summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKevin F. Quinn <kevquinn@gentoo.org>2007-03-13 07:24:51 +0000
committerKevin F. Quinn <kevquinn@gentoo.org>2007-03-13 07:24:51 +0000
commit10089bfaa0c68606b3bf58496a172bfdbcd6d2fa (patch)
treedfda3a8bb2543c92a2f4b21ea1eb9170952b1ef2 /hardened
parentUpdate in line with gentoo-x86 glibc-2.5-r1 (diff)
downloadkevquinn-10089bfaa0c68606b3bf58496a172bfdbcd6d2fa.tar.gz
kevquinn-10089bfaa0c68606b3bf58496a172bfdbcd6d2fa.tar.bz2
kevquinn-10089bfaa0c68606b3bf58496a172bfdbcd6d2fa.zip
Remove obsolete stuff
svn path=/; revision=192
Diffstat (limited to 'hardened')
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-gentoo-stack_chk_fail.c311
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-configure-picdefault.patch28
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-inittls-nosysenter.patch283
-rw-r--r--hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-pie.patch38
4 files changed, 0 insertions, 660 deletions
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-gentoo-stack_chk_fail.c b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-gentoo-stack_chk_fail.c
deleted file mode 100644
index e304440..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-gentoo-stack_chk_fail.c
+++ /dev/null
@@ -1,311 +0,0 @@
-/* Copyright (C) 2005 Free Software Foundation, Inc.
- This file is part of the GNU C Library.
-
- The GNU C Library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- The GNU C Library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with the GNU C Library; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- 02111-1307 USA. */
-
-/* Copyright (C) 2006 Gentoo Foundation Inc.
- * License terms as above.
- *
- * Hardened Gentoo SSP handler
- *
- * An SSP failure handler that does not use functions from the rest of
- * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures
- * no possibility of recursion into the handler.
- *
- * Direct all bug reports to http://bugs.gentoo.org/
- *
- * Re-written from the glibc-2.3 Hardened Gentoo SSP handler
- * by Kevin F. Quinn - <kevquinn[@]gentoo.org>
- *
- * The following people contributed to the glibc-2.3 Hardened
- * Gentoo SSP handler, from which this implementation draws much:
- *
- * Ned Ludd - <solar[@]gentoo.org>
- * Alexander Gabert - <pappy[@]gentoo.org>
- * The PaX Team - <pageexec[@]freemail.hu>
- * Peter S. Mazinger - <ps.m[@]gmx.net>
- * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
- * Robert Connolly - <robert[@]linuxfromscratch.org>
- * Cory Visi <cory[@]visi.name>
- * Mike Frysinger <vapier[@]gentoo.org>
- */
-
-#include <errno.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <signal.h>
-
-#include <sys/types.h>
-
-#include <sysdep-cancel.h>
-#include <sys/syscall.h>
-#include <bp-checks.h>
-
-#include <kernel-features.h>
-
-#include <alloca.h>
-/* from sysdeps */
-#include <socketcall.h>
-/* for the stuff in bits/socket.h */
-#include <sys/socket.h>
-#include <sys/un.h>
-
-
-/* Sanity check on SYSCALL macro names - force compilation
- * failure if the names used here do not exist
- */
-#if !defined __NR_socketcall && !defined __NR_socket
-# error Cannot do syscall socket or socketcall
-#endif
-#if !defined __NR_socketcall && !defined __NR_connect
-# error Cannot do syscall connect or socketcall
-#endif
-#ifndef __NR_write
-# error Cannot do syscall write
-#endif
-#ifndef __NR_close
-# error Cannot do syscall close
-#endif
-#ifndef __NR_getpid
-# error Cannot do syscall getpid
-#endif
-#ifndef __NR_kill
-# error Cannot do syscall kill
