[IPFire-SCM] [git.ipfire.org] IPFire 3.x development tree branch, master, updated. 036170af5332fb9530706ac9062e38d0fd8ae32f - IPFire-SCM

5 Apr 2010

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".
The branch, master has been updated
       via  036170af5332fb9530706ac9062e38d0fd8ae32f (commit)
       via  adf6127a9ab844d22012e646daef550049a0cbf8 (commit)
       via  aded3ca1fa926a2e274268155ebf48ddf41e3f38 (commit)
       via  1b52a68bb3b8daaab23c638eae81ae3ea4ad2d66 (commit)
       via  91c73b6e13e9501f2a13aeb037dd54df962605a7 (commit)
       via  0812eae53fdbe59f710eee7971025be2d9b2e05e (commit)
       via  37c13afef1db2738d61ef09385c086bc6635724f (commit)
       via  7819644681098e6c8f30d7ebfe5987be053d174b (commit)
       via  6847386cb7763a91f978f59e3ffa98ed4e0854d0 (commit)
       via  6a321828157f4d6e49efdc571615aac040f0b610 (commit)
       via  8153c2cb2a079895f2b47603cda84cf97ee1962a (commit)
       via  23d1f758673fa93f06d507725e0a8926b84ef4ba (commit)
       via  9a2d1c464b93017367af60819576522a7dfd3d1a (commit)
       via  13dae8ed6c9b01552a38224078d6d08b33002a02 (commit)
      from  b24d097add36e5dda1bfd929db17482a7ffa9ea3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 036170af5332fb9530706ac9062e38d0fd8ae32f
Merge: b24d097add36e5dda1bfd929db17482a7ffa9ea3 adf6127a9ab844d22012e646daef550049a0cbf8
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 19:15:42 2010 +0200
Merge commit 'ms/toolchain-updates' into next
commit adf6127a9ab844d22012e646daef550049a0cbf8
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:13:10 2010 +0200
toolchain: Bump version to 1.
commit aded3ca1fa926a2e274268155ebf48ddf41e3f38
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:12:07 2010 +0200
toolchain: Remove pax-utils.
commit 1b52a68bb3b8daaab23c638eae81ae3ea4ad2d66
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:11:51 2010 +0200
toolchain: Forget to add gcc patches.
commit 91c73b6e13e9501f2a13aeb037dd54df962605a7
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:10:13 2010 +0200
QA: Update quality-agent.
Added some new checks and replaced scanelf by readelf.
commit 0812eae53fdbe59f710eee7971025be2d9b2e05e
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:09:38 2010 +0200
naoki: Minor fix.
commit 37c13afef1db2738d61ef09385c086bc6635724f
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:09:15 2010 +0200
toolchain: Glibc improvements.
Likewise to gcc and binutils.
commit 7819644681098e6c8f30d7ebfe5987be053d174b
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:08:50 2010 +0200
toolchain: Improve binutils.
Likewise to gcc.
commit 6847386cb7763a91f978f59e3ffa98ed4e0854d0
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:07:18 2010 +0200
toolchain: GCC improvements.
Harden gcc-static and create all gccs with our target.
commit 6a321828157f4d6e49efdc571615aac040f0b610
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:06:56 2010 +0200
toolchain: Disable perl testsuite.
commit 8153c2cb2a079895f2b47603cda84cf97ee1962a
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:05:57 2010 +0200
toolchain: Disable coreutils testsuite.
commit 23d1f758673fa93f06d507725e0a8926b84ef4ba
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:05:38 2010 +0200
gcc: Remove weird gcc CFLAGS.
commit 9a2d1c464b93017367af60819576522a7dfd3d1a
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Apr 5 15:04:36 2010 +0200
naoki: Set debugging mode correctly to config class.
commit 13dae8ed6c9b01552a38224078d6d08b33002a02
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Fri Apr 2 23:14:08 2010 +0200
toolchain: Bootstrap toolchain's gcc.
-----------------------------------------------------------------------
Summary of changes:
 config/naoki.conf                                  |    2 +-
 naoki/__init__.py                                  |    2 +-
 naoki/constants.py                                 |   14 +++-
 naoki/terminal.py                                  |    1 +
 pkgs/core/gcc/gcc.nm                               |    3 -
 pkgs/toolchain/binutils/binutils.nm                |    3 +-
 pkgs/toolchain/coreutils/coreutils.nm              |    2 +
 pkgs/toolchain/gcc-static/gcc-static.nm            |    4 +-
 .../patches/gcc-4.4-optimize_linking.patch         |    0 
 .../patches/gcc-4.4.1-espf-1.patch                 |    0 
 pkgs/toolchain/gcc/gcc.nm                          |    7 +-
 pkgs/toolchain/glibc/glibc.nm                      |    2 +-
 pkgs/toolchain/pax-utils/pax-utils.nm              |   12 ---
 pkgs/toolchain/perl/perl.nm                        |    2 +
 tools/common-functions                             |   56 ++++++++++++++-
 tools/quality-agent                                |    5 +-
 tools/quality-agent.d/001-include-files            |   16 +++--
 tools/quality-agent.d/001-remove-info-files        |    4 +-
 tools/quality-agent.d/001-remove-static-libs       |    4 +-
 tools/quality-agent.d/001-unsafe-files             |   20 +++---
 tools/quality-agent.d/002-bad-symlinks             |    6 +-
 tools/quality-agent.d/003-libs-location            |    4 +-
 tools/quality-agent.d/050-canary                   |   21 +++++
 tools/quality-agent.d/050-execstacks               |   39 ++++------
 tools/quality-agent.d/050-libs-needed              |   35 ++++++---
 tools/quality-agent.d/050-libs-soname              |   42 +++++-----
 tools/quality-agent.d/050-nx                       |   19 +++++
 tools/quality-agent.d/050-relro                    |   24 ++++++
 tools/quality-agent.d/050-rpaths                   |   56 ++++++++------
 tools/quality-agent.d/050-textrels                 |   20 -----
 tools/quality-agent.d/095-directory-layout         |   32 ++++-----
