefix $(csu-objpfx),crtn.o)
+-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o`
+-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
+-# Variants of the two previous definitions for linking PIE programs.
+ +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o`
+ +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o`
+++prector = $(+prectorS)
+++postctor = $(+postctorS)
+ +interp = $(addprefix $(elf-objpfx),interp.os)
+ endif
+ csu-objpfx = $(common-objpfx)csu/
diff --git a/sys-libs/glibc/files/2.16/glibc-rh1183535.patch b/sys-libs/glibc/files/2.16/glibc-rh1183535.patch
new file mode 100644
index 0000000..2cd5b1b
--- /dev/null
+++ b/sys-libs/glibc/files/2.16/glibc-rh1183535.patch
@@ -0,0 +1,166 @@
+commit d5dd6189d506068ed11c8bfa1e1e9bffde04decd
+Author: Andreas Schwab <schwab@suse.de>
+Date: Mon Jan 21 17:41:28 2013 +0100
+
+ Fix parsing of numeric hosts in gethostbyname_r
+
+diff --git a/nss/digits_dots.c b/nss/digits_dots.c
+index 2b86295..e007ef4 100644
+--- a/nss/digits_dots.c
++++ b/nss/digits_dots.c
+@@ -46,7 +46,10 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ {
+ if (h_errnop)
+ *h_errnop = NETDB_INTERNAL;
+- *result = NULL;
++ if (buffer_size == NULL)
++ *status = NSS_STATUS_TRYAGAIN;
++ else
++ *result = NULL;
+ return -1;
+ }
+
+@@ -83,14 +86,16 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ }
+
+ size_needed = (sizeof (*host_addr)
+- + sizeof (*h_addr_ptrs) + strlen (name) + 1);
++ + sizeof (*h_addr_ptrs)
++ + sizeof (*h_alias_ptr) + strlen (name) + 1);
+
+ if (buffer_size == NULL)
+ {
+ if (buflen < size_needed)
+ {
++ *status = NSS_STATUS_TRYAGAIN;
+ if (h_errnop != NULL)
+- *h_errnop = TRY_AGAIN;
++ *h_errnop = NETDB_INTERNAL;
+ __set_errno (ERANGE);
+ goto done;
+ }
+@@ -109,7 +114,7 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ *buffer_size = 0;
+ __set_errno (save);
+ if (h_errnop != NULL)
+- *h_errnop = TRY_AGAIN;
++ *h_errnop = NETDB_INTERNAL;
+ *result = NULL;
+ goto done;
+ }
+@@ -149,7 +154,9 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ if (! ok)
+ {
+ *h_errnop = HOST_NOT_FOUND;
+- if (buffer_size)
++ if (buffer_size == NULL)
++ *status = NSS_STATUS_NOTFOUND;
++ else
+ *result = NULL;
+ goto done;
+ }
+@@ -190,7 +197,7 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ if (buffer_size == NULL)
+ *status = NSS_STATUS_SUCCESS;
+ else
+- *result = resbuf;
++ *result = resbuf;
+ goto done;
+ }
+
+@@ -201,15 +208,6 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+
+ if ((isxdigit (name[0]) && strchr (name, ':') != NULL) || name[0] == ':')
+ {
+- const char *cp;
+- char *hostname;
+- typedef unsigned char host_addr_t[16];
+- host_addr_t *host_addr;
+- typedef char *host_addr_list_t[2];
+- host_addr_list_t *h_addr_ptrs;
+- size_t size_needed;
+- int addr_size;
+-
+ switch (af)
+ {
+ default:
+@@ -225,7 +223,10 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ /* This is not possible. We cannot represent an IPv6 address
+ in an `struct in_addr' variable. */
+ *h_errnop = HOST_NOT_FOUND;
+- *result = NULL;
++ if (buffer_size == NULL)
++ *status = NSS_STATUS_NOTFOUND;
++ else
++ *result = NULL;
+ goto done;
+
+ case AF_INET6:
+@@ -233,42 +234,6 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ break;
+ }
+
+- size_needed = (sizeof (*host_addr)
+- + sizeof (*h_addr_ptrs) + strlen (name) + 1);
+-
+- if (buffer_size == NULL && buflen < size_needed)
+- {
+- if (h_errnop != NULL)
+- *h_errnop = TRY_AGAIN;
+- __set_errno (ERANGE);
+- goto done;
+- }
+- else if (buffer_size != NULL && *buffer_size < size_needed)
+- {
+- char *new_buf;
+- *buffer_size = size_needed;
+- new_buf = realloc (*buffer, *buffer_size);
+-
+- if (new_buf == NULL)
+- {
+- save = errno;
+- free (*buffer);
+- __set_errno (save);
+- *buffer = NULL;
+- *buffer_size = 0;
+- *result = NULL;
+- goto done;
+- }
+- *buffer = new_buf;
+- }
+-
+- memset (*buffer, '\0', size_needed);
+-
+- host_addr = (host_addr_t *) *buffer;
+- h_addr_ptrs = (host_addr_list_t *)
+- ((char *) host_addr + sizeof (*host_addr));
+- hostname = (char *) h_addr_ptrs + sizeof (*h_addr_ptrs);
+-
+ for (cp = name;; ++cp)
+ {
+ if (!*cp)
+@@ -281,7 +246,9 @@ __nss_hostname_digits_dots (const char *name, struct hostent *resbuf,
+ if (inet_pton (AF_INET6, name, host_addr) <= 0)
+ {
+ *h_errnop = HOST_NOT_FOUND;
+- if (buffer_size)
++ if (buffer_size == NULL)
++ *status = NSS_STATUS_NOTFOUND;
++ else
+ *result = NULL;
+ goto done;
+ }
+diff --git a/nss/getXXbyYY_r.c b/nss/getXXbyYY_r.c
+index 1067744..44d00f4 100644
+--- a/nss/getXXbyYY_r.c
++++ b/nss/getXXbyYY_r.c
+@@ -179,6 +179,9 @@ INTERNAL (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer,
+ case -1:
+ return errno;
+ case 1:
++#ifdef NEED_H_ERRNO
++ any_service = true;
++#endif
+ goto done;
+ }
+ #endif
diff --git a/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c
new file mode 100644
index 0000000..217bf1a
--- /dev/null
+++ b/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c
@@ -0,0 +1,321 @@
+/* Copyright (C) 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+/* Copyright (C) 2006-2007 Gentoo Foundation Inc.
+ * License terms as above.
+ *
+ * Hardened Gentoo SSP handler
+ *
+ * An SSP failure handler that does not use functions from the rest of
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures
+ * no possibility of recursion into the handler.
+ *
+ * Direct all bug reports to http://bugs.gentoo.org/
+ *
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org>
+ *
+ * The following people contributed to the glibc-2.3 Hardened
+ * Gentoo SSP handler, from which this implementation draws much:
+ *
+ * Ned Ludd - <solar[@]gentoo.org>
+ * Alexander Gabert - <pappy[@]gentoo.org>
+ * The PaX Team - <pageexec[@]freemail.hu>
+ * Peter S. Mazinger - <ps.m[@]gmx.net>
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+ * Robert Connolly - <robert[@]linuxfromscratch.org>
+ * Cory Visi <cory[@]visi.name>
+ * Mike Frysinger <vapier[@]gentoo.org>
+ */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <signal.h>
+
+#include <sys/types.h>
+
+#include <sysdep-cancel.h>
+#include <sys/syscall.h>
+#include <bp-checks.h>
+
+#include <kernel-features.h>
+
+#include <alloca.h>
+/* from sysdeps */
+#include <socketcall.h>
+/* for the stuff in bits/socket.h */
+#include <sys/socket.h>
+#include <sys/un.h>
+
+
+/* Sanity check on SYSCALL macro names - force compilation
+ * failure if the names used here do not exist
+ */
+#if !defined __NR_socketcall && !defined __NR_socket
+# error Cannot do syscall socket or socketcall
+#endif
+#if !defined __NR_socketcall && !defined __NR_connect
+# error Cannot do syscall connect or socketcall
+#endif
+#ifndef __NR_write
+# error Cannot do syscall write
+#endif
+#ifndef __NR_close
+# error Cannot do syscall close
+#endif
+#ifndef __NR_getpid
+# error Cannot do syscall getpid
+#endif
+#ifndef __NR_kill
+# error Cannot do syscall kill
+#endif
+#ifndef __NR_exit
+# error Cannot do syscall exit
+#endif
+#ifdef SSP_SMASH_DUMPS_CORE
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1
+# if !defined _KERNEL_NSIG && !defined _NSIG
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction
+# endif
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction
+# error Cannot do syscall sigaction or rt_sigaction
+# endif
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t.
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
+ * some reason.
+ */
+# ifdef _KERNEL_NSIG
+# define _SSP_NSIG _KERNEL_NSIG
+# else
+# define _SSP_NSIG _NSIG
+# endif
+#else
+# define _SSP_NSIG 0
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0
+#endif
+
+/* Define DO_SIGACTION - default to newer rt signal interface but
+ * fallback to old as needed.
+ */
+#ifdef __NR_rt_sigaction
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8)
+#else
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact)
+#endif
+
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */
+#if defined(__NR_socket) && defined(__NR_connect)
+# define USE_OLD_SOCKETCALL 0
+#else
+# define USE_OLD_SOCKETCALL 1
+#endif
+/* stub out the __NR_'s so we can let gcc optimize away dead code */
+#ifndef __NR_socketcall
+# define __NR_socketcall 0
+#endif
+#ifndef __NR_socket
+# define __NR_socket 0
+#endif
+#ifndef __NR_connect
+# define __NR_connect 0
+#endif
+#define DO_SOCKET(result, domain, type, protocol) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = domain; \
+ socketargs[1] = type; \
+ socketargs[2] = protocol; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \
+ } while (0)
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = sockfd; \
+ socketargs[1] = (unsigned long int)serv_addr; \
+ socketargs[2] = addrlen; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \
+ } while (0)
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+static const char path_log[] = _PATH_LOG;
+
+/* For building glibc with SSP switched on, define __progname to a
+ * constant if building for the run-time loader, to avoid pulling
+ * in more of libc.so into ld.so
+ */
+#ifdef IS_IN_rtld
+static char *__progname = "<rtld>";
+#else
+extern char *__progname;
+#endif
+
+
+/* Common handler code, used by stack_chk_fail and __stack_smash_handler
+ * Inlined to ensure no self-references to the handler within itself.