-#endif
-#ifndef __NR_exit
-# error Cannot do syscall exit
-#endif
-#ifdef SSP_SMASH_DUMPS_CORE
-# if !defined _KERNEL_NSIG && !defined _NSIG
-# error No _NSIG or _KERNEL_NSIG for rt_sigaction
-# endif
-# if !defined __NR_sigation && !defined __NR_rt_sigaction
-# error Cannot do syscall sigaction or rt_sigaction
-# endif
-#endif
-
-
-
-/* Define DO_SOCKET/DO_CONNECT macros to deal with socketcall vs socket/connect */
-#ifdef __NR_socketcall
-
-# define DO_SOCKET(result,domain,type,protocol) \
- {socketargs[0] = domain; \
- socketargs[1] = type; \
- socketargs[2] = protocol; \
- socketargs[3] = 0; \
- result = INLINE_SYSCALL(socketcall,2,SOCKOP_socket,socketargs);}
-
-# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \
- {socketargs[0] = sockfd; \
- socketargs[1] = (unsigned long int)serv_addr; \
- socketargs[2] = addrlen; \
- socketargs[3] = 0; \
- result = INLINE_SYSCALL(socketcall,2,SOCKOP_connect,socketargs);}
-
-#else
-
-# define DO_SOCKET(result,domain,type,protocol) \
- {result = INLINE_SYSCALL(socket,3,domain,type,protocol);}
-
-# define DO_CONNECT(result,sockfd,serv_addr,addrlen) \
- {result = INLINE_SYSCALL(connect,3,sockfd,serv_addr,addrlen);}
-
-#endif
-/* __NR_socketcall */
-
-
-#ifndef _PATH_LOG
-# define _PATH_LOG "/dev/log"
-#endif
-
-static const char path_log[]=_PATH_LOG;
-
-/* For building glibc with SSP switched on, define __progname to a
- * constant if building for the run-time loader, to avoid pulling
- * in more of libc.so into ld.so
- */
-#ifdef IS_IN_rtld
-static char *__progname = "<rtld>";
-#else
-extern char *__progname;
-#endif
-
-
-/* Common handler code, used by stack_chk_fail and __stack_smash_handler
- * Inlined to ensure no self-references to the handler within itself.
- * Data static to avoid putting more than necessary on the stack,
- * to aid core debugging.
- */
-static inline void
-__attribute__ ((__noreturn__ , __always_inline__))
-__hardened_gentoo_stack_chk_fail (char func[], int damaged)
-{
-#define MESSAGE_BUFSIZ 256
- static pid_t pid;
- static int plen, i;
- static char message[MESSAGE_BUFSIZ];
- static const char msg_ssa[]=": stack smashing attack";
- static const char msg_inf[]=" in function ";
- static const char msg_ssd[]="*** stack smashing detected ***: ";
- static const char msg_terminated[]=" - terminated\n";
- static const char msg_report[]="Report to http://bugs.gentoo.org/\n";
- static const char msg_unknown[]="<unknown>";
-#ifdef SSP_SMASH_DUMPS_CORE
- static struct sigaction default_abort_act;
-#endif
- static int log_socket, connect_result;
- static struct sockaddr_un sock;
-#ifdef __NR_socketcall
- static unsigned long int socketargs[4];
-#endif
-
- /* Build socket address
- */
- sock.sun_family = AF_UNIX;
- i=0;
- while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1)))
- {
- sock.sun_path[i]=path_log[i];
- i++;
- }
- sock.sun_path[i]='\0';
-
- /* Try SOCK_DGRAM connection to syslog */
- connect_result=-1;
- DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0);
- if (log_socket != -1)
- DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock)));
- if (connect_result == -1)
- {
- if (log_socket != -1)
- INLINE_SYSCALL(close,1,log_socket);
- /* Try SOCK_STREAM connection to syslog */
- DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0);
- if (log_socket != -1)
- DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock)));
- }
-
- /* Build message. Messages are generated both in the old style and new style,
- * so that log watchers that are configured for the old-style message continue
- * to work.