 tools/quality-agent.d/qa-include                   |   78 +++++++++++++++++++-
 32 files changed, 362 insertions(+), 173 deletions(-)
 copy pkgs/{core/gcc => toolchain/gcc-static}/patches/gcc-4.4-optimize_linking.patch (100%)
 copy pkgs/toolchain/{gcc => gcc-static}/patches/gcc-4.4.1-espf-1.patch (100%)
 delete mode 100644 pkgs/toolchain/pax-utils/pax-utils.nm
 create mode 100755 tools/quality-agent.d/050-canary
 mode change 100644 => 100755 tools/quality-agent.d/050-libs-soname
 create mode 100755 tools/quality-agent.d/050-nx
 create mode 100755 tools/quality-agent.d/050-relro
 delete mode 100755 tools/quality-agent.d/050-textrels
Difference in files:

diff --git a/config/naoki.conf b/config/naoki.conf
index cdf8db4..0fcf3b4 100644
--- a/config/naoki.conf
+++ b/config/naoki.conf
@@ -24,7 +24,7 @@ slogan = "Gluttony"
 [toolchain]
; Counter of toolchain version
-version = 0
+version = 1
[sources]
diff --git a/naoki/__init__.py b/naoki/__init__.py
index 55b8574..a3c4a9a 100644
--- a/naoki/__init__.py
+++ b/naoki/__init__.py
@@ -70,7 +70,7 @@ class Naoki(object):
    	return toolchain.download()
def call_toolchain_tree(self, args):
-		print backend.deptree(backend.parse_package(backend.get_package_names(toolchain=True), toolchain=True))
+		print backend.deptree(backend.parse_package(backend.get_package_names(toolchain=True), toolchain=True, naoki=self))
def call_build(self, args):
    	force = True
diff --git a/naoki/constants.py b/naoki/constants.py
index 02af67d..48238aa 100644
--- a/naoki/constants.py
+++ b/naoki/constants.py
@@ -54,6 +54,7 @@ class Config(object):
    	"cleanup_on_success" : True,
    	#
    	# CLI variables
+		"debug" : False,
    	"quiet" : False,
    	#
    	# Distro items
@@ -94,9 +95,15 @@ class Config(object):
    def __setitem__(self, item, value):
    	self._items[item] = value
+	def __getattr__(self, *args):
+		return self.__getitem__(*args)
+
+	def __setattr__(self, *args):
+		return self.__setitem__(*args)
+
    @property
    def environment(self):
-		return {
+		ret = {
    		"HOME"           : os.environ.get("HOME", "/root"),
    		"TERM"           : os.environ.get("TERM", ""),
    		"PS1"            : os.environ.get("PS1", "\u:\w$ "),
@@ -110,6 +117,11 @@ class Config(object):
    		"PARALLELISMFLAGS" : "-j%d" % self["parallelism"],
    	}
+		if self["debug"]:
+			ret["NAOKI_DEBUG"] = "1"
+
+		return ret
+
class Architectures(object):
    def __init__(self, configfile):
diff --git a/naoki/terminal.py b/naoki/terminal.py
index b2adee0..95c658d 100644
--- a/naoki/terminal.py
+++ b/naoki/terminal.py
@@ -258,6 +258,7 @@ class Commandline(object):
    	self.naoki.logging.quiet(args.quiet)
# Set debugging mode
+		config.debug = args.debug
    	self.naoki.logging.debug(args.debug)
# Set architecture
diff --git a/pkgs/core/gcc/gcc.nm b/pkgs/core/gcc/gcc.nm
index 8119921..c73091a 100644
--- a/pkgs/core/gcc/gcc.nm
+++ b/pkgs/core/gcc/gcc.nm
@@ -42,9 +42,6 @@ endef
 PKG_BUILD_DEPS =
 PKG_DEPS      += binutils cloog glibc gmp kernel-headers libffi mpfr ppl
-CFLAGS         = -D__USE_XOPEN2K8 -pipe
-CXXFLAGS       =
-
 ifeq "$(MACHINE)" "i586"
    CONFIGURE_ARGS = --disable-decimal-float
 endif
diff --git a/pkgs/toolchain/binutils/binutils.nm b/pkgs/toolchain/binutils/binutils.nm
index ad24d07..ac80c2e 100644
--- a/pkgs/toolchain/binutils/binutils.nm
+++ b/pkgs/toolchain/binutils/binutils.nm
@@ -9,7 +9,8 @@ define STAGE_BUILD
    	CC="$(TARGET)-gcc -B$(TOOLS_DIR)/lib/" \
    	RANLIB=$(TARGET)-ranlib \
    	../$(THISAPP)/configure \
-			$(CONFIGURE_ARCH) \
+			--host=$(TARGET) \
+			--build=$(TARGET) \
    		--prefix=$(TOOLS_DIR) \
    		--with-lib-path=$(TOOLS_DIR)/lib \
    		--disable-nls \
diff --git a/pkgs/toolchain/coreutils/coreutils.nm b/pkgs/toolchain/coreutils/coreutils.nm
index cb53593..d813b86 100644
--- a/pkgs/toolchain/coreutils/coreutils.nm
+++ b/pkgs/toolchain/coreutils/coreutils.nm
@@ -13,6 +13,8 @@ define STAGE_BUILD
    cd $(DIR_APP) && make $(PARALLELISMFLAGS)
 endef
+STAGE_TEST = # Disable tests in toolchain
+
 define STAGE_INSTALL
    cd $(DIR_APP) && make install
diff --git a/pkgs/toolchain/gcc-static/gcc-static.nm b/pkgs/toolchain/gcc-static/gcc-static.nm
index 1beab0b..6683204 100644
--- a/pkgs/toolchain/gcc-static/gcc-static.nm
+++ b/pkgs/toolchain/gcc-static/gcc-static.nm
@@ -33,6 +33,7 @@ define STAGE_BUILD
    		--target=$(TARGET) \
    		$(CONFIG_CPU) \
    		--prefix=$(TOOLS_DIR) \
+			--libexecdir=$(TOOLS_DIR)/lib \
    		--disable-decimal-float \
    		--disable-libgomp \
    		--disable-libmudflap \
@@ -42,9 +43,10 @@ define STAGE_BUILD
    		--disable-multilib \
    		--disable-shared \
    		--disable-nls \
+			--enable-espf \
    		$(CONFIGURE_ARGS)
-	cd $(DIR_SRC)/gcc-build && make $(PARALLELISMFLAGS)
+	cd $(DIR_SRC)/gcc-build && make #$(PARALLELISMFLAGS)
 endef
define STAGE_INSTALL
diff --git a/pkgs/toolchain/gcc-static/patches/gcc-4.4-optimize_linking.patch b/pkgs/toolchain/gcc-static/patches/gcc-4.4-optimize_linking.patch
new file mode 100644
index 0000000..659586d
--- /dev/null
+++ b/pkgs/toolchain/gcc-static/patches/gcc-4.4-optimize_linking.patch
@@ -0,0 +1,24 @@
+diff -Naur gcc-4.4-20100216.orig/gcc/config/i386/linux.h gcc-4.4-20100216/gcc/config/i386/linux.h
+--- gcc-4.4-20100216.orig/gcc/config/i386/linux.h	2010-02-26 17:44:46.000000000 +0000
++++ gcc-4.4-20100216/gcc/config/i386/linux.h	2010-02-26 17:46:55.000000000 +0000
+@@ -113,7 +113,7 @@
+   { "dynamic_linker", LINUX_DYNAMIC_LINKER }
+ 
+ #undef	LINK_SPEC
+-#define LINK_SPEC "-m %(link_emulation) %{shared:-shared} \
++#define LINK_SPEC "-m %(link_emulation) %{shared:-shared} --hash-style=gnu -O1 \
+   %{!shared: \
+     %{!ibcs: \
+       %{!static: \
