Index: ebuild.sh
===================================================================
--- ebuild.sh	(revision 2825)
+++ ebuild.sh	(working copy)
@@ -1095,7 +1095,7 @@
 	done
 
 	if type -p scanelf > /dev/null ; then
-		local insecure_rpath=0
+		local qa_var insecure_rpath=0
 
 		# Make sure we disallow insecure RUNPATH/RPATH's
 		# Don't want paths that point to the tree where the package was built
@@ -1132,9 +1132,22 @@
 		fi
 
 		# TEXTREL's are baaaaaaaad
-		f=$(scanelf -qyRF '%t %p' "${D}")
+		# Allow devs to mark things as ignorable ... e.g. things that are
+		# binary-only and upstream isn't cooperating (nvidia-glx) ... we
+		# allow ebuild authors to set QA_TEXTRELS_arch and QA_TEXTRELS ...
+		# the former overrides the latter ... regexes allowed ! :)
+		qa_var="QA_TEXTRELS_${ARCH}"
+		[[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
+		f=$(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/' | \
+			gawk '
+			BEGIN { split("'"${QA_TEXTRELS}"'", ignore); }
+			{	for (idx in ignore)
+					if ($NF ~ "^"ignore[idx]"$")
+					next;
+				print;
+			}')
 		if [[ -n ${f} ]] ; then
-			scanelf -qyRF '%T %p' "${WORKDIR}"/ &> "${T}"/scanelf-textrel.log
+			scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
 			echo -ne '\a\n'
 			echo "QA Notice: the following files contain runtime text relocations"
 			echo " Text relocations force the dynamic linker to perform extra"
@@ -1158,15 +1171,30 @@
 			# http://hardened.gentoo.org/gnu-stack.xml (Arch Status)
 			case ${CTARGET:-${CHOST}} in
 				i?86*|ia64*|m68k*|powerpc64*|s390*|x86_64*)
-					f=$(scanelf -qyRF '%e %p' "${D}") ;;
-				*)
-					f="" ;;
+					# Allow devs to mark things as ignorable ... e.g. things
+					# that are binary-only and upstream isn't cooperating ...
+					# we allow ebuild authors to set QA_EXECSTACK_arch and
+					# QA_EXECSTACK ... the former overrides the latter ...
+					# regexes allowed ! :)
+
+					qa_var="QA_EXECSTACK_${ARCH}"
+					[[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
+					f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \
+						gawk '
+						BEGIN { split("'"${QA_EXECSTACK}"'", ignore); }
+						{	for (idx in ignore)
+								if ($NF ~ "^"ignore[idx]"$")
+									next;
+							print;
+						}')
+					;;
+				*)	f="" ;;
 			esac
 			;;
 		esac
 		if [[ -n ${f} ]] ; then
 			# One more pass to help devs track down the source
-			scanelf -qyRF '%e %p' "${WORKDIR}"/ &> "${T}"/scanelf-exec.log
+			scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
 			echo -ne '\a\n'
 			echo "QA Notice: the following files contain executable stacks"
 			echo " Files with executable stacks will not work properly (or at all!)"
@@ -1174,7 +1202,7 @@
 			echo " at http://bugs.gentoo.org/ to make sure the file is fixed."
 			echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
 			echo " Please include this file in your report:"
-			echo " ${T}/scanelf-exec.log"
+			echo " ${T}/scanelf-execstack.log"
 			echo "${f}"
 			echo -ne '\a\n'
 			die_msg="${die_msg} execstacks"