- */
-#define strconcat(str) \
- {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \
- {\
- message[plen+i]=str[i];\
- i++;\
- }\
- plen+=i;}
-
- /* R.Henderson post-gcc-4 style message */
- plen=0;
- strconcat(msg_ssd);
- if (__progname != (char *)0)
- strconcat(__progname)
- else
- strconcat(msg_unknown);
- strconcat(msg_terminated);
-
- /* Write out error message to STDERR, to syslog if open */
- INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen);
- if (connect_result != -1)
- INLINE_SYSCALL(write,3,log_socket,message,plen);
-
- /* Dr. Etoh pre-gcc-4 style message */
- plen=0;
- if (__progname != (char *)0)
- strconcat(__progname)
- else
- strconcat(msg_unknown);
- strconcat(msg_ssa);
- strconcat(msg_inf);
- if (func!=NULL)
- strconcat(func)
- else
- strconcat(msg_unknown);
- strconcat(msg_terminated);
- /* Write out error message to STDERR, to syslog if open */
- INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen);
- if (connect_result != -1)
- INLINE_SYSCALL(write,3,log_socket,message,plen);
-
- /* Direct reports to bugs.gentoo.org */
- plen=0;
- strconcat(msg_report);
- message[plen++]='\0';
-
- /* Write out error message to STDERR, to syslog if open */
- INLINE_SYSCALL(write,3,STDERR_FILENO,message,plen);
- if (connect_result != -1)
- INLINE_SYSCALL(write,3,log_socket,message,plen);
-
- if (log_socket != -1)
- INLINE_SYSCALL(close,1,log_socket);
-
- /* Suicide */
- pid=INLINE_SYSCALL(getpid,0);
-#ifdef SSP_SMASH_DUMPS_CORE
- /* Remove any user-supplied handler for SIGABRT, before using it */
- default_abort_act.sa_handler = SIG_DFL;
- default_abort_act.sa_sigaction = NULL;
- __sigfillset(&default_abort_act.sa_mask);
- default_abort_act.sa_flags = 0;
- /* sigaction doesn't exist on amd64; however rt_sigaction seems to
- * exist everywhere. rt_sigaction has an extra parameter - the
- * size of sigset_t.
- */
-# ifdef __NR_sigation
- if (INLINE_SYSCALL(sigaction,3,SIGABRT,&default_abort_act,NULL) == 0)
-# else
- /* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
- * of the _kernel_ sigset_t which is not the same as the user sigset_t.
- * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
- * some reason.
- */
-# ifdef _KERNEL_NSIG
- if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_KERNEL_NSIG/8) == 0)
-# else
- if (INLINE_SYSCALL(rt_sigaction,4,SIGABRT,&default_abort_act,NULL,_NSIG/8) == 0)
-# endif
-# endif
- INLINE_SYSCALL(kill,2,pid,SIGABRT);
-#endif
- /* Note; actions cannot be added to SIGKILL */
- INLINE_SYSCALL(kill,2,pid,SIGKILL);
-
- /* In case the kill didn't work, exit anyway
- * The loop prevents gcc thinking this routine returns
- */
- while (1) INLINE_SYSCALL(exit,0);
-}
-
-void
-__attribute__ ((__noreturn__))
- __stack_chk_fail (void)
-{
- __hardened_gentoo_stack_chk_fail(NULL,0);
-}
-
-#ifdef ENABLE_OLD_SSP_COMPAT
-void
-__attribute__ ((__noreturn__))
-__stack_smash_handler(char func[], int damaged)
-{
- __hardened_gentoo_stack_chk_fail(func,damaged);
-}
-#endif
-
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-configure-picdefault.patch b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-configure-picdefault.patch
deleted file mode 100644
index 2f22cde..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-configure-picdefault.patch
+++ /dev/null
@@ -1,28 +0,0 @@
- Prevent default-fPIE from confusing configure into thinking
- PIC code is default. This causes glibc to build both PIC and
- non-PIC code as normal, which on the hardened compiler generates
- PIC and PIE.
- Kevin F. Quinn <kevquinn@gentoo.org> 15 Jan 2007
-
---- configure.in.orig 2007-01-15 11:13:28.000000000 +0100
-+++ configure.in 2007-01-15 11:13:48.000000000 +0100
-@@ -2145,7 +2145,7 @@
- # error PIC is default.
- #endif
- EOF
--if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
- pic_default=no
- fi
- rm -f conftest.*])
---- configure.orig 2007-01-15 11:15:03.000000000 +0100
-+++ configure 2007-01-15 11:15:19.000000000 +0100
-@@ -7698,7 +7698,7 @@
- # error PIC is default.
- #endif
- EOF
--if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then
- pic_default=no
- fi
- rm -f conftest.*
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-inittls-nosysenter.patch b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-inittls-nosysenter.patch
deleted file mode 100644
index dc7e9d2..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-inittls-nosysenter.patch
+++ /dev/null
@@ -1,283 +0,0 @@
- When building glibc PIE (which is not something upstream support),
- several modifications are necessary to the glibc build process.