+diff -Naur gcc-4.4-20100216.orig/gcc/config/i386/linux64.h gcc-4.4-20100216/gcc/config/i386/linux64.h
+--- gcc-4.4-20100216.orig/gcc/config/i386/linux64.h	2010-02-26 17:44:46.000000000 +0000
++++ gcc-4.4-20100216/gcc/config/i386/linux64.h	2010-02-26 17:47:47.000000000 +0000
+@@ -75,7 +75,7 @@
+ #endif
+ 
+ #undef	LINK_SPEC
+-#define LINK_SPEC "%{" SPEC_64 ":-m elf_x86_64} %{" SPEC_32 ":-m elf_i386} \
++#define LINK_SPEC "%{" SPEC_64 ":-m elf_x86_64} %{" SPEC_32 ":-m elf_i386} --hash-style=gnu -O1 \
+   %{shared:-shared} \
+   %{!shared: \
+     %{!static: \
diff --git a/pkgs/toolchain/gcc-static/patches/gcc-4.4.1-espf-1.patch b/pkgs/toolchain/gcc-static/patches/gcc-4.4.1-espf-1.patch
new file mode 100644
index 0000000..e531e13
--- /dev/null
+++ b/pkgs/toolchain/gcc-static/patches/gcc-4.4.1-espf-1.patch
@@ -0,0 +1,504 @@
+diff -Nur gcc-4.4.0_vanilla/gcc/config.in gcc-4.4.0/gcc/config.in
+--- gcc-4.4.0_vanilla/gcc/config.in	2009-04-21 11:08:08.000000000 +0200
++++ gcc-4.4.0/gcc/config.in	2009-07-11 12:35:50.000000000 +0200
+@@ -65,6 +65,12 @@
+ #endif
+ 
+ 
++/* Define to 1 to enable espf. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_ESPF
++#endif
++
++
+ /* Define to 1 to enable fixed-point arithmetic extension to C. */
+ #ifndef USED_FOR_TARGET
+ #undef ENABLE_FIXED_POINT
+@@ -101,6 +107,12 @@
+ #endif
+ 
+ 
++/* Define to 1 to enable libssp. */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_LIBSSP
++#endif
++
++
+ /* Define to 1 if translation of program messages to the user's native
+    language is requested. */
+ #ifndef USED_FOR_TARGET
+@@ -1465,6 +1477,12 @@
+ #endif
+ 
+ 
++/* Define if your target C library provides fortify_sources level 2 support */
++#ifndef USED_FOR_TARGET
++#undef TARGET_LIBC_PROVIDES_FORTIFY2
++#endif
++
++
+ /* Define if your target C library provides stack protector support */
+ #ifndef USED_FOR_TARGET
+ #undef TARGET_LIBC_PROVIDES_SSP
+diff -Nur gcc-4.4.0_vanilla/gcc/configure gcc-4.4.0/gcc/configure
+--- gcc-4.4.0_vanilla/gcc/configure	2009-03-24 18:46:03.000000000 +0100
++++ gcc-4.4.0/gcc/configure	2009-07-11 12:35:57.000000000 +0200
+@@ -458,7 +458,7 @@
+ # include <unistd.h>
+ #endif"
+ 
+-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os target_noncanonical build_libsubdir build_subdir host_subdir target_subdir GENINSRC CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT GNATBIND ac_ct_GNATBIND GNATMAKE ac_ct_GNATMAKE NO_MINUS_C_MINUS_O OUTPUT_OPTION CPP EGREP loose_warn strict_warn warn_cflags nocommon_flag TREEBROWSER valgrind_path valgrind_path_defines valgrind_command coverage_flags enable_multilib enable_decimal_float enable_fixed_point enable_shared TARGET_SYSTEM_ROOT TARGET_SYSTEM_ROOT_DEFINE CROSS_SYSTEM_HEADER_DIR onestep PKGVERSION REPORT_BUGS_TO REPORT_BUGS_TEXI datarootdir docdir htmldir SET_MAKE AWK LN_S LN RANLIB ac_ct_RANLIB ranlib_flags INSTALL INSTALL_PROGRAM INSTALL_DATA make_compare_target have_mktemp_command MAKEINFO BUILD_INFO GENERATED_MANPAGES FLEX BISON NM AR COLLECT2_LIBS GNAT_LIBEXC LDEXP_LIB TARGET_GETGROUPS_T LIBICONV LTLIBICONV LIBICONV_DEP manext objext gthread_flags extra_modes_file extra_opt_files USE_NLS LIBINTL LIBINTL_DEP INCINTL XGETTEXT GMSGFMT POSUB CATALOGS DATADIRNAME INSTOBJEXT GENCAT CATOBJEXT CROSS ALL SYSTEM_HEADER_DIR inhibit_libc CC_FOR_BUILD BUILD_CFLAGS BUILD_LDFLAGS STMP_FIXINC STMP_FIXPROTO collect2 LIBTOOL SED FGREP GREP LD DUMPBIN ac_ct_DUMPBIN OBJDUMP ac_ct_OBJDUMP ac_ct_AR STRIP ac_ct_STRIP lt_ECHO DSYMUTIL ac_ct_DSYMUTIL NMEDIT ac_ct_NMEDIT LIPO ac_ct_LIPO OTOOL ac_ct_OTOOL OTOOL64 ac_ct_OTOOL64 objdir enable_fast_install gcc_cv_as ORIGINAL_AS_FOR_TARGET gcc_cv_ld ORIGINAL_LD_FOR_TARGET gcc_cv_nm ORIGINAL_NM_FOR_TARGET gcc_cv_objdump gcc_cv_readelf libgcc_visibility GGC zlibdir zlibinc MAINT gcc_tooldir dollar slibdir subdirs srcdir all_compilers all_gtfiles all_lang_makefrags all_lang_makefiles all_languages all_selected_languages build_exeext build_install_headers_dir build_xm_file_list build_xm_include_list build_xm_defines build_file_translate check_languages cpp_install_dir xmake_file tmake_file extra_gcc_objs extra_headers_list extra_objs extra_parts extra_passes extra_programs float_h_file gcc_config_arguments gcc_gxx_include_dir host_exeext host_xm_file_list host_xm_include_list host_xm_defines out_host_hook_obj install lang_opt_files lang_specs_files lang_tree_files local_prefix md_file objc_boehm_gc out_file out_object_file thread_file tm_file_list tm_include_list tm_defines tm_p_file_list tm_p_include_list xm_file_list xm_include_list xm_defines c_target_objs cxx_target_objs fortran_target_objs target_cpu_default GMPLIBS GMPINC PPLLIBS PPLINC CLOOGLIBS CLOOGINC LIBOBJS LTLIBOBJS'
++ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os target_noncanonical build_libsubdir build_subdir host_subdir target_subdir GENINSRC CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT GNATBIND ac_ct_GNATBIND GNATMAKE ac_ct_GNATMAKE NO_MINUS_C_MINUS_O OUTPUT_OPTION CPP EGREP loose_warn strict_warn warn_cflags nocommon_flag TREEBROWSER valgrind_path valgrind_path_defines valgrind_command coverage_flags enable_multilib enable_decimal_float enable_fixed_point enable_shared TARGET_SYSTEM_ROOT TARGET_SYSTEM_ROOT_DEFINE CROSS_SYSTEM_HEADER_DIR onestep PKGVERSION REPORT_BUGS_TO REPORT_BUGS_TEXI datarootdir docdir htmldir SET_MAKE AWK LN_S LN RANLIB ac_ct_RANLIB ranlib_flags INSTALL INSTALL_PROGRAM INSTALL_DATA make_compare_target have_mktemp_command MAKEINFO BUILD_INFO GENERATED_MANPAGES FLEX BISON NM AR COLLECT2_LIBS GNAT_LIBEXC LDEXP_LIB TARGET_GETGROUPS_T LIBICONV LTLIBICONV LIBICONV_DEP manext objext gthread_flags extra_modes_file extra_opt_files USE_NLS LIBINTL LIBINTL_DEP