+ * Data static to avoid putting more than necessary on the stack,
+ * to aid core debugging.
+ */
+__attribute__ ((__noreturn__ , __always_inline__))
+static inline void
+__hardened_gentoo_stack_chk_fail(char func[], int damaged)
+{
+#define MESSAGE_BUFSIZ 256
+ static pid_t pid;
+ static int plen, i;
+ static char message[MESSAGE_BUFSIZ];
+ static const char msg_ssa[] = ": stack smashing attack";
+ static const char msg_inf[] = " in function ";
+ static const char msg_ssd[] = "*** stack smashing detected ***: ";
+ static const char msg_terminated[] = " - terminated\n";
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n";
+ static const char msg_unknown[] = "<unknown>";
+ static int log_socket, connect_result;
+ static struct sockaddr_un sock;
+ static unsigned long int socketargs[4];
+
+ /* Build socket address
+ */
+ sock.sun_family = AF_UNIX;
+ i = 0;
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) {
+ sock.sun_path[i] = path_log[i];
+ i++;
+ }
+ sock.sun_path[i] = '\0';
+
+ /* Try SOCK_DGRAM connection to syslog */
+ connect_result = -1;
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ if (connect_result == -1) {
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+ /* Try SOCK_STREAM connection to syslog */
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ }
+
+ /* Build message. Messages are generated both in the old style and new style,
+ * so that log watchers that are configured for the old-style message continue
+ * to work.
+ */
+#define strconcat(str) \
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \
+ {\
+ message[plen+i]=str[i];\
+ i++;\
+ }\
+ plen+=i;}
+
+ /* R.Henderson post-gcc-4 style message */
+ plen = 0;
+ strconcat(msg_ssd);
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Dr. Etoh pre-gcc-4 style message */
+ plen = 0;
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_ssa);
+ strconcat(msg_inf);
+ if (func != NULL)
+ strconcat(func)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Direct reports to bugs.gentoo.org */
+ plen=0;
+ strconcat(msg_report);
+ message[plen++]='\0';
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+
+ /* Suicide */
+ pid = INLINE_SYSCALL(getpid, 0);
+
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) {
+ static struct sigaction default_abort_act;
+ /* Remove any user-supplied handler for SIGABRT, before using it */
+ default_abort_act.sa_handler = SIG_DFL;
+ default_abort_act.sa_sigaction = NULL;
+ __sigfillset(&default_abort_act.sa_mask);
+ default_abort_act.sa_flags = 0;
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0)
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+ }
+
+ /* Note; actions cannot be added to SIGKILL */
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL);
+
+ /* In case the kill didn't work, exit anyway
+ * The loop prevents gcc thinking this routine returns
+ */
+ while (1)
+ INLINE_SYSCALL(exit, 0);
+}
+
+__attribute__ ((__noreturn__))
+void __stack_chk_fail(void)
+{
+ __hardened_gentoo_stack_chk_fail(NULL, 0);
+}
+
+#ifdef ENABLE_OLD_SSP_COMPAT
+__attribute__ ((__noreturn__))
+void __stack_smash_handler(char func[], int damaged)
+{
+ __hardened_gentoo_stack_chk_fail(func, damaged);
+}
+#endif
diff --git a/sys-libs/glibc/files/eblits/common.eblit b/sys-libs/glibc/files/eblits/common.eblit
new file mode 100644
index 0000000..2f7471e
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/common.eblit
@@ -0,0 +1,343 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/common.eblit,v 1.45 2014/10/18 23:09:51 vapier Exp $
+
+alt_prefix() {
+ is_crosscompile && echo /usr/${CTARGET}
+}
+
+if [[ ${EAPI:-0} == [012] ]] ; then
+ : ${ED:=${D}}
+ : ${EROOT:=${ROOT}}
+fi
+# This indirection is for binpkgs. #523332
+_nonfatal() { nonfatal "$@" ; }
+if [[ ${EAPI:-0} == [0123] ]] ; then
+ nonfatal() { "$@" ; }
+ _nonfatal() { "$@" ; }
+fi
+
+# We need to be able to set alternative headers for
+# compiling for non-native platform
+# Will also become useful for testing kernel-headers without screwing up
+# the whole system.
+# note: intentionally undocumented.
+alt_headers() {
+ echo ${ALT_HEADERS:=$(alt_prefix)/usr/include}
+}
+alt_build_headers() {
+ if [[ -z ${ALT_BUILD_HEADERS} ]] ; then
+ ALT_BUILD_HEADERS=$(alt_headers)
+ if tc-is-cross-compiler ; then
+ ALT_BUILD_HEADERS=${SYSROOT}$(alt_headers)
+ if [[ ! -e ${ALT_BUILD_HEADERS}/linux/version.h ]] ; then
+ local header_path=$(echo '#include <linux/version.h>' | $(tc-getCPP ${CTARGET}) ${CFLAGS} 2>&1 | grep -o '[^"]*linux/version.h')
+ ALT_BUILD_HEADERS=${header_path%/linux/version.h}
+ fi
+ fi
+ fi
+ echo "${ALT_BUILD_HEADERS}"
+}
+
+alt_libdir() {
+ echo $(alt_prefix)/$(get_libdir)
+}
+alt_usrlibdir() {
+ echo $(alt_prefix)/usr/$(get_libdir)
+}
+
+builddir() {
+ echo "${WORKDIR}/build-${ABI}-${CTARGET}-$1"
+}
+
+setup_target_flags() {
+ # This largely mucks with compiler flags. None of which should matter
+ # when building up just the headers.
+ just_headers && return 0
+
+ case $(tc-arch) in
+ x86)
+ # -march needed for #185404 #199334
+ if ! glibc_compile_test "" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then
+ local t=${CTARGET_OPT:-${CTARGET}}
+ t=${t%%-*}
+ filter-flags '-march=*'
+ export CFLAGS="-march=${t} ${CFLAGS}"
+ einfo "Auto adding -march=${t} to CFLAGS #185404"
+ fi
+ ;;
+ amd64)
+ # -march needed for #185404 #199334
+ if ! glibc_compile_test "${CFLAGS_x86}" 'void f(int i, void *p) {if (__sync_fetch_and_add(&i, 1)) f(i, p);}\nint main(){return 0;}\n' 2>/dev/null ; then
+ local t=${CTARGET_OPT:-${CTARGET}}
+ t=${t%%-*}
+ filter-flags '-march=*'
+ # ugly, ugly, ugly. ugly.
+ CFLAGS_x86=$(CFLAGS=${CFLAGS_x86} filter-flags '-march=*'; echo "${CFLAGS}")
+ export CFLAGS_x86="${CFLAGS_x86} -march=${t}"
+ einfo "Auto adding -march=${t} to CFLAGS_x86 #185404"
+ fi
+ ;;
+ ppc)
+ append-flags "-freorder-blocks"
+ ;;
+ sparc)
+ # Both sparc and sparc64 can use -fcall-used-g6. -g7 is bad, though.
+ filter-flags "-fcall-used-g7"
+ append-flags "-fcall-used-g6"
+ filter-flags "-mvis"
+
+ GLIBCMAJOR=$(get_version_component_range 1 ${PV})
+ GLIBCMINOR=$(get_version_component_range 2 ${PV})
+
+ # set CTARGET_OPT so glibc can use cpu-specific .S files for better performance
+ # - UltraSPARC T1 (niagara) support requires >= glibc 2.8
+ # - UltraSPARC T2 (niagara2) support requires >= glibc 2.7
+
+ if is_crosscompile || [[ ${PROFILE_ARCH} == "sparc64" ]] || { has_multilib_profile && ! tc-is-cross-compiler; } ; then
+ case ${ABI}:${CTARGET} in
+ sparc64:*|\
+ default:sparc64*)
+ filter-flags -Wa,-xarch -Wa,-A
+
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then
+ CTARGET_OPT="sparc64v2-unknown-linux-gnu"
+ append-flags "-Wa,-xarch=v9b"
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b"
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then
+ CTARGET_OPT="sparc64v-unknown-linux-gnu"
+ append-flags "-Wa,-xarch=v9b"
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b"
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then
+ CTARGET_OPT="sparc64b-unknown-linux-gnu"
+ append-flags "-Wa,-xarch=v9b"
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9b"
+ else
+ CTARGET_OPT="sparc64-unknown-linux-gnu"
+ append-flags "-Wa,-xarch=v9a"
+ export ASFLAGS="${ASFLAGS} -Wa,-xarch=v9a"
+ fi
+ ;;
+ *)
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then
+ CTARGET_OPT="sparcv9v2-unknown-linux-gnu"
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then
+ CTARGET_OPT="sparcv9v-unknown-linux-gnu"
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then
+ CTARGET_OPT="sparcv9b-unknown-linux-gnu"
+ else
+ CTARGET_OPT="sparcv9-unknown-linux-gnu"
+ fi
+ ;;
+ esac
+ else
+ if is-flagq "-mcpu=niagara2" && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.7 ]] ; then
+ CTARGET_OPT="sparcv9v2-unknown-linux-gnu"
+ elif { is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2" ; } && [[ ${GLIBCMAJOR}.${GLIBCMINOR} > 2.6 ]] ; then
+ CTARGET_OPT="sparcv9v-unknown-linux-gnu"
+ elif is-flagq "-mcpu=ultrasparc3" || is-flagq "-mcpu=niagara" || is-flagq "-mcpu=niagara2"; then
+ CTARGET_OPT="sparcv9b-unknown-linux-gnu"
+ elif { is_crosscompile && want_nptl; } || is-flagq "-mcpu=ultrasparc2" || is-flagq "-mcpu=ultrasparc"; then
+ CTARGET_OPT="sparcv9-unknown-linux-gnu"
+ fi
+ fi
+ ;;
+ esac
+}
+
+setup_flags() {
+ # Make sure host make.conf doesn't pollute us
+ if is_crosscompile || tc-is-cross-compiler ; then
+ CHOST=${CTARGET} strip-unsupported-flags
+ fi
+
+ # Store our CFLAGS because it's changed depending on which CTARGET
+ # we are building when pulling glibc on a multilib profile
+ CFLAGS_BASE=${CFLAGS_BASE-${CFLAGS}}
+ CFLAGS=${CFLAGS_BASE}
+ CXXFLAGS_BASE=${CXXFLAGS_BASE-${CXXFLAGS}}
+ CXXFLAGS=${CXXFLAGS_BASE}
+ ASFLAGS_BASE=${ASFLAGS_BASE-${ASFLAGS}}
+ ASFLAGS=${ASFLAGS_BASE}
+
+ # Over-zealous CFLAGS can often cause problems. What may work for one
+ # person may not work for another. To avoid a large influx of bugs
+ # relating to failed builds, we strip most CFLAGS out to ensure as few
+ # problems as possible.