-
- First, any syscalls in PIEs must be of the PIC variant, otherwise
- textrels ensue. Then, any syscalls made before the initialisation
- of the TLS will fail on i386, as the sysenter variant on i386 uses
- the TLS, giving rise to a chicken-and-egg situation. This patch
- defines a PIC syscall variant that doesn't use sysenter, even when the sysenter
- version is normally used, and uses the non-sysenter version for the brk
- syscall that is performed by the TLS initialisation. Further, the TLS
- initialisation is moved in this case prior to the initialisation of
- dl_osversion, as that requires further syscalls.
-
- csu/libc-start.c: Move initial TLS initialization to before the
- initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined
-
- csu/libc-tls.c: Use the no-sysenter version of sbrk when
- INTERNAL_SYSCALL_NOSYSENTER is defined.
-
- misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter
- version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined.
-
- misc/brk.c: Define a no-sysenter version of brk if
- INTERNAL_SYSCALL_NOSYSENTER is defined.
-
- sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER
- Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED.
-
- Kevin F. Quinn <kevquinn@gentoo.org> 22 January 2007
-
---- csu/libc-start.c.orig 2007-01-21 11:51:06.000000000 +0100
-+++ csu/libc-start.c 2007-01-21 11:55:57.000000000 +0100
-@@ -28,6 +28,7 @@
- extern int __libc_multiple_libcs;
-
- #include <tls.h>
-+#include <sysdep.h>
- #ifndef SHARED
- # include <dl-osinfo.h>
- extern void __pthread_initialize_minimal (void)
-@@ -133,6 +134,14 @@
- # endif
- _dl_aux_init (auxvec);
- # endif
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+ /* Do the initial TLS initialization before _dl_osversion,
-+ since the latter uses the uname syscall. */
-+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP
-+ if (__pthread_initialize_minimal)
-+# endif
-+ __pthread_initialize_minimal ();
-+# endif
- # ifdef DL_SYSDEP_OSCHECK
- if (!__libc_multiple_libcs)
- {
-@@ -142,15 +151,17 @@
- }
- # endif
-
-+# ifndef INTERNAL_SYSCALL_NOSYSENTER
- /* Initialize the thread library at least a bit since the libgcc
- functions are using thread functions if these are available and
- we need to setup errno. If there is no thread library and we
- handle TLS the function is defined in the libc to initialized the
- TLS handling. */
--# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP
-+# if !(USE_TLS - 0) && !defined NONTLS_INIT_TP
- if (__pthread_initialize_minimal)
--# endif
-+# endif
- __pthread_initialize_minimal ();
-+# endif
- #endif
-
- # ifndef SHARED
---- csu/libc-tls.c.orig 2007-01-21 11:37:02.000000000 +0100
-+++ csu/libc-tls.c 2007-01-21 12:09:33.000000000 +0100
-@@ -23,6 +23,7 @@
- #include <unistd.h>
- #include <stdio.h>
- #include <sys/param.h>
-+#include <sysdep.h>
-
-
- #ifdef SHARED
-@@ -30,6 +31,9 @@
- #endif
-
- #ifdef USE_TLS
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+extern void *__sbrk_nosysenter (intptr_t __delta);
-+# endif
- extern ElfW(Phdr) *_dl_phdr;
- extern size_t _dl_phnum;
-
-@@ -142,14 +146,26 @@
-
- The initialized value of _dl_tls_static_size is provided by dl-open.c
- to request some surplus that permits dynamic loading of modules with
-- IE-model TLS. */
-+ IE-model TLS.
-+
-+ Where the normal sbrk would use a syscall that needs the TLS (i386)
-+ use the special non-sysenter version instead. */
- # if TLS_TCB_AT_TP
- tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign);
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align);
-+# else
- tlsblock = __sbrk (tcb_offset + tcbsize + max_align);
-+# endif
- # elif TLS_DTV_AT_TP
- tcb_offset = roundup (tcbsize, align ?: 1);
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align
-+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
-+# else
- tlsblock = __sbrk (tcb_offset + memsz + max_align
- + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
-+# endif
- tlsblock += TLS_PRE_TCB_SIZE;
- # else
- /* In case a model with a different layout for the TCB and DTV
---- misc/sbrk.c.orig 2007-01-21 11:38:27.000000000 +0100
-+++ misc/sbrk.c 2007-01-21 12:07:29.000000000 +0100
-@@ -18,6 +18,7 @@
-
- #include <unistd.h>
- #include <errno.h>
-+#include <sysdep.h>
-
- /* Defined in brk.c. */
- extern void *__curbrk;
-@@ -29,6 +30,35 @@
- /* Extend the process's data space by INCREMENT.
