Calculating dependencies ...done! >>> emerge (1 of 1) dev-libs/dietlibc-0.28 to / >>> md5 src_uri ;-) dietlibc-0.28.tar.bz2 >>> Unpacking source... >>> Unpacking dietlibc-0.28.tar.bz2 to /var/tmp/portage/dietlibc-0.28/work * Applying 0.24-dirent-prototype.patch ... [ ok ] * Applying gcc-33-r3.patch ... [ ok ] * Applying dietlibc-sparc64-makefile.patch ... [ ok ] * Applying dietlibc-0.26-ssp.patch ... [ ok ] cc1: error: unrecognized command line option "-fno-stack-protector-all" cc1: error: unrecognized command line option "-fno-stack-protector" * Applying dietlibc-0.28-Makefile.patch ... [ ok ] >>> Source unpacked. mkdir bin-i386 gcc -I. -isystem include -m32 -O3 -mtune=athlon-4 -fomit-frame-pointer -funroll-loops -pipe -D__dietlibc__ -fno-stack-protector-all -fno-stack-protector -c i386/start.S -o bin-i386/start.o cc1: error: unrecognized command line option "-fno-stack-protector-all" cc1: error: unrecognized command line option "-fno-stack-protector" make: *** [bin-i386/start.o] Error 1 !!! ERROR: dev-libs/dietlibc-0.28 failed. !!! Function src_compile, Line 41, Exitcode 2 !!! emake failed !!! If you need support, post the topmost build error, NOT this status message. Portage 2.0.51.19 (default-linux/x86/2004.2, gcc-3.4.3-20050110, glibc-2.3.4.20050125-r1, 2.6.11-gentoo-r4 i686) ================================================================= System uname: 2.6.11-gentoo-r4 i686 mobile AMD Athlon(tm) XP 2500+ Gentoo Base System version 1.6.10 Python: dev-lang/python-2.3.5 [2.3.5 (#1, Feb 18 2005, 13:00:21)] distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.3 [enabled] dev-lang/python: 2.3.5 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.9.5, 1.7.9-r1, 1.8.5-r3, 1.5, 1.6.3, 1.4_p6 sys-devel/binutils: 2.15.92.0.2-r1, 2.15.92.0.2-r7 sys-devel/libtool: 1.5.14 virtual/os-headers: 2.6.8.1-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-m32 -O3 -mtune=athlon-4 -fomit-frame-pointer -funroll-loops -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /lib/modules /opt/glftpd/etc /opt/openjms/config /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/fax /usr/lib/gcc/i686-pc-linux-gnu/3.4.3 /usr/lib/gcc/i686-pc-linux-gnu/3.4.4 /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control /var/spool/fax/etc" CONFIG_PROTECT_MASK="/etc/afs/C /etc/afs/afsws /etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-m32 -O3 -mtune=athlon-4 -fomit-frame-pointer -funroll-loops -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig buildpkg ccache distlocks sandbox sfperms" GENTOO_MIRRORS="ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.uni-muenster.de/pub/linux/distributions/gentoo http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 16bit 3dnow 3dnowex 3dnowext X X509 Xaw3d a52 aac aalib accessibility accounting acl acpi activefilter ada adns afs aim alsa ao apache2 apm arts artswrappersuid artworkextra asterisk async atm audiofile authdaemond avi bash-completion bcmath berkdb bidi bind-mysql bitmap-fonts blas blender-game bluetooth bmp bonobo bootsplash boundchecking boundschecking bri brltty buffysize bzip2 bzlib c++ cairo calendar camaelon caps cdda cddb cdio cdparanoia cdr cgi chasen chroot cle266 clearcase clearpasswd codecs cpdflib crypt cscope ctype cups curl curlwrappers dbase dbm dbx dedicated devfs26 devmap dga dhcp dio directfb divx4linux djbfft dlloader dmalloc dmx dpms drac dts dv dvb dvd dvdr dvdread edl eds emacs emboss encode esd ethereal evo exif f77 faac faad fam fame fastcgi fax fb fbcon fbdev ffmpeg fftw filepro flac flash flatfile flexresp flood florz fltk fluidsynth font-server foomaticdb fortran fpx frascend freetype frlargefiles frxp ftp gb gcc-libffi gcj gd gd-external gdbm ggi gif gimpprint ginac glitz glut gmp gnokii gnome gnomedb gnustep gnutls gphoto2 gpm gps graphviz gsm gsnd gstreamer gtk gtk2 gtkhtml guile hal haskell hdf5 howl httpd hub iconv icq icu idea idled idn ieee1394 imagemagic imagemagick imap imlib imlib2 immqt immqt-bc inetd inifile inline innodb insecure-drivers intl ipalias ipv6 irda isdn jabber jack jack-tmpfs