INCINTL XGETTEXT GMSGFMT POSUB CATALOGS DATADIRNAME INSTOBJEXT GENCAT CATOBJEXT CROSS ALL SYSTEM_HEADER_DIR inhibit_libc CC_FOR_BUILD BUILD_CFLAGS BUILD_LDFLAGS STMP_FIXINC STMP_FIXPROTO collect2 LIBTOOL SED FGREP GREP LD DUMPBIN ac_ct_DUMPBIN OBJDUMP ac_ct_OBJDUMP ac_ct_AR STRIP ac_ct_STRIP lt_ECHO DSYMUTIL ac_ct_DSYMUTIL NMEDIT ac_ct_NMEDIT LIPO ac_ct_LIPO OTOOL ac_ct_OTOOL OTOOL64 ac_ct_OTOOL64 objdir enable_fast_install gcc_cv_as ORIGINAL_AS_FOR_TARGET gcc_cv_ld ORIGINAL_LD_FOR_TARGET gcc_cv_nm ORIGINAL_NM_FOR_TARGET gcc_cv_objdump gcc_cv_readelf libgcc_visibility enable_espf GGC zlibdir zlibinc MAINT gcc_tooldir dollar slibdir subdirs srcdir all_compilers all_gtfiles all_lang_makefrags all_lang_makefiles all_languages all_selected_languages build_exeext build_install_headers_dir build_xm_file_list build_xm_include_list build_xm_defines build_file_translate check_languages cpp_install_dir xmake_file tmake_file extra_gcc_objs extra_headers_list extra_objs extra_parts extra_passes extra_programs float_h_file gcc_config_arguments gcc_gxx_include_dir host_exeext host_xm_file_list host_xm_include_list host_xm_defines out_host_hook_obj install lang_opt_files lang_specs_files lang_tree_files local_prefix md_file objc_boehm_gc out_file out_object_file thread_file tm_file_list tm_include_list tm_defines tm_p_file_list tm_p_include_list xm_file_list xm_include_list xm_defines c_target_objs cxx_target_objs fortran_target_objs target_cpu_default GMPLIBS GMPINC PPLLIBS PPLINC CLOOGLIBS CLOOGINC LIBOBJS LTLIBOBJS'
+ ac_subst_files='language_hooks'
+ ac_pwd=`pwd`
+ 
+@@ -1078,6 +1078,11 @@
+   --enable-fast-install[=PKGS]
+                           optimize for fast installation [default=yes]
+   --disable-libtool-lock  avoid locking (might break parallel builds)
++  --enable-espf
++			   Enable Stack protector, Position independent executable and
++			   Fortify_sources as default if we have suppot for it when compiling
++			   and link with -z relro and -z now as default.
++			   Linux targets supported i*86, x86_64
+   --enable-maintainer-mode
+                           enable make rules and dependencies not useful
+                           (and sometimes confusing) to the casual installer
+@@ -24177,6 +24182,50 @@
+     ;;
+ esac
+ 
++echo "$as_me:$LINENO: checking linker -z now support" >&5
++echo $ECHO_N "checking linker -z now support... $ECHO_C" >&6
++if test "${gcc_cv_ld_now+set}" = set; then
++  echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++  gcc_cv_ld_now=no
++if test $in_tree_ld = yes ; then
++  if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
++     && test $in_tree_ld_is_elf = yes; then
++    gcc_cv_ld_now=yes
++  fi
++elif test x$gcc_cv_ld != x; then
++	# Check if linker supports -z now options
++	if $gcc_cv_ld --help 2>/dev/null | grep now > /dev/null; then
++		gcc_cv_ld_now=yes
++	fi
++fi
++
++fi
++echo "$as_me:$LINENO: result: $gcc_cv_ld_now" >&5
++echo "${ECHO_T}$gcc_cv_ld_now" >&6
++
++echo "$as_me:$LINENO: checking linker -z relro support" >&5
++echo $ECHO_N "checking linker -z relro support... $ECHO_C" >&6
++if test "${gcc_cv_ld_relro+set}" = set; then
++  echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++  gcc_cv_ld_relro=no
++if test $in_tree_ld = yes ; then
++  if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 16 -o "$gcc_cv_gld_major_version" -gt 2 \
++     && test $in_tree_ld_is_elf = yes; then
++    gcc_cv_ld_relro=yes
++  fi
++elif test x$gcc_cv_ld != x; then
++	# Check if linker supports -z relro and -z norelro options
++	if $gcc_cv_ld --help 2>/dev/null | grep relro > /dev/null; then
++		gcc_cv_ld_relro=yes
++	fi
++fi
++
++fi
++echo "$as_me:$LINENO: result: $gcc_cv_ld_relro" >&5
++echo "${ECHO_T}$gcc_cv_ld_relro" >&6
++
+ echo "$as_me:$LINENO: checking linker --sysroot support" >&5
+ echo $ECHO_N "checking linker --sysroot support... $ECHO_C" >&6
+ if test "${gcc_cv_ld_sysroot+set}" = set; then
+@@ -24213,6 +24262,49 @@
+ 
+ fi
+ 
++# Test for fortify_sources support level 2 in target C library.
++echo "$as_me:$LINENO: checking for FORTIFY_SOURCES level 2 in target C library" >&5
++echo $ECHO_N "checking for FORTIFY_SOURCES level 2 in target C library... $ECHO_C" >&6
++if test "${gcc_cv_libc_provides_fortify2+set}" = set; then
++  echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++  gcc_cv_libc_provides_fortify2=no
++    case "$target" in
++       *-*-linux* | *-*-kfreebsd*-gnu | *-*-knetbsd*-gnu)
++      if test x$host != x$target || test "x$TARGET_SYSTEM_ROOT" != x; then
++	if test "x$with_sysroot" = x; then
++	  glibc_header_dir="${exec_prefix}/${target_noncanonical}/sys-include"
++	elif test "x$with_build_sysroot" != "x"; then
++	  glibc_header_dir="${with_build_sysroot}/usr/include"
++	elif test "x$with_sysroot" = xyes; then
++	  glibc_header_dir="${exec_prefix}/${target_noncanonical}/sys-root/usr/include"
++	else
++	  glibc_header_dir="${with_sysroot}/usr/include"
++	fi
++      else
++	glibc_header_dir=/usr/include
++      fi
++      # grep __USE_FORTIFY_LEVEL 2  in $glibc_header_dir/features.h
++      if test -f $glibc_header_dir/features.h \
++	&& grep '__USE_FORTIFY_LEVEL 2' $glibc_header_dir/features.h > /dev/null; then
++	  gcc_cv_libc_provides_fortify2=yes
++      else
++	  gcc_cv_libc_provides_fortify2=no
++      fi
++      ;;
++  *) gcc_cv_libc_provides_fortify2=no ;;
++    esac
++fi
++echo "$as_me:$LINENO: result: $gcc_cv_libc_provides_fortify2" >&5
++echo "${ECHO_T}$gcc_cv_libc_provides_fortify2" >&6
++if test x$gcc_cv_libc_provides_fortify2 = xyes; then
++
++cat >>confdefs.h <<_ACEOF
++#define TARGET_LIBC_PROVIDES_FORTIFY2 1
++_ACEOF
++
++fi
++
+ # Test for stack protector support in target C library.