- If INCREMENT is negative, shrink data space by - INCREMENT.
- Return start of new space allocated, or -1 for errors. */
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER
-+/* This version is used by csu/libc-tls.c whem initialising the TLS
-+ if the SYSENTER version requires the TLS (which it does on i386).
-+ Obviously using the TLS before it is initialised is broken. */
-+extern int __brk_nosysenter (void *addr);
-+void *
-+__sbrk_nosysenter (intptr_t increment)
-+{
-+ void *oldbrk;
-+
-+ /* If this is not part of the dynamic library or the library is used
-+ via dynamic loading in a statically linked program update
-+ __curbrk from the kernel's brk value. That way two separate
-+ instances of __brk and __sbrk can share the heap, returning
-+ interleaved pieces of it. */
-+ if (__curbrk == NULL || __libc_multiple_libcs)
-+ if (__brk_nosysenter (0) < 0) /* Initialize the break. */
-+ return (void *) -1;
-+
-+ if (increment == 0)
-+ return __curbrk;
-+
-+ oldbrk = __curbrk;
-+ if (__brk_nosysenter (oldbrk + increment) < 0)
-+ return (void *) -1;
-+
-+ return oldbrk;
-+}
-+#endif
- void *
- __sbrk (intptr_t increment)
- {
---- sysdeps/unix/sysv/linux/i386/brk.c.orig 2007-01-21 11:39:16.000000000 +0100
-+++ sysdeps/unix/sysv/linux/i386/brk.c 2007-01-21 11:44:01.000000000 +0100
-@@ -31,6 +31,30 @@
- linker. */
- weak_alias (__curbrk, ___brk_addr)
-
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER
-+/* This version is used by csu/libc-tls.c whem initialising the TLS
-+ * if the SYSENTER version requires the TLS (which it does on i386).
-+ * Obviously using the TLS before it is initialised is broken. */
-+int
-+__brk_nosysenter (void *addr)
-+{
-+ void *__unbounded newbrk;
-+
-+ INTERNAL_SYSCALL_DECL (err);
-+ newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1,
-+ __ptrvalue (addr));
-+
-+ __curbrk = newbrk;
-+
-+ if (newbrk < addr)
-+ {
-+ __set_errno (ENOMEM);
-+ return -1;
-+ }
-+
-+ return 0;
-+}
-+#endif
- int
- __brk (void *addr)
- {
---- sysdeps/unix/sysv/linux/i386/sysdep.h.orig 2007-01-21 13:08:00.000000000 +0100
-+++ sysdeps/unix/sysv/linux/i386/sysdep.h 2007-01-21 13:19:10.000000000 +0100
-@@ -187,7 +187,7 @@
- /* The original calling convention for system calls on Linux/i386 is
- to use int $0x80. */
- #ifdef I386_USE_SYSENTER
--# ifdef SHARED
-+# if defined SHARED || defined __PIC__
- # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET
- # else
- # define ENTER_KERNEL call *_dl_sysinfo
-@@ -358,7 +358,7 @@
- possible to use more than four parameters. */
- #undef INTERNAL_SYSCALL
- #ifdef I386_USE_SYSENTER
--# ifdef SHARED
-+# if defined SHARED || defined __PIC__
- # define INTERNAL_SYSCALL(name, err, nr, args...) \
- ({ \
- register unsigned int resultvar; \
-@@ -384,6 +384,18 @@
- : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \
- ASMFMT_##nr(args) : "memory", "cc"); \
- (int) resultvar; })
-+# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \
-+ ({ \
-+ register unsigned int resultvar; \
-+ EXTRAVAR_##nr \
-+ asm volatile ( \
-+ LOADARGS_NOSYSENTER_##nr \
-+ "movl %1, %%eax\n\t" \
-+ "int $0x80\n\t" \
-+ RESTOREARGS_NOSYSENTER_##nr \
-+ : "=a" (resultvar) \
-+ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \
-+ (int) resultvar; })
- # else