+ strip-flags
+ strip-unsupported-flags
+ filter-flags -m32 -m64 -mabi=*
+
+ # Bug 492892.
+ filter-flags -frecord-gcc-switches
+
+ unset CBUILD_OPT CTARGET_OPT
+ if use multilib ; then
+ CTARGET_OPT=$(get_abi_CTARGET)
+ [[ -z ${CTARGET_OPT} ]] && CTARGET_OPT=$(get_abi_CHOST)
+ fi
+
+ setup_target_flags
+
+ if [[ -n ${CTARGET_OPT} && ${CBUILD} == ${CHOST} ]] && ! is_crosscompile; then
+ CBUILD_OPT=${CTARGET_OPT}
+ fi
+
+ # Lock glibc at -O2 -- linuxthreads needs it and we want to be
+ # conservative here. -fno-strict-aliasing is to work around #155906
+ filter-flags -O?
+ append-flags -O2 -fno-strict-aliasing
+
+ # Can't build glibc itself with fortify code. Newer versions add
+ # this flag for us, so no need to do it manually.
+ version_is_at_least 2.16 ${PV} || append-cppflags -U_FORTIFY_SOURCE
+
+ # building glibc with SSP is fraught with difficulty, especially
+ # due to __stack_chk_fail_local which would mean significant changes
+ # to the glibc build process. See bug #94325 #293721
+ # Note we have to handle both user-given CFLAGS and gcc defaults via
+ # spec rules here. We can't simply add -fno-stack-protector as it gets
+ # added before user flags, and we can't just filter-flags because
+ # _filter_hardened doesn't support globs.
+ filter-flags -fstack-protector*
+ gcc-specs-ssp && append-flags $(test-flags -fno-stack-protector)
+
+ if use hardened && gcc-specs-pie ; then
+ # Force PIC macro definition for all compilations since they're all
+ # either -fPIC or -fPIE with the default-PIE compiler.
+ append-cppflags -DPIC
+ else
+ # Don't build -fPIE without the default-PIE compiler and the
+ # hardened-pie patch
+ filter-flags -fPIE
+ fi
+}
+
+want_nptl() {
+ [[ -z ${LT_VER} ]] && return 0
+ want_tls || return 1
+ use nptl || return 1
+
+ # Older versions of glibc had incomplete arch support for nptl.
+ # But if you're building those now, you can handle USE=nptl yourself.
+ return 0
+}
+
+want_linuxthreads() {
+ [[ -z ${LT_VER} ]] && return 1
+ use linuxthreads
+}
+
+want_tls() {
+ # Archs that can use TLS (Thread Local Storage)
+ case $(tc-arch) in
+ x86)
+ # requires i486 or better #106556
+ [[ ${CTARGET} == i[4567]86* ]] && return 0
+ return 1
+ ;;
+ esac
+
+ return 0
+}
+
+want__thread() {
+ want_tls || return 1
+
+ # For some reason --with-tls --with__thread is causing segfaults on sparc32.
+ [[ ${PROFILE_ARCH} == "sparc" ]] && return 1
+
+ [[ -n ${WANT__THREAD} ]] && return ${WANT__THREAD}
+
+ # only test gcc -- cant test linking yet
+ tc-has-tls -c ${CTARGET}
+ WANT__THREAD=$?
+
+ return ${WANT__THREAD}
+}
+
+use_multiarch() {
+ # Make sure binutils is new enough to support indirect functions #336792
+ # This funky sed supports gold and bfd linkers.
+ local bver nver
+ bver=$($(tc-getLD ${CTARGET}) -v | sed -n -r '1{s:[^0-9]*::;s:^([0-9.]*).*:\1:;p}')
+ case $(tc-arch ${CTARGET}) in
+ amd64|x86) nver="2.20" ;;
+ arm) nver="2.22" ;;
+ hppa) nver="2.23" ;;
+ ppc|ppc64) nver="2.20" ;;
+ # ifunc was added in 2.23, but glibc also needs machinemode which is in 2.24.
+ s390) nver="2.24" ;;
+ sparc) nver="2.21" ;;
+ *) return 1 ;;
+ esac
+ version_is_at_least ${nver} ${bver}
+}
+
+# Setup toolchain variables that had historically
+# been defined in the profiles for these archs.
+setup_env() {
+ # silly users
+ unset LD_RUN_PATH
+ unset LD_ASSUME_KERNEL
+
+ multilib_env ${CTARGET_OPT:-${CTARGET}}
+ if is_crosscompile || tc-is-cross-compiler ; then
+ if ! use multilib ; then
+ MULTILIB_ABIS=${DEFAULT_ABI}
+ else
+ MULTILIB_ABIS=${MULTILIB_ABIS:-${DEFAULT_ABI}}
+ fi
+
+ # If the user has CFLAGS_<CTARGET> in their make.conf, use that,
+ # and fall back on CFLAGS.
+ local VAR=CFLAGS_${CTARGET//[-.]/_}
+ CFLAGS=${!VAR-${CFLAGS}}
+ fi
+
+ setup_flags
+
+ export ABI=${ABI:-${DEFAULT_ABI:-default}}
+
+ local VAR=CFLAGS_${ABI}
+ # We need to export CFLAGS with abi information in them because glibc's
+ # configure script checks CFLAGS for some targets (like mips). Keep
+ # around the original clean value to avoid appending multiple ABIs on
+ # top of each other.
+ : ${__GLIBC_CC:=$(tc-getCC ${CTARGET_OPT:-${CTARGET}})}
+ export __GLIBC_CC CC="${__GLIBC_CC} ${!VAR}"
+}
+
+foreach_abi() {
+ setup_env
+
+ local ret=0
+ local abilist=""
+ if use multilib ; then
+ abilist=$(get_install_abis)
+ else
+ abilist=${DEFAULT_ABI}
+ fi
+ evar_push ABI
+ export ABI
+ for ABI in ${abilist:-default} ; do
+ setup_env
+ einfo "Running $1 for ABI ${ABI}"
+ $1
+ : $(( ret |= $? ))
+ done
+ evar_pop
+ return ${ret}
+}
+
+just_headers() {
+ is_crosscompile && use crosscompile_opts_headers-only
+}
+
+glibc_banner() {
+ local b="Gentoo ${PVR}"
+ [[ -n ${SNAP_VER} ]] && b+=" snapshot ${SNAP_VER}"
+ [[ -n ${BRANCH_UPDATE} ]] && b+=" branch ${BRANCH_UPDATE}"
+ [[ -n ${PATCH_VER} ]] && ! use vanilla && b+=" p${PATCH_VER}"
+ echo "${b}"
+}
diff --git a/sys-libs/glibc/files/eblits/pkg_postinst.eblit b/sys-libs/glibc/files/eblits/pkg_postinst.eblit
new file mode 100644
index 0000000..9e5447d
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/pkg_postinst.eblit
@@ -0,0 +1,27 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_postinst.eblit,v 1.2 2012/04/15 20:04:44 vapier Exp $
+
+eblit-glibc-pkg_postinst() {
+ # nothing to do if just installing headers
+ just_headers && return
+
+ if ! tc-is-cross-compiler && [[ -x ${ROOT}/usr/sbin/iconvconfig ]] ; then
+ # Generate fastloading iconv module configuration file.
+ "${ROOT}"/usr/sbin/iconvconfig --prefix="${ROOT}"
+ fi
+
+ if ! is_crosscompile && [[ ${ROOT} == "/" ]] ; then
+ # Reload init ... if in a chroot or a diff init package, ignore
+ # errors from this step #253697
+ /sbin/telinit U 2>/dev/null
+
+ # if the host locales.gen contains no entries, we'll install everything
+ local locale_list="${ROOT}etc/locale.gen"
+ if [[ -z $(locale-gen --list --config "${locale_list}") ]] ; then
+ ewarn "Generating all locales; edit /etc/locale.gen to save time/space"
+ locale_list="${ROOT}usr/share/i18n/SUPPORTED"
+ fi
+ locale-gen -j $(makeopts_jobs) --config "${locale_list}"
+ fi
+}
diff --git a/sys-libs/glibc/files/eblits/pkg_preinst.eblit b/sys-libs/glibc/files/eblits/pkg_preinst.eblit
new file mode 100644
index 0000000..0fcb24a
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/pkg_preinst.eblit
@@ -0,0 +1,69 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_preinst.eblit,v 1.13 2014/08/10 03:35:56 vapier Exp $
+
+# Simple test to make sure our new glibc isnt completely broken.
+# Make sure we don't test with statically built binaries since
+# they will fail. Also, skip if this glibc is a cross compiler.
+#
+# If coreutils is built with USE=multicall, some of these files
+# will just be wrapper scripts, not actual ELFs we can test.
+glibc_sanity_check() {
+ cd / #228809
+
+ # We enter ${D} so to avoid trouble if the path contains
+ # special characters; for instance if the path contains the
+ # colon character (:), then the linker will try to split it
+ # and look for the libraries in an unexpected place. This can
+ # lead to unsafe code execution if the generated prefix is
+ # within a world-writable directory.
+ # (e.g. /var/tmp/portage:${HOSTNAME})
+ pushd "${ED}"/$(get_libdir) >/dev/null
+
+ local x striptest
+ for x in cal date env free ls true uname uptime ; do
+ x=$(type -p ${x})
+ [[ -z ${x} || ${x} != ${EPREFIX}/* ]] && continue
+ striptest=$(LC_ALL="C" file -L ${x} 2>/dev/null) || continue
+ case ${striptest} in
+ *"statically linked"*) continue;;
+ *"ASCII text"*) continue;;
+ esac
+ ./ld-*.so --library-path . ${x} > /dev/null \
+ || die "simple run test (${x}) failed"
+ done
+
+ popd >/dev/null
+}
+
+eblit-glibc-pkg_preinst() {
+ # nothing to do if just installing headers
+ just_headers && return
+
+ # prepare /etc/ld.so.conf.d/ for files
+ mkdir -p "${EROOT}"/etc/ld.so.conf.d
+
+ # Default /etc/hosts.conf:multi to on for systems with small dbs.