+ echo "$as_me:$LINENO: checking __stack_chk_fail in target C library" >&5
+ echo $ECHO_N "checking __stack_chk_fail in target C library... $ECHO_C" >&6
+@@ -24375,6 +24467,42 @@
+ 
+ fi
+ 
++if test x"$enable_libssp" = xyes; then
++
++cat >>confdefs.h <<_ACEOF
++#define ENABLE_LIBSSP 1
++_ACEOF
++
++fi
++
++# Check whether --enable-espf was given and we have -z now and -z relro support.
++# Check whether --enable-espf or --disable-espf was given.
++if test "${enable_espf+set}" = set; then
++  enableval="$enable_espf"
++
++  case $target in
++    i?86*-*-linux* | x86_64*-*-linux*)
++      if test x$gcc_cv_ld_relro = xyes && test x"$gcc_cv_ld_now" = xyes; then
++	enable_espf=yes
++      else
++	enable_espf=no
++      fi
++      ;;
++    *)
++      enable_espf=no
++      ;;
++  esac
++
++fi;
++if test x$enable_espf = xyes; then
++
++cat >>confdefs.h <<_ACEOF
++#define ENABLE_ESPF 1
++_ACEOF
++
++fi
++
++
+ # Check if TFmode long double should be used by default or not.
+ # Some glibc targets used DFmode long double, but with glibc 2.4
+ # and later they can use TFmode.
+@@ -25581,6 +25709,7 @@
+ s,@gcc_cv_objdump@,$gcc_cv_objdump,;t t
+ s,@gcc_cv_readelf@,$gcc_cv_readelf,;t t
+ s,@libgcc_visibility@,$libgcc_visibility,;t t
++s,@enable_espf@,$enable_espf,;t t
+ s,@GGC@,$GGC,;t t
+ s,@zlibdir@,$zlibdir,;t t
+ s,@zlibinc@,$zlibinc,;t t
+diff -Nur gcc-4.4.0_vanilla/gcc/espf.h gcc-4.4.0/gcc/espf.h
+--- gcc-4.4.0_vanilla/gcc/espf.h	1970-01-01 01:00:00.000000000 +0100
++++ gcc-4.4.0/gcc/espf.h	2009-07-11 12:36:43.000000000 +0200
+@@ -0,0 +1,104 @@
++#ifndef GCC_ESPF_H
++#define GCC_ESPF_H
++/* Version 0.2.20090614.1 (C) 2009 by Magnus Granberg zorry@ume.nu  */
++/* Gentoo espf.h patch Version 20090614.1 (C) 2009 by Magnus Granberg zorry@ume.nu  */
++
++/*	FIXME: 
++	1.	Fix so that we can have -fPIE or -fpie options.
++*/
++/*	This file add's -fstack-protector-all, -Fpie|-fpie, -pie, -D_FORTIFY_SOURCES=2, -z relro, -z now, -Wformat 
++	and -Wformat-security as default if the define's and the spec allow it.
++
++	On Gentoo
++	Added a hack for gcc-specs-* in toolchain-funcs.eclass to support older hardened GCC patches and
++	we don't need to change the code on gcc-specs-*.
++	This will add some unsupported upstream commands options as -nopie and -z nonow.
++	-D__KERNEL__ is added so we don't have -fPIE|-fpie and -fstack-protector-all when building kernels.
++	ESPF_CC1_SPEC is added to CC1_SPEC.
++	-D_FORTIFY_SOURCES=2 is added with gentoo's patchset as default so no need to set it hear.
++	-Wformat* is added with gentoo's patchset as default so no need to set it hear.
++	-z relro is set by binutils as default so no need to set it hear.
++*/
++
++#ifdef ENABLE_ESPF
++	
++	/* Hack to support gcc-specs-* in toolchain-funcs.eclass */
++	#define ESPF_CC1_SPEC "%{!fno-stack-protector: %{!fno-stack-protector-all: %{!nopie: %{!fstrict-overflow: }}}}"
++	
++	/*  This will add -Wformat -Wformat-security -Wstack-protector in espf_cc1_options_warnings and -fstack-protector-all in
++		espf_cc1_options_ssp and incompatible pie commands in espf_cc1_options_pie_incompatible.
++		ESPF_CC1_OPTIONS_SPEC is added to CC1_OPTIONS_SPEC in gcc/gcc.c  */
++	#define ESPF_CC1_OPTIONS_SPEC "%(espf_cc1_options_ssp) %(espf_cc1_options_pie_incompatible)"
++	
++	/*  This will add -z now if we don't have -z nonow or -z lazy
++		ESPF_LINK_SPEC is added to LINK_COMMAND_SPEC in gcc/gcc.c  */
++	#define ESPF_LINK_SPEC "%{!now:%{!lazy:%{!nonow:-z now}}}"
++	
++	/*  This will add -fstack-protector-all if we don't have -D__KERNEL__ -nostdlib -nodefaultlibs -fno-stack-protector -fstack-protector
++		-fstack-protector-all and we have ENABLE_LIBSSP or TARGET_LIBC_PROVIDES_SSP defined.  */
++	#if defined (ENABLE_LIBSSP) || defined (TARGET_LIBC_PROVIDES_SSP)
++		#define ESPF_CC1_OPTIONS_SSP_SPEC \
++			"%{!D__KERNEL__:%{!nostdlib:%{!nodefaultlibs: %{!fno-stack-protector: \
++			%{!fstack-protector:%{!fstack-protector-all:-fstack-protector-all}}}}}}"
++	#else
++		#define ESPF_CC1_OPTIONS_SSP_SPEC ""
++	#endif
++	
++	/* If HAVE_LD_PIE not defined we will not add any -pie -fPIE commands and incompatible pie check  */
++	#ifdef HAVE_LD_PIE
++	
++		/*  This will add -fPIE if we don't have -D__KERNEL__ -pie -fpic -fPIC -fpie -fPIE -fno-pic -fno-PIC -fno-pie -fno-PIE 
++			-shared -static -nostdlib -nostartfiles -nopie
++			We use ESPF_COMPILER_COMMAND_SPEC to add -fPIE before do_spec (compiler_command_spec) is run in gcc/gcc.c main()  */
++		#define ESPF_COMPILER_COMMAND_SPEC "%(espf_compiler_command_pie)"
++		#define ESPF_COMPILER_COMMAND_PIE_SPEC \
++			"%{!D__KERNEL__:%{!pie: %{!fpic:%{!fPIC:%{!fpie:%{!fPIE: %{!fno-pic:%{!fno-PIC:%{!fno-pie:%{!fno-PIE: \
++			%{!shared: %{!static: %{!nostdlib: %{!nostartfiles:%{!nopie:-fPIE}} } }}}} }}}} }}}}"
++		
++		/* 	This adds some incompatible rules for -pie and -shared
++			We can't have -shared when -static -pie -fPIE -fpie -fno-PIC -fno-pic
++			and -pie when -static -pg -p -profile  */
++		#define ESPF_CC1_OPTIONS_PIE_INCOMPATIBLE_SPEC \
++			"%{shared:%{static|pie|fPIE|fpie|fno-PIC|fno-pic:%e-shared and -static|pie|fPIE|fpie|fno-PIC|fno-pic are incompatible}} \