java javascript jbig jce jikes jit jks jms joystick jpeg jpeg2k junit jython kcal kde kdeenablefinal kdexdeltas kerberos koffice-plugin krb4 ladcca large-domain latex lcd lcms ldap leim lesstif libcaca libclamav libg++ libgda libsamplerate libwww lirc live lm_sensors logitech-mouse logrotate lua lynxkeymap lzo lzw-tiff mad maildir maildrop mailwrapper matroska matrox mbox mbrola mcal mcve md5sum mecab memlimit mhash mikmod mime ming mjpeg mmap mmx mmx2 mmxext mng modelock motif mozcalendar mozdevelop mozilla mozsvg mozxmlterm mp3 mpeg mpeg2 mpeg4 mpi mppe-mppc msn multicall multislot multitarget mysql mysql41 mythtv nagios-dns nagios-ntp nagios-ping nagios-ssh nas ncurses netboot netcdf nethack network neural nis nls nntp non-flattened nptl nptlonly nvidia oav objc odbc offensive ogg oggvorbis openexr opengl oscar oss pam pam_chroot pam_console pam_timestamp pascal pcap pcmcia pcntl pcre pcsc-lite pda pdflib perforce perl pg-hier pg-intdatetime pg-vacuumdelay php pic plotutils png pnp portaudio posix postgres povray ppds prelude pri procmail profile pvm pwdb python qemu-fast qhull qt quicktime quotas radius rdesktop readline real resperl rhino rrdtool rtc ruby samba sample sasl sblive scanner sdk sdl sendfile serial server session sftplogging sguil shaper shared sharedmem silc simplexml skey slang slp smartcard smime sms smtp smux sndfile snmp snortsam soap sockets socks5 softmmu softquota soundtouch sox spamassassin speex spell spl sql sqlite sse ssl static-modules stats stencil-buffer stream streamzap subject-rewrite subversion svg svga sysvipc szip tcltk tcpd test tetex tga theora threads tidy tiff timidity tokenizer transcode transparent-proxy truetype truetype-fonts type1-fonts ucs2 underscores unicode usb userlocales utf8 v4l v4l2 vcd vchroot vda vdesktop vhosts vidix vim-with-x virus-scan visualization vlm vorbis vpopmail wddx wifi winbind wmf wxwindows x11vnc xanim xbase xfs xim xine xinerama xml xml2 xmlrpc xmms xosd xpm xprint xscreensaver xsl xv xvid xvmc yahoo yaz zaptel zeroconf zlib" Unset: ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS
hardened: ideas on how building a toolchain w/out these features is possible ?
I have no idea how a user could build a >=gcc-3 && <gcc-4 and not include the option for the -fno-stack* Did somebody bump gcc and omit the IBM-ssp patch?
Hans-Christian: what does `gcc --version` show ?
gcc (GCC) 3.4.3-20050110 (Gentoo Linux 3.4.3.20050110-r1, HTB-3.4.2-1.00) Copyright (C) 2004 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
oh, USE=boundschecking hardened team: what if we added a small patch to the HTB version of gcc which basically made all the -fstack flags a nop ? sound reasonable ?
Ahh yeah HTB. At tops I would only add the nop for the -fno-stack- functionality, the gcc should fail if you try to force -fstack as no such options exists when the user is asking for functionality. I never looked at the patch but when pappy did the initial HTB patches was there any reason that you could see that he made it a one or the other? (too much patch fuzziness)
download this patch: http://dev.gentoo.org/~vapier/bounds-checking-gcc-3.4.2-1.00.patch.bz2 move it to your /usr/portage/distfiles, rebuild the ebuild digest, and emerge it ... see if dietlibc works after that
Created attachment 54825 [details] bounds-checking-gcc-3.4.2-1.00.patch.bz2-1169.out errors Did I include the patch correctly? src_unpack() { unpack ${A} cd "${S}" epatch /usr/portage/distfiles/bounds-checking-gcc-3.4.2-1.00.patch.bz2 epatch "${FILESDIR}"/0.24-dirent-prototype.patch epatch "${FILESDIR}"/gcc-33-r3.patch epatch "${FILESDIR}"/dietlibc-sparc64-makefile.patch #45601
*** Bug 89179 has been marked as a duplicate of this bug. ***
Hello, anybody here? Did I include the pathc correctly? Johnny
*** Bug 90728 has been marked as a duplicate of this bug. ***
Is here anybody working on that issue?
*** Bug 92998 has been marked as a duplicate of this bug. ***
gcc-3.3 and gcc-3.4 now have stubs for ssp and htb
*** Bug 147228 has been marked as a duplicate of this bug. ***