+ if [[ $(wc -l < "${EROOT}"/etc/hosts) -lt 1000 ]] ; then
+ sed -i '/^multi off/s:off:on:' "${ED}"/etc/host.conf
+ elog "Defaulting /etc/host.conf:multi to on"
+ fi
+
+ [[ ${ROOT} != "/" ]] && return 0
+ [[ -d ${D}/$(get_libdir) ]] || return 0
+ glibc_sanity_check
+
+ # Make sure devpts is mounted correctly for use w/out setuid pt_chown.
+ if in_iuse suid && ! use suid ; then
+ if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts ; then
+ eerror "In order to use glibc with USE=-suid, you must make sure that"
+ eerror "you have devpts mounted at /dev/pts with the gid=5 option."
+ eerror "Openrc should do this for you, so you should check /etc/fstab"
+ eerror "and make sure you do not have any invalid settings there."
+ # Do not die on older kernels as devpts did not export these settings #489520.
+ if version_is_at_least 2.6.25 $(uname -r) ; then
+ die "mount & fix your /dev/pts settings"
+ fi
+ fi
+ fi
+}
diff --git a/sys-libs/glibc/files/eblits/pkg_setup.eblit b/sys-libs/glibc/files/eblits/pkg_setup.eblit
new file mode 100644
index 0000000..7701a56
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/pkg_setup.eblit
@@ -0,0 +1,125 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/pkg_setup.eblit,v 1.14 2014/10/17 17:30:04 vapier Exp $
+
+glibc_compile_test() {
+ local ret save_cflags=${CFLAGS}
+ CFLAGS+=" $1"
+ shift
+
+ pushd "${T}" >/dev/null
+
+ rm -f glibc-test*
+ printf '%b' "$*" > glibc-test.c
+
+ _nonfatal emake -s glibc-test
+ ret=$?
+
+ popd >/dev/null
+
+ CFLAGS=${save_cflags}
+ return ${ret}
+}
+
+glibc_run_test() {
+ local ret
+
+ if [[ ${EMERGE_FROM} == "binary" ]] ; then
+ # ignore build failures when installing a binary package #324685
+ glibc_compile_test "" "$@" 2>/dev/null || return 0
+ else
+ if ! glibc_compile_test "" "$@" ; then
+ ewarn "Simple build failed ... assuming this is desired #324685"
+ return 0
+ fi
+ fi
+
+ pushd "${T}" >/dev/null
+
+ ./glibc-test
+ ret=$?
+ rm -f glibc-test*
+
+ popd >/dev/null
+
+ return ${ret}
+}
+
+eblit-glibc-pkg_setup() {
+ # prevent native builds from downgrading ... maybe update to allow people
+ # to change between diff -r versions ? (2.3.6-r4 -> 2.3.6-r2)
+ if [[ ${MERGE_TYPE} != "buildonly" ]] && \
+ [[ ${ROOT} == "/" ]] && \
+ [[ ${CBUILD} == ${CHOST} ]] && \
+ [[ ${CHOST} == ${CTARGET} ]] ; then
+ if has_version '>'${CATEGORY}/${PF} ; then
+ eerror "Sanity check to keep you from breaking your system:"
+ eerror " Downgrading glibc is not supported and a sure way to destruction"
+# die "aborting to save your system"
+ fi
+
+ if ! glibc_run_test '#include <pwd.h>\nint main(){return getpwuid(0)==0;}\n'
+ then
+ eerror "Your patched vendor kernel is broken. You need to get an"
+ eerror "update from whoever is providing the kernel to you."
+ eerror "http://sourceware.org/bugzilla/show_bug.cgi?id=5227"
+ eerror "http://bugs.gentoo.org/262698"
+ die "keeping your system alive, say thank you"
+ fi
+
+ if ! glibc_run_test '#include <unistd.h>\n#include <sys/syscall.h>\nint main(){return syscall(1000)!=-1;}\n'
+ then
+ eerror "Your old kernel is broken. You need to update it to"
+ eerror "a newer version as syscall(<bignum>) will break."
+ eerror "http://bugs.gentoo.org/279260"
+ die "keeping your system alive, say thank you"
+ fi
+ fi
+
+ # users have had a chance to phase themselves, time to give em the boot
+ if [[ -e ${EROOT}/etc/locale.gen ]] && [[ -e ${EROOT}/etc/locales.build ]] ; then
+ eerror "You still haven't deleted ${EROOT}/etc/locales.build."
+ eerror "Do so now after making sure ${EROOT}/etc/locale.gen is kosher."
+ die "lazy upgrader detected"
+ fi
+
+ if [[ ${CTARGET} == i386-* ]] ; then
+ eerror "i386 CHOSTs are no longer supported."
+ eerror "Chances are you don't actually want/need i386."
+ eerror "Please read http://www.gentoo.org/doc/en/change-chost.xml"
+ die "please fix your CHOST"
+ fi
+
+ if [[ -e /proc/xen ]] && [[ $(tc-arch) == "x86" ]] && ! is-flag -mno-tls-direct-seg-refs ; then
+ ewarn "You are using Xen but don't have -mno-tls-direct-seg-refs in your CFLAGS."
+ ewarn "This will result in a 50% performance penalty when running with a 32bit"
+ ewarn "hypervisor, which is probably not what you want."
+ fi
+
+ use hardened && ! gcc-specs-pie && \
+ ewarn "PIE hardening not applied, as your compiler doesn't default to PIE"
+
+ # Make sure host system is up to date #394453
+ if has_version '<sys-libs/glibc-2.13' && \
+ [[ -n $(scanelf -qys__guard -F'#s%F' "${EROOT}"/lib*/l*-*.so) ]]
+ then
+ ebegin "Scanning system for __guard to see if you need to rebuild first ..."
+ local files=$(
+ scanelf -qys__guard -F'#s%F' \
+ "${EROOT}"/*bin/ \
+ "${EROOT}"/lib* \
+ "${EROOT}"/usr/*bin/ \
+ "${EROOT}"/usr/lib* | \
+ egrep -v \
+ -e "^${EROOT}/lib.*/(libc|ld)-2.*.so$" \
+ -e "^${EROOT}/sbin/(ldconfig|sln)$"
+ )
+ [[ -z ${files} ]]
+ if ! eend $? ; then
+ eerror "Your system still has old SSP __guard symbols. You need to"
+ eerror "rebuild all the packages that provide these files first:"
+ eerror "${files}"
+ die "old __guard detected"
+ fi
+ fi
+}
diff --git a/sys-libs/glibc/files/eblits/src_compile.eblit b/sys-libs/glibc/files/eblits/src_compile.eblit
new file mode 100644
index 0000000..7704d83
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_compile.eblit
@@ -0,0 +1,24 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_compile.eblit,v 1.45 2014/09/10 18:45:21 vapier Exp $
+
+[[ ${EAPI:-0} == [01] ]] && source "${FILESDIR}/eblits/src_configure.eblit"
+
+toolchain-glibc_src_compile() {
+ local t
+ for t in linuxthreads nptl ; do
+ if want_${t} ; then
+ [[ ${EAPI:-0} == [01] ]] && glibc_do_configure ${t}
+ emake -C "$(builddir ${t})" || die "make ${t} for ${ABI} failed"
+ fi
+ done
+}
+
+eblit-glibc-src_compile() {
+ if just_headers ; then
+ [[ ${EAPI:-0} == [01] ]] && toolchain-glibc_headers_configure
+ return
+ fi
+
+ foreach_abi toolchain-glibc_src_compile
+}
diff --git a/sys-libs/glibc/files/eblits/src_configure.eblit b/sys-libs/glibc/files/eblits/src_configure.eblit
new file mode 100644
index 0000000..5a85488
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_configure.eblit
@@ -0,0 +1,252 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_configure.eblit,v 1.3 2014/12/31 08:20:02 vapier Exp $
+
+dump_toolchain_settings() {
+ echo
+
+ einfo "$*"
+
+ local v
+ for v in ABI CBUILD CHOST CTARGET CBUILD_OPT CTARGET_OPT CC {AS,C,CPP,CXX,LD}FLAGS ; do
+ einfo " $(printf '%15s' ${v}:) ${!v}"
+ done
+
+ export CC=$(tc-getCC ${CTARGET})
+ # Glibc does not work with gold (for various reasons) #269274.
+ if $(tc-getLD ${CTARGET}) --version | grep -q 'GNU gold' ; then
+ local d="${T}/bfd-linker"
+ mkdir -p "${d}"
+ ln -sf $(which ${CTARGET}-ld.bfd) "${d}"/ld
+ CC+=" -B${d}"
+ fi
+ einfo " $(printf '%15s' 'Manual CC:') ${CC}"
+ echo
+}
+
+glibc_do_configure() {
+ dump_toolchain_settings "Configuring glibc for $1"
+
+ local myconf=()
+
+ # set addons
+ pushd "${S}" > /dev/null
+ local addons=$(echo */configure | sed \
+ -e 's:/configure::g' \
+ -e 's:\(linuxthreads\|nptl\|rtkaio\|glibc-compat\)\( \|$\)::g' \
+ -e 's: \+$::' \
+ -e 's! !,!g' \
+ -e 's!^!,!' \
+ -e '/^,\*$/d')
+ [[ -d ports ]] && addons+=",ports"
+ popd > /dev/null
+
+ myconf+=( $(use_enable hardened stackguard-randomization) )
+ if has_version '<sys-libs/glibc-2.13' ; then
+ myconf+=( --enable-old-ssp-compat )
+ fi
+
+ [[ $(tc-is-softfloat) == "yes" ]] && myconf+=( --without-fp )
+
+ if [[ $1 == "linuxthreads" ]] ; then
+ if want_tls ; then
+ myconf+=( --with-tls )
+
+ if ! want__thread || use glibc-compat20 || [[ ${LT_KER_VER} == 2.[02].* ]] ; then
+ myconf+=( --without-__thread )
+ else
+ myconf+=( --with-__thread )
+ fi
+ else
+ myconf+=( --without-tls --without-__thread )
+ fi
+
+ myconf+=( --disable-sanity-checks )
+ addons="linuxthreads${addons}"
+ myconf+=( --enable-kernel=${LT_KER_VER} )
+ elif [[ $1 == "nptl" ]] ; then
+ # Newer versions require nptl, so there is no addon for it.