- # define INTERNAL_SYSCALL(name, err, nr, args...) \
- ({ \
-@@ -447,12 +459,20 @@
-
- #define LOADARGS_0
- #ifdef __PIC__
--# if defined I386_USE_SYSENTER && defined SHARED
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
- # define LOADARGS_1 \
- "bpushl .L__X'%k3, %k3\n\t"
- # define LOADARGS_5 \
- "movl %%ebx, %4\n\t" \
- "movl %3, %%ebx\n\t"
-+# define LOADARGS_NOSYSENTER_1 \
-+ "bpushl .L__X'%k2, %k2\n\t"
-+# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1
-+# define LOADARGS_NOSYSENTER_3 LOADARGS_3
-+# define LOADARGS_NOSYSENTER_4 LOADARGS_3
-+# define LOADARGS_NOSYSENTER_5 \
-+ "movl %%ebx, %3\n\t" \
-+ "movl %2, %%ebx\n\t"
- # else
- # define LOADARGS_1 \
- "bpushl .L__X'%k2, %k2\n\t"
-@@ -474,11 +495,18 @@
-
- #define RESTOREARGS_0
- #ifdef __PIC__
--# if defined I386_USE_SYSENTER && defined SHARED
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
- # define RESTOREARGS_1 \
- "bpopl .L__X'%k3, %k3\n\t"
- # define RESTOREARGS_5 \
- "movl %4, %%ebx"
-+# define RESTOREARGS_NOSYSENTER_1 \
-+ "bpopl .L__X'%k2, %k2\n\t"
-+# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1
-+# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3
-+# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3
-+# define RESTOREARGS_NOSYSENTER_5 \
-+ "movl %3, %%ebx"
- # else
- # define RESTOREARGS_1 \
- "bpopl .L__X'%k2, %k2\n\t"
diff --git a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-pie.patch b/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-pie.patch
deleted file mode 100644
index 090cb04..0000000
--- a/hardened/toolchain/branches/pieworld/sys-libs/glibc/files/2.4/glibc-2.4-hardened-pie.patch
+++ /dev/null
@@ -1,38 +0,0 @@
- Change link commands for glibc executables to build PIEs
- Kevin F. Quinn <kevquinn@gentoo.org> 17 Jan 2007
-
---- Makeconfig.orig 2007-01-17 15:35:38.000000000 +0100
-+++ Makeconfig 2007-01-17 15:38:24.000000000 +0100
-@@ -415,10 +415,10 @@
-
- # Command for linking programs with the C library.
- ifndef +link
--+link = $(CC) -nostdlib -nostartfiles -o $@ \
-++link = $(CC) -nostdlib -nostartfiles -fPIE -pie -o $@ \
- $(sysdep-LDFLAGS) $(config-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
- $(combreloc-LDFLAGS) $(relro-LDFLAGS) \
-- $(addprefix $(csu-objpfx),$(start-installed-name)) \
-+ $(addprefix $(csu-objpfx),S$(start-installed-name)) \
- $(+preinit) $(+prector) \
- $(filter-out $(addprefix $(csu-objpfx),start.o \
- $(start-installed-name))\
-@@ -429,7 +429,7 @@
- ifndef +link-static
- +link-static = $(CC) -nostdlib -nostartfiles -static -o $@ \
- $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
-- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \
-+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \
- $(+preinit) $(+prector) \
- $(filter-out $(addprefix $(csu-objpfx),start.o \
- $(start-installed-name))\
-@@ -528,8 +528,8 @@
- ifeq ($(elf),yes)
- +preinit = $(addprefix $(csu-objpfx),crti.o)
- +postinit = $(addprefix $(csu-objpfx),crtn.o)
--+prector = `$(CC) --print-file-name=crtbegin.o`
--+postctor = `$(CC) --print-file-name=crtend.o`
-++prector = `$(CC) --print-file-name=crtbeginS.o`
-++postctor = `$(CC) --print-file-name=crtendS.o`
- +interp = $(addprefix $(elf-objpfx),interp.os)
- endif
- csu-objpfx = $(common-objpfx)csu/