++			%{pie:%{static|pg|p|profile:%e-pie and -static|pg|p|profile are incompatible}}"
++		
++		/*  This will add -pie if we don't have -pie A -fno-pic -fno-PIC -fno-pie -fno-PIE -shared -static -r 
++			-nostdlib -nostartfiles -nopie
++			We use ESPF_LINK_COMMAND_SPEC to add -pie before do_spec (link_command_spec) is run in gcc/gcc.c main()  */ 
++		#define ESPF_LINK_COMMAND_SPEC "%(espf_link_command_pie)"
++		#define ESPF_LINK_COMMAND_PIE_SPEC \
++			"%{!pie:%{!A:%{!fno-pie:%{!fno-PIE:%{!fno-pic:%{!fno-PIC:%{!shared:%{!static:%{!r: \
++			%{!nostdlib:%{!nostartfiles:%{!nopie:-pie}}}}}}}}}}}}"
++	#else
++		#define ESPF_COMPILER_COMMAND_SPEC ""
++		#define ESPF_CC1_OPTIONS_PIE_INCOMPATIBLE_SPEC ""
++		#define ESPF_LINK_COMMAND_SPEC ""
++	#endif
++	
++	/*  We add extra spec name's to the EXTRA_SPECS list  */
++	#define ESPF_EXTRA_SPECS \
++		{ "espf_link",								ESPF_LINK_SPEC },							\
++		{ "espf_link_command",						ESPF_LINK_COMMAND_SPEC },					\
++		{ "espf_link_command_pie",					ESPF_LINK_COMMAND_PIE_SPEC },				\
++		{ "espf_compiler_command",					ESPF_COMPILER_COMMAND_SPEC },				\
++		{ "espf_compiler_command_pie",				ESPF_COMPILER_COMMAND_PIE_SPEC },			\
++		{ "espf_cc1",								ESPF_CC1_SPEC },							\
++		{ "espf_cc1_options",						ESPF_CC1_OPTIONS_SPEC },					\
++		{ "espf_cc1_options_ssp",					ESPF_CC1_OPTIONS_SSP_SPEC },				\
++		{ "espf_cc1_options_pie_incompatible",		ESPF_CC1_OPTIONS_PIE_INCOMPATIBLE_SPEC }
++			
++	static const char *cc1_spec = CC1_SPEC ESPF_CC1_SPEC;
++	static const char *espf_compiler_command_spec = ESPF_COMPILER_COMMAND_SPEC;
++	static const char *espf_link_command_spec = ESPF_LINK_COMMAND_SPEC;
++
++#else
++
++	#define ESPF_CC1_OPTIONS_SPEC ""
++	#define ESPF_LINK_SPEC ""
++	#define ESPF_EXTRA_SPECS \
++		{ "espf_cc1_options",			ESPF_CC1_OPTIONS_SPEC },	\
++		{ "espf_link",					ESPF_LINK_SPEC }
++
++#endif
++
++#endif /* End GCC_ESPF_H */
+diff -Nur gcc-4.4.0_vanilla/gcc/gcc.c gcc-4.4.0/gcc/gcc.c
+--- gcc-4.4.0_vanilla/gcc/gcc.c	2009-03-17 22:25:59.000000000 +0100
++++ gcc-4.4.0/gcc/gcc.c	2009-07-11 12:36:43.000000000 +0200
+@@ -83,6 +83,7 @@
+ #include "gcc.h"
+ #include "flags.h"
+ #include "opts.h"
++#include "espf.h" /* for espf support */
+ 
+ /* By default there is no special suffix for target executables.  */
+ /* FIXME: when autoconf is fixed, remove the host check - dj */
+@@ -726,7 +727,7 @@
+ #ifndef LINK_COMMAND_SPEC
+ #define LINK_COMMAND_SPEC "\
+ %{!fsyntax-only:%{!c:%{!M:%{!MM:%{!E:%{!S:\
+-    %(linker) %l " LINK_PIE_SPEC "%X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\
++    %(linker) %l " LINK_PIE_SPEC " %(espf_link) %X %{o*} %{A} %{d} %{e*} %{m} %{N} %{n} %{r}\
+     %{s} %{t} %{u*} %{x} %{z} %{Z} %{!A:%{!nostdlib:%{!nostartfiles:%S}}}\
+     %{static:} %{L*} %(mfwrap) %(link_libgcc) %o\
+     %{fopenmp|ftree-parallelize-loops=*:%:include(libgomp.spec)%(link_gomp)} %(mflib)\
+@@ -758,7 +759,9 @@
+ 
+ static const char *asm_debug;
+ static const char *cpp_spec = CPP_SPEC;
++#ifndef ENABLE_ESPF
+ static const char *cc1_spec = CC1_SPEC;
++#endif
+ static const char *cc1plus_spec = CC1PLUS_SPEC;
+ static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC;
+ static const char *link_ssp_spec = LINK_SSP_SPEC;
+@@ -826,6 +829,7 @@
+ /* NB: This is shared amongst all front-ends, except for Ada.  */
+ static const char *cc1_options =
+ "%{pg:%{fomit-frame-pointer:%e-pg and -fomit-frame-pointer are incompatible}}\
++ %(espf_cc1_options)\
+  %1 %{!Q:-quiet} -dumpbase %B %{d*} %{m*} %{a*}\
+  %{c|S:%{o*:-auxbase-strip %*}%{!o*:-auxbase %b}}%{!c:%{!S:-auxbase %b}}\
+  %{g*} %{O*} %{W*&pedantic*} %{w} %{std*&ansi&trigraphs}\
+@@ -1628,7 +1632,7 @@
+   const char *const ptr;
+ };
+ 
+-static const struct spec_list_1 extra_specs_1[] = { EXTRA_SPECS };
++static const struct spec_list_1 extra_specs_1[] = { ESPF_EXTRA_SPECS, EXTRA_SPECS };
+ static struct spec_list *extra_specs = (struct spec_list *) 0;
+ #endif
+ 
+@@ -6782,6 +6786,12 @@
+ 
+       if (input_file_compiler)
+ 	{
++
++#ifdef ENABLE_ESPF
++	/* We add -fpie or -fPIE as default if the spec allow it  */
++  	do_self_spec (espf_compiler_command_spec);
++#endif
++
+ 	  /* Ok, we found an applicable compiler.  Run its spec.  */
+ 
+ 	  if (input_file_compiler->spec[0] == '#')
+@@ -6873,6 +6883,10 @@
+ 		    " to the linker.\n\n"));
+ 	  fflush (stdout);
+ 	}
++#ifdef ENABLE_ESPF
++		/* We add -pie as default if the spec allow it  */
++  		do_self_spec (espf_link_command_spec);
++#endif
+       value = do_spec (link_command_spec);
+       if (value < 0)
+ 	error_count = 1;
+diff -Nur gcc-4.4.0_vanilla/gcc/Makefile.in gcc-4.4.0/gcc/Makefile.in
+--- gcc-4.4.0_vanilla/gcc/Makefile.in	2009-03-25 13:00:32.000000000 +0100
++++ gcc-4.4.0/gcc/Makefile.in	2009-07-11 12:36:10.000000000 +0200
+@@ -580,13 +580,23 @@
+ INHIBIT_LIBC_CFLAGS = -Dinhibit_libc
+ endif
+ 
++# Doesn't compile with PIE or SSP
++enable_espf = @enable_espf@
++ifeq ($(enable_espf),yes)
++ESPF_NOPIE_CFLAGS = -fno-PIE
++ESPF_NOSSP_CFLAGS = -fno-stack-protector
++else
++ESPF_NOPIE_CFLAGS=
++ESPF_NOSSP_CFLAGS=
++endif
++
+ # Options to use when compiling libgcc2.a.