+ version_is_at_least 2.20 || addons="nptl${addons}"
+ myconf+=( --enable-kernel=${NPTL_KERN_VER} )
+ else
+ die "invalid pthread option"
+ fi
+ myconf+=( --enable-add-ons="${addons#,}" )
+
+ # Since SELinux support is only required for nscd, only enable it if:
+ # 1. USE selinux
+ # 2. only for the primary ABI on multilib systems
+ # 3. Not a crosscompile
+ if ! is_crosscompile && use selinux ; then
+ if use multilib ; then
+ if is_final_abi ; then
+ myconf+=( --with-selinux )
+ else
+ myconf+=( --without-selinux )
+ fi
+ else
+ myconf+=( --with-selinux )
+ fi
+ else
+ myconf+=( --without-selinux )
+ fi
+
+ # Force a few tests where we always know the answer but
+ # configure is incapable of finding it.
+ if is_crosscompile ; then
+ export \
+ libc_cv_c_cleanup=yes \
+ libc_cv_forced_unwind=yes
+ fi
+
+ myconf+=(
+ --without-cvs
+ --enable-bind-now
+ --build=${CBUILD_OPT:-${CBUILD}}
+ --host=${CTARGET_OPT:-${CTARGET}}
+ $(use_enable profile)
+ $(use_with gd)
+ --with-headers=$(alt_build_headers)
+ --prefix=/usr
+ --libdir=/usr/$(get_libdir)
+ --mandir=/usr/share/man
+ --infodir=/usr/share/info
+ --libexecdir=/usr/$(get_libdir)/misc/glibc
+ --with-bugurl=http://bugs.gentoo.org/
+ --with-pkgversion="$(glibc_banner)"
+ $(use_multiarch || echo --disable-multi-arch)
+ --enable-obsolete-rpc
+ $(in_iuse systemtap && use_enable systemtap)
+ $(in_iuse nscd && use_enable nscd)
+ ${EXTRA_ECONF}
+ )
+
+ # There is no configure option for this and we need to export it
+ # since the glibc build will re-run configure on itself
+ export libc_cv_slibdir=/$(get_libdir)
+
+ # We take care of patching our binutils to use both hash styles,
+ # and many people like to force gnu hash style only, so disable
+ # this overriding check. #347761
+ export libc_cv_hashstyle=no
+
+ # Overtime, generating info pages can be painful. So disable this for
+ # versions older than the latest stable to avoid the issue (this ver
+ # should be updated from time to time). #464394 #465816
+ if ! version_is_at_least 2.17 ; then
+ export ac_cv_prog_MAKEINFO=:
+ fi
+
+ local builddir=$(builddir "$1")
+ mkdir -p "${builddir}"
+ cd "${builddir}"
+ set -- "${S}"/configure "${myconf[@]}"
+ echo "$@"
+ "$@" || die "failed to configure glibc"
+
+ # ia64 static cross-compilers are a pita in so much that they
+ # can't produce static ELFs (as the libgcc.a is broken). so
+ # disable building of the programs for those targets if it
+ # doesn't work.
+ # XXX: We could turn this into a compiler test, but ia64 is
+ # the only one that matters, so this should be fine for now.
+ if is_crosscompile && [[ ${CTARGET} == ia64* ]] ; then
+ sed -i '1i+link-static = touch $@' config.make
+ fi
+
+ # If we're trying to migrate between ABI sets, we need
+ # to lie and use a local copy of gcc. Like if the system
+ # is built with MULTILIB_ABIS="amd64 x86" but we want to
+ # add x32 to it, gcc/glibc don't yet support x32.
+ if [[ -n ${GCC_BOOTSTRAP_VER} ]] && use multilib ; then
+ echo 'main(){}' > "${T}"/test.c
+ if ! $(tc-getCC ${CTARGET}) ${CFLAGS} ${LDFLAGS} "${T}"/test.c -Wl,-emain -lgcc 2>/dev/null ; then
+ sed -i -e '/^CC = /s:$: -B$(objdir)/../'"gcc-${GCC_BOOTSTRAP_VER}/${ABI}:" config.make || die
+ mkdir -p sunrpc
+ cp $(which rpcgen) sunrpc/cross-rpcgen || die
+ touch -t 202001010101 sunrpc/cross-rpcgen || die
+ fi
+ fi
+}
+
+toolchain-glibc_headers_configure() {
+ export ABI=default
+
+ local builddir=$(builddir "headers")
+ mkdir -p "${builddir}"
+ cd "${builddir}"
+
+ # if we don't have a compiler yet, we cant really test it now ...
+ # hopefully they don't affect header geneation, so let's hope for
+ # the best here ...
+ local v vars=(
+ ac_cv_header_cpuid_h=yes
+ libc_cv_{386,390,alpha,arm,hppa,ia64,mips,{powerpc,sparc}{,32,64},sh,x86_64}_tls=yes
+ libc_cv_asm_cfi_directives=yes
+ libc_cv_broken_visibility_attribute=no
+ libc_cv_c_cleanup=yes
+ libc_cv_forced_unwind=yes
+ libc_cv_gcc___thread=yes
+ libc_cv_mlong_double_128=yes
+ libc_cv_mlong_double_128ibm=yes
+ libc_cv_ppc_machine=yes
+ libc_cv_ppc_rel16=yes
+ libc_cv_predef_{fortify_source,stack_protector}=no
+ libc_cv_visibility_attribute=yes
+ libc_cv_z_combreloc=yes
+ libc_cv_z_execstack=yes
+ libc_cv_z_initfirst=yes
+ libc_cv_z_nodelete=yes
+ libc_cv_z_nodlopen=yes
+ libc_cv_z_relro=yes
+ libc_mips_abi=${ABI}
+ libc_mips_float=$([[ $(tc-is-softfloat) == "yes" ]] && echo soft || echo hard)
+ )
+ einfo "Forcing cached settings:"
+ for v in "${vars[@]}" ; do
+ einfo " ${v}"
+ export ${v}
+ done
+
+ local ports="" myconf=()
+ myconf+=(
+ --disable-sanity-checks
+ --enable-hacker-mode
+ --without-cvs
+ --enable-bind-now
+ --build=${CBUILD_OPT:-${CBUILD}}
+ --host=${CTARGET_OPT:-${CTARGET}}
+ --with-headers=$(alt_build_headers)
+ --prefix=/usr
+ ${EXTRA_ECONF}
+ )
+
+ local addons
+ [[ -d ${S}/ports ]] && addons+=",ports"
+ # Newer versions require nptl, so there is no addon for it.
+ version_is_at_least 2.20 || addons+=",nptl"
+ myconf+=( --enable-add-ons="${addons#,}" )
+
+ # Nothing is compiled here which would affect the headers for the target.
+ # So forcing CC/CFLAGS is sane.
+ set -- "${S}"/configure "${myconf[@]}"
+ echo "$@"
+ CC="$(tc-getBUILD_CC)" \
+ CFLAGS="-O1 -pipe" \
+ CPPFLAGS="-U_FORTIFY_SOURCE" \
+ LDFLAGS="" \
+ "$@" || die "failed to configure glibc"
+}
+
+toolchain-glibc_src_configure() {
+ if just_headers ; then
+ toolchain-glibc_headers_configure
+ else
+ want_linuxthreads && glibc_do_configure linuxthreads
+ want_nptl && glibc_do_configure nptl
+ fi
+}
+
+eblit-glibc-src_configure() {
+ foreach_abi toolchain-glibc_src_configure
+}
diff --git a/sys-libs/glibc/files/eblits/src_install.eblit b/sys-libs/glibc/files/eblits/src_install.eblit
new file mode 100644
index 0000000..8030d93
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_install.eblit
@@ -0,0 +1,244 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_install.eblit,v 1.38 2014/09/10 18:15:55 vapier Exp $
+
+toolchain-glibc_src_install() {
+ local builddir=$(builddir $(want_linuxthreads && echo linuxthreads || echo nptl))
+ cd "${builddir}"
+
+ emake install_root="${D}$(alt_prefix)" install || die
+
+ if want_linuxthreads && want_nptl ; then
+ einfo "Installing NPTL to $(alt_libdir)/tls/..."
+ cd "$(builddir nptl)"
+ dodir $(alt_libdir)/tls $(alt_usrlibdir)/nptl
+
+ local l src_lib
+ for l in libc libm librt libpthread libthread_db ; do
+ # take care of shared lib first ...
+ l=${l}.so
+ if [[ -e ${l} ]] ; then
+ src_lib=${l}
+ else
+ src_lib=$(eval echo */${l})
+ fi
+ cp -a ${src_lib} "${ED}"$(alt_libdir)/tls/${l} || die "copying nptl ${l}"
+ fperms a+rx $(alt_libdir)/tls/${l}
+ dosym ${l} $(alt_libdir)/tls/$(scanelf -qSF'%S#F' ${src_lib})
+
+ # then grab the linker script or the symlink ...
+ if [[ -L ${ED}$(alt_usrlibdir)/${l} ]] ; then
+ dosym $(alt_libdir)/tls/${l} $(alt_usrlibdir)/nptl/${l}
+ else
+ sed \
+ -e "s:/${l}:/tls/${l}:g" \
+ -e "s:/${l/%.so/_nonshared.a}:/nptl/${l/%.so/_nonshared.a}:g" \
+ "${ED}"$(alt_usrlibdir)/${l} > "${ED}"$(alt_usrlibdir)/nptl/${l}
+ fi
+
+ # then grab the static lib ...
+ src_lib=${src_lib/%.so/.a}
+ [[ ! -e ${src_lib} ]] && src_lib=${src_lib/%.a/_pic.a}
+ cp -a ${src_lib} "${ED}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}"
+ src_lib=${src_lib/%.a/_nonshared.a}
+ if [[ -e ${src_lib} ]] ; then
+ cp -a ${src_lib} "${ED}"$(alt_usrlibdir)/nptl/ || die "copying nptl ${src_lib}"
+ fi
+ done
+
+ # use the nptl linker instead of the linuxthreads one as the linuxthreads
+ # one may lack TLS support and that can be really bad for business
+ cp -a elf/ld.so "${ED}"$(alt_libdir)/$(scanelf -qSF'%S#F' elf/ld.so) || die "copying nptl interp"
+ fi
+
+ # We'll take care of the cache ourselves
+ rm -f "${ED}"/etc/ld.so.cache
+
+ # Everything past this point just needs to be done once ...
+ is_final_abi || return 0
+
+ # Make sure the non-native interp can be found on multilib systems even
+ # if the main library set isn't installed into the right place. Maybe
+ # we should query the active gcc for info instead of hardcoding it ?
+ local i ldso_abi ldso_name
+ local ldso_abi_list=(
+ # x86
+ amd64 /lib64/ld-linux-x86-64.so.2
+ x32 /libx32/ld-linux-x32.so.2
+ x86 /lib/ld-linux.so.2
+ # mips
+ o32 /lib/ld.so.1
+ n32 /lib32/ld.so.1
+ n64 /lib64/ld.so.1
+ # powerpc
+ ppc /lib/ld.so.1
+ ppc64 /lib64/ld64.so.1
+ # s390
+ s390 /lib/ld.so.1
+ s390x /lib/ld64.so.1
+ # sparc
+ sparc32 /lib/ld-linux.so.2
+ sparc64 /lib64/ld-linux.so.2
+ )
+ case $(tc-endian) in
+ little)
+ ldso_abi_list+=(
+ # arm
+ arm64 /lib/ld-linux-aarch64.so.1
+ )
+ ;;
+ big)
+ ldso_abi_list+=(
+ # arm
+ arm64 /lib/ld-linux-aarch64_be.so.1
+ )
+ ;;
+ esac
+ if [[ ${SYMLINK_LIB} == "yes" ]] && [[ ! -e ${ED}/$(alt_prefix)/lib ]] ; then
+ dosym $(get_abi_LIBDIR ${DEFAULT_ABI}) $(alt_prefix)/lib
+ fi
+ for (( i = 0; i < ${#ldso_abi_list[@]}; i += 2 )) ; do
+ ldso_abi=${ldso_abi_list[i]}
+ has ${ldso_abi} $(get_install_abis) || continue
+
+ ldso_name="$(alt_prefix)${ldso_abi_list[i+1]}"
+ if [[ ! -L ${D}/${ldso_name} && ! -e ${D}/${ldso_name} ]] ; then
+ dosym ../$(get_abi_LIBDIR ${ldso_abi})/${ldso_name##*/} ${ldso_name}
+ fi
+ done
+
+ # With devpts under Linux mounted properly, we do not need the pt_chown
+ # binary to be setuid. This is because the default owners/perms will be
+ # exactly what we want.
+ if in_iuse suid && ! use suid ; then
+ find "${D}" -name pt_chown -exec chmod -s {} +
+ fi
+
+ #################################################################
+ # EVERYTHING AFTER THIS POINT IS FOR NATIVE GLIBC INSTALLS ONLY #
+ # Make sure we install some symlink hacks so that when we build
+ # a 2nd stage cross-compiler, gcc finds the target system
+ # headers correctly. See gcc/doc/gccinstall.info
+ if is_crosscompile ; then
+ # We need to make sure that /lib and /usr/lib always exists.
+ # gcc likes to use relative paths to get to its multilibs like
+ # /usr/lib/../lib64/. So while we don't install any files into
+ # /usr/lib/, we do need it to exist.
+ cd "${ED}"$(alt_libdir)/..
+ [[ -e lib ]] || mkdir lib
+ cd "${ED}"$(alt_usrlibdir)/..
+ [[ -e lib ]] || mkdir lib
+
+ dosym usr/include $(alt_prefix)/sys-include
+ return 0
+ fi
+
+ # Files for Debian-style locale updating
+ dodir /usr/share/i18n
+ sed \
+ -e "/^#/d" \
+ -e "/SUPPORTED-LOCALES=/d" \
+ -e "s: \\\\::g" -e "s:/: :g" \
+ "${S}"/localedata/SUPPORTED > "${ED}"/usr/share/i18n/SUPPORTED \
+ || die "generating /usr/share/i18n/SUPPORTED failed"
+ cd "${WORKDIR}"/extra/locale
+ dosbin locale-gen || die
+ doman *.[0-8]
+ insinto /etc
+ doins locale.gen || die
+
+ # Make sure all the ABI's can find the locales and so we only
+ # have to generate one set
+ local a
+ keepdir /usr/$(get_libdir)/locale
+ for a in $(get_install_abis) ; do
+ if [[ ! -e ${ED}/usr/$(get_abi_LIBDIR ${a})/locale ]] ; then
+ dosym /usr/$(get_libdir)/locale /usr/$(get_abi_LIBDIR ${a})/locale
+ fi
+ done
+
+ cd "${S}"
+
+ # Install misc network config files
+ insinto /etc
+ doins nscd/nscd.conf posix/gai.conf nss/nsswitch.conf || die
+ doins "${WORKDIR}"/extra/etc/*.conf || die
+
+ if ! in_iuse nscd || use nscd ; then
+ doinitd "${WORKDIR}"/extra/etc/nscd || die
+
+ local nscd_args=(
+ -e "s:@PIDFILE@:$(strings "${ED}"/usr/sbin/nscd | grep nscd.pid):"
+ )
+ version_is_at_least 2.16 || nscd_args+=( -e 's: --foreground : :' )
+ sed -i "${nscd_args[@]}" "${ED}"/etc/init.d/nscd
+
+ # Newer versions of glibc include the nscd.service themselves.
+ # TODO: Drop the $FILESDIR copy once 2.19 goes stable.
+ if version_is_at_least 2.19 ; then
+ systemd_dounit nscd/nscd.service || die
+ systemd_newtmpfilesd nscd/nscd.tmpfiles nscd.conf || die
+ else
+ systemd_dounit "${FILESDIR}"/nscd.service || die
+ systemd_newtmpfilesd "${FILESDIR}"/nscd.tmpfilesd nscd.conf || die
+ fi
+ else
+ # Do this since extra/etc/*.conf above might have nscd.conf.
+ rm -f "${ED}"/etc/nscd.conf
+ fi
+
+ echo 'LDPATH="include ld.so.conf.d/*.conf"' > "${T}"/00glibc
+ doenvd "${T}"/00glibc || die
+
+ for d in BUGS ChangeLog* CONFORMANCE FAQ NEWS NOTES PROJECTS README* ; do
+ [[ -s ${d} ]] && dodoc ${d}
+ done
+
+ # Prevent overwriting of the /etc/localtime symlink. We'll handle the
+ # creation of the "factory" symlink in pkg_postinst().
+ rm -f "${ED}"/etc/localtime
+}
+
+toolchain-glibc_headers_install() {
+ local builddir=$(builddir "headers")
+ cd "${builddir}"
+ emake install_root="${D}$(alt_prefix)" install-headers || die
+ if ! version_is_at_least 2.16 ; then
+ insinto $(alt_headers)/bits
+ doins bits/stdio_lim.h || die
+ fi
+ insinto $(alt_headers)/gnu
+ doins "${S}"/include/gnu/stubs.h || die "doins include gnu"
+ # Make sure we install the sys-include symlink so that when
+ # we build a 2nd stage cross-compiler, gcc finds the target
+ # system headers correctly. See gcc/doc/gccinstall.info
+ dosym usr/include /usr/${CTARGET}/sys-include
+}
+
+src_strip() {
+ # gdb is lame and requires some debugging information to remain in
+ # libpthread, so we need to strip it by hand. libthread_db makes no
+ # sense stripped as it is only used when debugging.
+ local pthread=$(has splitdebug ${FEATURES} && echo "libthread_db" || echo "lib{pthread,thread_db}")
+ env \
+ -uRESTRICT \
+ CHOST=${CTARGET} \
+ STRIP_MASK="/*/{,tls/}${pthread}*" \
+ prepallstrip
+ # if user has stripping enabled and does not have split debug turned on,
+ # then leave the debugging sections in libpthread.
+ if ! has nostrip ${FEATURES} && ! has splitdebug ${FEATURES} ; then
+ ${STRIP:-${CTARGET}-strip} --strip-debug "${ED}"/*/libpthread-*.so
+ fi
+}
+
+eblit-glibc-src_install() {
+ if just_headers ; then
+ export ABI=default
+ toolchain-glibc_headers_install
+ return
+ fi
+
+ foreach_abi toolchain-glibc_src_install
+ src_strip
+}
diff --git a/sys-libs/glibc/files/eblits/src_prepare.eblit b/sys-libs/glibc/files/eblits/src_prepare.eblit
new file mode 100644
index 0000000..dc57fae
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_prepare.eblit
@@ -0,0 +1,63 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_prepare.eblit,v 1.1 2014/09/10 05:59:03 vapier Exp $
+
+eblit-glibc-src_prepare() {
+ # XXX: We should do the branchupdate, before extracting the manpages and
+ # infopages else it does not help much (mtimes change if there is a change
+ # to them with branchupdate)
+ if [[ -n ${BRANCH_UPDATE} ]] ; then
+ epatch "${DISTDIR}"/glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2
+
+ # Snapshot date patch
+ einfo "Patching version to display snapshot date ..."
+ sed -i -e "s:\(#define RELEASE\).*:\1 \"${BRANCH_UPDATE}\":" version.h
+ fi
+
+ # tag, glibc is it
+ if ! version_is_at_least 2.17 ; then
+ [[ -e csu/Banner ]] && die "need new banner location"
+ glibc_banner > csu/Banner
+ fi
+ if [[ -n ${PATCH_VER} ]] && ! use vanilla ; then
+ EPATCH_MULTI_MSG="Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER} ..." \
+ EPATCH_EXCLUDE=${GLIBC_PATCH_EXCLUDE} \
+ EPATCH_SUFFIX="patch" \
+ ARCH=$(tc-arch) \
+ epatch "${WORKDIR}"/patches
+ fi
+
+ if just_headers ; then
+ if [[ -e ports/sysdeps/mips/preconfigure ]] ; then
+ # mips peeps like to screw with us. if building headers,
+ # we don't have a real compiler, so we can't let them
+ # insert -mabi on us.
+ sed -i '/CPPFLAGS=.*-mabi/s|.*|:|' ports/sysdeps/mips/preconfigure || die
+ find ports/sysdeps/mips/ -name Makefile -exec sed -i '/^CC.*-mabi=/s:-mabi=.*:-D_MIPS_SZPTR=32:' {} +
+ fi
+ fi
+
+ epatch_user
+
+ gnuconfig_update
+
+ # Glibc is stupid sometimes, and doesn't realize that with a
+ # static C-Only gcc, -lgcc_eh doesn't exist.