+ #
+ LIBGCC2_DEBUG_CFLAGS = -g
+ LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(TARGET_LIBGCC2_CFLAGS) \
+ 		 $(LIBGCC2_DEBUG_CFLAGS) $(GTHREAD_FLAGS) \
+ 		 -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED \
+-		 $(INHIBIT_LIBC_CFLAGS)
++		 $(INHIBIT_LIBC_CFLAGS) $(ESPF_NOSSP_CFLAGS)
+ 
+ # Additional options to use when compiling libgcc2.a.
+ # Some targets override this to -isystem include
+@@ -599,7 +609,7 @@
+ CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
+   -finhibit-size-directive -fno-inline-functions -fno-exceptions \
+   -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
+-  $(INHIBIT_LIBC_CFLAGS)
++  $(INHIBIT_LIBC_CFLAGS) $(ESPF_NOSSP_CFLAGS)
+ 
+ # Additional sources to handle exceptions; overridden by targets as needed.
+ LIB2ADDEH = $(srcdir)/unwind-dw2.c $(srcdir)/unwind-dw2-fde.c \
+@@ -1719,7 +1729,7 @@
+ 	echo LIBGCC_SYNC = '$(LIBGCC_SYNC)' >> tmp-libgcc.mvars
+ 	echo LIBGCC_SYNC_CFLAGS = '$(LIBGCC_SYNC_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo CRTSTUFF_CFLAGS = '$(CRTSTUFF_CFLAGS)' >> tmp-libgcc.mvars
+-	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS)' >> tmp-libgcc.mvars
++	echo CRTSTUFF_T_CFLAGS = '$(CRTSTUFF_T_CFLAGS) $(ESPF_NOPIE_CFLAGS)' >> tmp-libgcc.mvars
+ 	echo CRTSTUFF_T_CFLAGS_S = '$(CRTSTUFF_T_CFLAGS_S)' >> tmp-libgcc.mvars
+ 
+ 	mv tmp-libgcc.mvars libgcc.mvars
+@@ -1754,12 +1764,14 @@
+ $(T)crtbegin.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
+   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
+ 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
++	$(ESPF_NOPIE_CFLAGS) \
+ 	  -c $(srcdir)/crtstuff.c -DCRT_BEGIN \
+ 	  -o $(T)crtbegin$(objext)
+ 
+ $(T)crtend.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
+   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
+ 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
++	$(ESPF_NOPIE_CFLAGS) \
+ 	  -c $(srcdir)/crtstuff.c -DCRT_END \
+ 	  -o $(T)crtend$(objext)
+ 
+@@ -1780,6 +1792,7 @@
+ $(T)crtbeginT.o: crtstuff.c $(GCC_PASSES) $(TCONFIG_H) auto-host.h \
+   gbl-ctors.h stmp-int-hdrs tsystem.h coretypes.h $(TM_H)
+ 	$(GCC_FOR_TARGET) $(CRTSTUFF_CFLAGS) $(CRTSTUFF_T_CFLAGS) \
++	$(ESPF_NOPIE_CFLAGS) \
+ 	  -c $(srcdir)/crtstuff.c -DCRT_BEGIN -DCRTSTUFFT_O \
+ 	  -o $(T)crtbeginT$(objext)
+ 
+@@ -3057,7 +3070,7 @@
+    output.h $(INSN_ATTR_H) $(SYSTEM_H) $(TOPLEV_H) $(TARGET_H) libfuncs.h \
+    $(TARGET_DEF_H) $(FUNCTION_H) $(SCHED_INT_H) $(TM_P_H) $(EXPR_H) \
+    langhooks.h $(GGC_H) $(OPTABS_H) $(REAL_H) tm-constrs.h $(GIMPLE_H)
+-	$(CC) -c $(ALL_CFLAGS) $(ALL_CPPFLAGS) \
++	$(CC) -c $(ALL_CFLAGS) $(ALL_CPPFLAGS) $(ESPF_NOSSP_CFLAGS)\
+ 		$(out_file) $(OUTPUT_OPTION)
+ 
+ # Build auxiliary files that support ecoff format.
+diff -Nur gcc-4.4.0_vanilla/gcc/opts.c gcc-4.4.0/gcc/opts.c
+--- gcc-4.4.0_vanilla/gcc/opts.c	2009-03-28 18:28:45.000000000 +0100
++++ gcc-4.4.0/gcc/opts.c	2009-07-11 12:36:31.000000000 +0200
+@@ -897,7 +897,9 @@
+ #endif
+   flag_regmove = opt2;
+   flag_strict_aliasing = opt2;
++#ifndef ENABLE_ESPF  
+   flag_strict_overflow = opt2;
++#endif
+   flag_delete_null_pointer_checks = opt2;
+   flag_reorder_blocks = opt2;
+   flag_reorder_functions = opt2;
+diff -Nur gcc-4.4.0_vanilla/gcc/varasm.c gcc-4.4.0/gcc/varasm.c
+--- gcc-4.4.0_vanilla/gcc/varasm.c	2009-03-17 21:18:21.000000000 +0100
++++ gcc-4.4.0/gcc/varasm.c	2009-07-11 12:36:25.000000000 +0200
+@@ -5607,7 +5607,11 @@
+   bool is_local;
+ 
+   is_local = targetm.binds_local_p (decl);
+-  if (!flag_shlib)
++  #ifdef ENABLE_ESPF
++    if (!flag_pic)
++  #else
++    if (!flag_shlib)
++  #endif
+     {
+       if (is_local)
+ 	kind = TLS_MODEL_LOCAL_EXEC;
diff --git a/pkgs/toolchain/gcc/gcc.nm b/pkgs/toolchain/gcc/gcc.nm
index c670ac1..3fda3d7 100644
--- a/pkgs/toolchain/gcc/gcc.nm
+++ b/pkgs/toolchain/gcc/gcc.nm
@@ -23,7 +23,10 @@ define STAGE_BUILD
    	CC="$(TARGET)-gcc -B$(TOOLS_DIR)/lib/" \
    	RANLIB=$(TARGET)-ranlib \
    	../$(THISAPP)/configure \
+			--host=$(TARGET) \
+			--build=$(TARGET) \
    		--prefix=$(TOOLS_DIR) \
+			--libexecdir=$(TOOLS_DIR)/lib \
    		--with-local-prefix=$(TOOLS_DIR) \
    		--enable-clocale=gnu \
    		--enable-shared \
@@ -32,12 +35,12 @@ define STAGE_BUILD
    		--enable-languages=c,c++ \
    		--disable-libstdcxx-pch \
    		--disable-multilib \
-			--disable-bootstrap \
+			--disable-libssp \
    		--enable-espf \
    		\
    		$(CONFIG_CPU)
-	cd $(DIR_SRC)/gcc-build && make $(PARALLELISMFLAGS)
+	cd $(DIR_SRC)/gcc-build && make #$(PARALLELISMFLAGS)
 endef
define STAGE_INSTALL
diff --git a/pkgs/toolchain/glibc/glibc.nm b/pkgs/toolchain/glibc/glibc.nm
index 2778122..f3cbbf4 100644
--- a/pkgs/toolchain/glibc/glibc.nm
+++ b/pkgs/toolchain/glibc/glibc.nm
@@ -11,7 +11,7 @@ define STAGE_BUILD
    	libc_cv_forced_unwind=yes \