+ # http://sourceware.org/ml/libc-alpha/2003-09/msg00100.html
+ # http://sourceware.org/ml/libc-alpha/2005-02/msg00042.html
+ # But! Finally fixed in recent versions:
+ # http://sourceware.org/ml/libc-alpha/2012-05/msg01865.html
+ if ! version_is_at_least 2.16 ; then
+ echo 'int main(){}' > "${T}"/gcc_eh_test.c
+ if ! $(tc-getCC ${CTARGET}) ${CFLAGS} ${LDFLAGS} "${T}"/gcc_eh_test.c -lgcc_eh 2>/dev/null ; then
+ sed -i -e 's:-lgcc_eh::' Makeconfig || die "sed gcc_eh"
+ fi
+ fi
+
+ cd "${WORKDIR}"
+ find . -type f '(' -size 0 -o -name "*.orig" ')' -delete
+ find . -name configure -exec touch {} +
+
+ # Fix permissions on some of the scripts.
+ chmod u+x "${S}"/scripts/*.sh
+}
diff --git a/sys-libs/glibc/files/eblits/src_test.eblit b/sys-libs/glibc/files/eblits/src_test.eblit
new file mode 100644
index 0000000..210cca3
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_test.eblit
@@ -0,0 +1,30 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_test.eblit,v 1.9 2014/09/17 22:53:43 vapier Exp $
+
+glibc_src_test() {
+ cd "$(builddir $1)"
+ nonfatal emake -j1 check && return 0
+ einfo "make check failed - re-running with --keep-going to get the rest of the results"
+ nonfatal emake -j1 -k check
+ ewarn "make check failed for ${ABI}-${CTARGET}-$1"
+ return 1
+}
+
+toolchain-glibc_src_test() {
+ local ret=0 t
+ for t in linuxthreads nptl ; do
+ if want_${t} ; then
+ glibc_src_test ${t}
+ : $(( ret |= $? ))
+ fi
+ done
+ return ${ret}
+}
+
+eblit-glibc-src_test() {
+ # Give tests more time to complete.
+ export TIMEOUTFACTOR=5
+
+ foreach_abi toolchain-glibc_src_test || die "tests failed"
+}
diff --git a/sys-libs/glibc/files/eblits/src_unpack.eblit b/sys-libs/glibc/files/eblits/src_unpack.eblit
new file mode 100644
index 0000000..94f33b5
--- /dev/null
+++ b/sys-libs/glibc/files/eblits/src_unpack.eblit
@@ -0,0 +1,121 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/eblits/src_unpack.eblit,v 1.27 2014/09/10 05:59:03 vapier Exp $
+
+[[ ${EAPI:-0} == [01] ]] && source "${FILESDIR}/eblits/src_prepare.eblit"
+
+int_to_KV() {
+ local version=$1 major minor micro
+ major=$((version / 65536))
+ minor=$(((version % 65536) / 256))
+ micro=$((version % 256))
+ echo ${major}.${minor}.${micro}
+}
+
+eend_KV() {
+ [[ $(KV_to_int $1) -ge $(KV_to_int $2) ]]
+ eend $?
+}
+
+get_kheader_version() {
+ printf '#include <linux/version.h>\nLINUX_VERSION_CODE\n' | \
+ $(tc-getCPP ${CTARGET}) -I "${EPREFIX}/$(alt_build_headers)" - | \
+ tail -n 1
+}
+
+check_nptl_support() {
+ # don't care about the compiler here as we arent using it
+ just_headers && return
+
+ local run_kv build_kv want_kv
+ run_kv=$(int_to_KV $(get_KV))
+ build_kv=$(int_to_KV $(get_kheader_version))
+ want_kv=${NPTL_KERN_VER}
+
+ ebegin "Checking gcc for __thread support"
+ if ! eend $(want__thread ; echo $?) ; then
+ echo
+ eerror "Could not find a gcc that supports the __thread directive!"
+ eerror "Please update your binutils/gcc and try again."
+ die "No __thread support in gcc!"
+ fi
+
+ if ! is_crosscompile && ! tc-is-cross-compiler ; then
+ # Building fails on an non-supporting kernel
+ ebegin "Checking kernel version (${run_kv} >= ${want_kv})"
+ if ! eend_KV ${run_kv} ${want_kv} ; then
+ echo
+ eerror "You need a kernel of at least ${want_kv} for NPTL support!"
+ die "Kernel version too low!"
+ fi
+ fi
+
+ ebegin "Checking linux-headers version (${build_kv} >= ${want_kv})"
+ if ! eend_KV ${build_kv} ${want_kv} ; then
+ echo
+ eerror "You need linux-headers of at least ${want_kv} for NPTL support!"
+ die "linux-headers version too low!"
+ fi
+}
+
+unpack_pkg() {
+ local a=${PN}
+ [[ -n ${SNAP_VER} ]] && a="${a}-${RELEASE_VER}"
+ [[ -n $1 ]] && a="${a}-$1"
+ if [[ -n ${SNAP_VER} ]] ; then
+ a="${a}-${SNAP_VER}"
+ else
+ if [[ -n $2 ]] ; then
+ a="${a}-$2"
+ else
+ a="${a}-${RELEASE_VER}"
+ fi
+ fi
+ if has ${a}.tar.xz ${A} ; then
+ unpacker ${a}.tar.xz
+ else
+ unpack ${a}.tar.bz2
+ fi
+ [[ -n $1 ]] && { mv ${a} $1 || die ; }
+}
+
+toolchain-glibc_src_unpack() {
+ # Check NPTL support _before_ we unpack things to save some time
+ want_nptl && check_nptl_support
+
+ if [[ -n ${EGIT_REPO_URIS} ]] ; then
+ local i d
+ for ((i=0; i<${#EGIT_REPO_URIS[@]}; ++i)) ; do
+ EGIT_REPO_URI=${EGIT_REPO_URIS[$i]}
+ EGIT_SOURCEDIR=${EGIT_SOURCEDIRS[$i]}
+ git-2_src_unpack
+ done
+ else
+ unpack_pkg
+ fi
+
+ cd "${S}"
+ touch locale/C-translit.h #185476 #218003
+ [[ -n ${LT_VER} ]] && unpack_pkg linuxthreads ${LT_VER}
+ [[ -n ${PORTS_VER} ]] && unpack_pkg ports ${PORTS_VER}
+ [[ -n ${LIBIDN_VER} ]] && unpack_pkg libidn
+
+ if [[ -n ${PATCH_VER} ]] ; then
+ cd "${WORKDIR}"
+ unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2
+ # pull out all the addons
+ local d
+ for d in extra/*/configure ; do
+ d=${d%/configure}
+ [[ -d ${S}/${d} ]] && die "${d} already exists in \${S}"
+ mv "${d}" "${S}" || die "moving ${d} failed"
+ done
+ fi
+}
+
+eblit-glibc-src_unpack() {
+ setup_env
+
+ toolchain-glibc_src_unpack
+ [[ ${EAPI:-0} == [01] ]] && cd "${S}" && eblit-glibc-src_prepare
+}
diff --git a/sys-libs/glibc/files/nscd b/sys-libs/glibc/files/nscd
new file mode 100755
index 0000000..b102de0
--- /dev/null
+++ b/sys-libs/glibc/files/nscd
@@ -0,0 +1,64 @@
+#!/sbin/runscript
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nscd,v 1.7 2007/02/23 12:09:39 uberlord Exp $
+
+depend() {
+ use dns ldap net slapd
+}
+
+checkconfig() {
+ if [ ! -d /var/run/nscd ] ; then
+ mkdir -p /var/run/nscd
+ chmod 755 /var/run/nscd
+ fi
+ if [ -z "${NSCD_PERMS_OK}" ] && [ "$(stat -c %a /var/run/nscd)" != "755" ] ; then
+ echo ""
+ ewarn "nscd run dir is not world readable, you should reset the perms:"
+ ewarn "chmod 755 /var/run/nscd"
+ ewarn "chmod a+rw /var/run/nscd/socket"
+ echo ""
+ ewarn "To disable this warning, set 'NSCD_PERMS_OK' in /etc/conf.d/nscd"
+ echo ""
+ fi
+}
+
+start() {
+ checkconfig
+
+ ebegin "Starting Name Service Cache Daemon"
+ local secure=`while read curline ; do
+ table=${curline%:*}
+ entries=${curline##$table:}
+ table=${table%%[^a-z]*}
+ case $table in
+ passwd*|group*|hosts)
+ for entry in $entries ; do
+ case $entry in
+ nisplus*)
+ /usr/sbin/nscd_nischeck $table || \
+ /echo "-S $table,yes"
+ ;;
+ esac
+ done
+ ;;
+ esac
+ done < /etc/nsswitch.conf`
+ local pidfile="$(strings /usr/sbin/nscd | grep nscd.pid)"
+ mkdir -p "$(dirname ${pidfile})"
+ save_options pidfile "${pidfile}"
+ start-stop-daemon --start --quiet \
+ --exec /usr/sbin/nscd --pidfile "${pidfile}" \
+ -- $secure
+ eend $?
+}
+
+stop() {
+ local pidfile="$(get_options pidfile)"
+ [ -n "${pidfile}" ] && pidfile="--pidfile ${pidfile}"
+ ebegin "Shutting down Name Service Cache Daemon"
+ start-stop-daemon --stop --quiet --exec /usr/sbin/nscd ${pidfile}
+ eend $?
+}
+
+# vim:ts=4
diff --git a/sys-libs/glibc/files/nscd.service b/sys-libs/glibc/files/nscd.service
new file mode 100644
index 0000000..25a3b1d
--- /dev/null
+++ b/sys-libs/glibc/files/nscd.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Name Service Cache Daemon
+After=network.target
+
+[Service]
+ExecStart=/usr/sbin/nscd -F
+ExecStop=/usr/sbin/nscd --shutdown
+ExecReload=/usr/sbin/nscd -i passwd
+ExecReload=/usr/sbin/nscd -i group
+ExecReload=/usr/sbin/nscd -i hosts
+ExecReload=/usr/sbin/nscd -i services
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sys-libs/glibc/files/nscd.tmpfilesd b/sys-libs/glibc/files/nscd.tmpfilesd
new file mode 100644
index 0000000..52edbba
--- /dev/null
+++ b/sys-libs/glibc/files/nscd.tmpfilesd
@@ -0,0 +1,4 @@
+# Configuration to create /run/nscd directory
+# Used as part of systemd's tmpfiles
+
+d /run/nscd 0755 root root
diff --git a/sys-libs/glibc/files/nsswitch.conf b/sys-libs/glibc/files/nsswitch.conf
new file mode 100644
index 0000000..eb16961
--- /dev/null
+++ b/sys-libs/glibc/files/nsswitch.conf
@@ -0,0 +1,24 @@
+# /etc/nsswitch.conf:
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/nsswitch.conf,v 1.1 2005/05/17 00:52:41 vapier Exp $
+
+passwd: compat
+shadow: compat
+group: compat
+
+# passwd: db files nis
+# shadow: db files nis
+# group: db files nis
+
+hosts: files dns
+networks: files dns
+
+services: db files
+protocols: db files
+rpc: db files
+ethers: db files
+netmasks: files
+netgroup: files
+bootparams: files
+
+automount: files
+aliases: files
diff --git a/sys-libs/glibc/glibc-2.16.0-r1.ebuild b/sys-libs/glibc/glibc-2.16.0-r1.ebuild
new file mode 100644
index 0000000..f070bd6
--- /dev/null
+++ b/sys-libs/glibc/glibc-2.16.0-r1.ebuild
@@ -0,0 +1,228 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.16.0.ebuild,v 1.34 2014/03/14 09:11:35 vapier Exp $
+
+inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib systemd unpacker multiprocessing
+
+DESCRIPTION="GNU libc6 (also called glibc2) C library"
+HOMEPAGE="http://www.gnu.org/software/libc/libc.html"
+
+LICENSE="LGPL-2.1+ BSD HPND inner-net"
+KEYWORDS="~alpha amd64 arm -hppa ia64 ~mips ppc ppc64 ~s390 ~sh ~sparc x86"
+RESTRICT="strip" # strip ourself #46186
+EMULTILIB_PKG="true"
+
+# Configuration variables
+RELEASE_VER=""
+BRANCH_UPDATE=""
+SNAP_VER=""
+case ${PV} in
+9999*)
+ EGIT_REPO_URIS=( "git://sourceware.org/git/glibc.git" "git://sourceware.org/git/glibc-ports.git" )
+ EGIT_SOURCEDIRS=( "${S}" "${S}/ports" )
+ inherit git-2
+ ;;
+*_p*)
+ RELEASE_VER=${PV%_p*}
+ SNAP_VER=${PV#*_p}
+ ;;
+*)
+ RELEASE_VER=${PV}
+ ;;
+esac
+LIBIDN_VER="" # it's integrated into the main tarball now
+PATCH_VER="12" # Gentoo patchset
+PORTS_VER=${RELEASE_VER} # version of glibc ports addon
+NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.16"} # min kernel version nptl requires
+
+IUSE="debug gd hardened multilib selinux suid systemtap profile vanilla crosscompile_opts_headers-only"
+[[ -n ${RELEASE_VER} ]] && S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}}
+
+# Here's how the cross-compile logic breaks down ...
+# CTARGET - machine that will target the binaries
+# CHOST - machine that will host the binaries
+# CBUILD - machine that will build the binaries
+# If CTARGET != CHOST, it means you want a libc for cross-compiling.
+# If CHOST != CBUILD, it means you want to cross-compile the libc.
+# CBUILD = CHOST = CTARGET - native build/install
+# CBUILD != (CHOST = CTARGET) - cross-compile a native build
+# (CBUILD = CHOST) != CTARGET - libc for cross-compiler
+# CBUILD != CHOST != CTARGET - cross-compile a libc for a cross-compiler
+# For install paths:
+# CHOST = CTARGET - install into /
+# CHOST != CTARGET - install into /usr/CTARGET/
+
+export CBUILD=${CBUILD:-${CHOST}}
+export CTARGET=${CTARGET:-${CHOST}}
+if [[ ${CTARGET} == ${CHOST} ]] ; then
+ if [[ ${CATEGORY} == cross-* ]] ; then
+ export CTARGET=${CATEGORY#cross-}
+ fi
+fi
+
+[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.16/2.6.20}
+
+is_crosscompile() {
+ [[ ${CHOST} != ${CTARGET} ]]
+}
+
+# Why SLOT 2.2 you ask yourself while sippin your tea ?
+# Everyone knows 2.2 > 0, duh.
+SLOT="2.2"
+
+# General: We need a new-enough binutils/gcc to match upstream baseline.
+# arch: we need to make sure our binutils/gcc supports TLS.
+DEPEND=">=app-misc/pax-utils-0.1.10
+ !<sys-apps/sandbox-1.6
+ !<sys-apps/portage-2.1.2
+ selinux? ( sys-libs/libselinux )"
+RDEPEND="!sys-kernel/ps3-sources
+ selinux? ( sys-libs/libselinux )
+ !sys-libs/nss-db"
+
+if [[ ${CATEGORY} == cross-* ]] ; then
+ DEPEND+=" !crosscompile_opts_headers-only? (
+ >=${CATEGORY}/binutils-2.20
+ >=${CATEGORY}/gcc-4.3
+ )"
+ [[ ${CATEGORY} == *-linux* ]] && DEPEND+=" ${CATEGORY}/linux-headers"
+else
+ DEPEND+="
+ >=sys-devel/binutils-2.20
+ >=sys-devel/gcc-4.3
+ virtual/os-headers
+ !vanilla? ( >=sys-libs/timezone-data-2012c )"
+ RDEPEND+="
+ vanilla? ( !sys-libs/timezone-data )
+ !vanilla? ( sys-libs/timezone-data )"
+fi
+
+SRC_URI=$(
+ upstream_uris() {
+ echo mirror://gnu/glibc/$1 ftp://sourceware.org/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1
+ }
+ gentoo_uris() {
+ local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI"
+ devspace=${devspace//HTTP/http://dev.gentoo.org/}
+ echo mirror://gentoo/$1 ${devspace//URI/$1}
+ }
+
+ TARNAME=${PN}
+ if [[ -n ${SNAP_VER} ]] ; then
+ TARNAME="${PN}-${RELEASE_VER}"
+ [[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER}
+ upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2
+ elif [[ -z ${EGIT_REPO_URIS} ]] ; then
+ upstream_uris ${TARNAME}-${RELEASE_VER}.tar.xz
+ fi
+ [[ -n ${LIBIDN_VER} ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2
+ [[ -n ${PORTS_VER} ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.xz
+ [[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2
+ [[ -n ${PATCH_VER} ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2
+)
+
+# eblit-include [--skip] <function> [version]
+eblit-include() {
+ local skipable=false
+ [[ $1 == "--skip" ]] && skipable=true && shift
+ [[ $1 == pkg_* ]] && skipable=true
+
+ local e v func=$1 ver=$2
+ [[ -z ${func} ]] && die "Usage: eblit-include <function> [version]"
+ for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do
+ e="${FILESDIR}/eblits/${func}${v}.eblit"
+ if [[ -e ${e} ]] ; then
+ source "${e}"
+ return 0
+ fi
+ done
+ ${skipable} && return 0
+ die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/"
+}
+
+# eblit-run-maybe <function>
+# run the specified function if it is defined
+eblit-run-maybe() {
+ [[ $(type -t "$@") == "function" ]] && "$@"
+}
+
+# eblit-run <function> [version]
+# aka: src_unpack() { eblit-run src_unpack ; }
+eblit-run() {
+ eblit-include --skip common "${*:2}"
+ eblit-include "$@"
+ eblit-run-maybe eblit-$1-pre
+ eblit-${PN}-$1
+ eblit-run-maybe eblit-$1-post
+}
+
+src_unpack() { eblit-run src_unpack ; }
+src_compile() { eblit-run src_compile ; }
+src_test() { eblit-run src_test ; }
+src_install() { eblit-run src_install ; }
+
+# FILESDIR might not be available during binpkg install
+for x in setup {pre,post}inst ; do
+ e="${FILESDIR}/eblits/pkg_${x}.eblit"
+ if [[ -e ${e} ]] ; then
+ . "${e}"
+ eval "pkg_${x}() { eblit-run pkg_${x} ; }"
+ fi
+done
+
+eblit-src_unpack-post() {
+#SDS
+ cd "${S}"
+ epatch "${FILESDIR}"/2.16/glibc-rh1183535.patch || die
+#EDS
+
+ if use hardened ; then
+ cd "${S}"
+ einfo "Patching to get working PIE binaries on PIE (hardened) platforms"
+ gcc-specs-pie && epatch "${FILESDIR}"/2.16/glibc-2.16-hardened-pie.patch
+ epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch
+ epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
+
+ einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"
+ cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \
+ debug/stack_chk_fail.c || die
+ cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \
+ debug/chk_fail.c || die
+
+ if use debug ; then
+ # When using Hardened Gentoo stack handler, have smashes dump core for
+ # analysis - debug only, as core could be an information leak
+ # (paranoia).
+ sed -i \
+ -e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
+ debug/Makefile \
+ || die "Failed to modify debug/Makefile for debug stack handler"
+ sed -i \
+ -e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
+ debug/Makefile \
+ || die "Failed to modify debug/Makefile for debug fortify handler"
+ fi
+
+ # Build nscd with ssp-all
+ sed -i \
+ -e 's:-fstack-protector$:-fstack-protector-all:' \
+ nscd/Makefile \
+ || die "Failed to ensure nscd builds with ssp-all"
+ fi
+}
+
+eblit-pkg_preinst-post() {
+ if [[ ${CTARGET} == arm* ]] ; then
+ # Backwards compat support for renaming hardfp ldsos #417287
+ local oldso='/lib/ld-linux.so.3'
+ local nldso='/lib/ld-linux-armhf.so.3'
+ if [[ -e ${D}${nldso} ]] ; then
+ if scanelf -qRyi "${ROOT}$(alt_prefix)"/*bin/ | grep -s "^${oldso}" ; then
+ ewarn "Symlinking old ldso (${oldso}) to new ldso (${nldso})."
+ ewarn "Please rebuild all packages using this old ldso as compat"
+ ewarn "support will be dropped in the future."
+ ln -s "${nldso##*/}" "${D}$(alt_prefix)${oldso}"
+ fi
+ fi
+ fi
+}
--
cgit v1.2.3