    	../$(THISAPP)/configure \
    		--host=$(TARGET) \
-			--build=$$(../$(THISAPP)/scripts/config.guess) \
+			--build=$(TARGET) \
    		--prefix=$(TOOLS_DIR) \
    		--libexecdir=$(TOOLS_DIR)/lib/$(PKG_NAME) \
    		--with-headers=$(TOOLS_DIR)/include \
diff --git a/pkgs/toolchain/pax-utils/pax-utils.nm b/pkgs/toolchain/pax-utils/pax-utils.nm
deleted file mode 100644
index 19145b7..0000000
--- a/pkgs/toolchain/pax-utils/pax-utils.nm
+++ /dev/null
@@ -1,12 +0,0 @@
-
-PKG_TOOLCHAIN_DEPS += gcc glibc
-
-include ../../core/pax-utils/pax-utils.nm
-
-define STAGE_BUILD
-	cd $(DIR_APP) && make scanelf CFLAGS="$(CFLAGS)" $(PARALLELISMFLAGS)
-endef
-
-define STAGE_INSTALL
-	cd $(DIR_APP) && install -m 755 -v scanelf $(TOOLS_DIR)/bin/scanelf
-endef
diff --git a/pkgs/toolchain/perl/perl.nm b/pkgs/toolchain/perl/perl.nm
index 04efff6..d7060a0 100644
--- a/pkgs/toolchain/perl/perl.nm
+++ b/pkgs/toolchain/perl/perl.nm
@@ -19,6 +19,8 @@ define STAGE_BUILD
    cd $(DIR_APP) && make perl utilities ext/Errno/pm_to_blib #$(PARALLELISMFLAGS)
 endef
+STAGE_TEST = # No test in toolchain
+
 define STAGE_INSTALL
    cd $(DIR_APP) && cp -vf perl pod/pod2man $(TOOLS_DIR)/bin/
    -mkdir -pv $(TOOLS_DIR)/lib/perl5/$(PKG_VER)
diff --git a/tools/common-functions b/tools/common-functions
index d887a5c..e3c8928 100644
--- a/tools/common-functions
+++ b/tools/common-functions
@@ -4,6 +4,53 @@ LIBARY_PATHS="${BUILDROOT}/lib ${BUILDROOT}/usr/lib"
 BINARY_PATHS="${LIBARY_PATHS} ${BUILDROOT}/bin ${BUILDROOT}/sbin"
 BINARY_PATHS="${BINARY_PATHS} ${BUILDROOT}/usr/bin ${BUILDROOT}/usr/sbin"
+has_canary() {
+	local file=${1}
+
+	readelf -s ${file} | grep -q "__stack_chk_fail"
+}
+
+has_execstack() {
+	local file=${1}
+
+	readelf -h ${file} | grep -qE "Type:[[:space:]]*EXEC"
+}
+
+has_interpreter() {
+	local file=${1}
+
+	[ -n "$(get_interpreter ${file})" ]
+}
+
+has_nx() {
+	local file=${1}
+
+	readelf -l ${file} | grep "GNU_STACK" | grep -q "RWE"
+	[ $? != 0 ]
+}
+
+is_relro_partly() {
+	local file=${1}
+
+	readelf -l ${file} | grep -q "GNU_RELRO"
+}
+
+is_relro_full() {
+	local file=${1}
+
+	if is_relro_partly ${file}; then
+		readelf -d ${file} | grep -q "BIND_NOW"
+		return $?
+	fi
+	return 1
+}
+
+is_shared_object() {
+	local file=${1}
+
+	file ${file} | grep -q "shared object"
+}
+
 get_interpreter() {
    local file=${1}
@@ -18,6 +65,13 @@ get_needed() {
    	tr -d "[]" | awk '{ print $NF }'
 }
+get_rpath() {
+	local file=${1}
+
+	readelf -d ${file} | grep RPATH | \
+		tr -d "[]" | awk '{ print $NF }'
+}
+
 get_soname() {
    local file=${1}
@@ -58,7 +112,7 @@ find_elf_files() {
for dir in ${dirs}; do
    	for file in $(find ${dir} -maxdepth 1 -type f 2>/dev/null); do
-			if file ${file} | grep -q ELF; then
+			if file ${file} | grep -q "ELF"; then
    			files="${files} ${file}"
    		fi
    	done
diff --git a/tools/quality-agent b/tools/quality-agent
index 45e2560..57d0668 100755
--- a/tools/quality-agent
+++ b/tools/quality-agent
@@ -2,10 +2,11 @@
DIR_QA=${0}.d
+failed=0
 for file in ${DIR_QA}/*; do
    [ -x "${file}" ] || continue
-	${file} || exit $?
+	${file} || failed=1
 done
-exit 0
+exit ${failed}
diff --git a/tools/quality-agent.d/001-include-files b/tools/quality-agent.d/001-include-files
index abf683c..34257e6 100755
--- a/tools/quality-agent.d/001-include-files
+++ b/tools/quality-agent.d/001-include-files
@@ -2,11 +2,15 @@
. $(dirname ${0})/qa-include
-# Fix include files
-log "Fix include files"
+DESC="Include files have to belong to the root user. \
+	This script will fix this automatically."
-if [ ! -d "${BUILDROOT}/usr/include" ]; then
-	exit 0
-fi
+check() {
+	if [ ! -d "${BUILDROOT}/usr/include" ]; then
+		return 0
+	fi
+	
+	chown -R root:root ${BUILDROOT}/usr/include
+}
-chown -R root:root ${BUILDROOT}/usr/include
+run
diff --git a/tools/quality-agent.d/001-remove-info-files b/tools/quality-agent.d/001-remove-info-files
index 9b8db23..6e2ff0f 100755
--- a/tools/quality-agent.d/001-remove-info-files
+++ b/tools/quality-agent.d/001-remove-info-files
@@ -3,10 +3,10 @@
 . $(dirname ${0})/qa-include
# Remove documentation files
-log "Removing documentation files..."
+log_debug "Removing documentation files..."
 for dir in ${BUILDROOT}/usr/{,share}/{doc,info}; do
    if [ -d "${dir}" ]; then
-		log "  Removing: ${dir}"
+		log_debug "  Removing: ${dir}"
    	rm -rf ${dir} || exit $?
    fi
 done
diff --git a/tools/quality-agent.d/001-remove-static-libs b/tools/quality-agent.d/001-remove-static-libs
index 331a0f2..cbeabf2 100755
--- a/tools/quality-agent.d/001-remove-static-libs
+++ b/tools/quality-agent.d/001-remove-static-libs
@@ -3,7 +3,7 @@
 . $(dirname ${0})/qa-include
# Remove unwanted files
-log "Removing unwanted files: *.a *.la"
+log_debug "Removing unwanted files: *.a *.la"
 for file in $(find ${BUILDROOT} -name "*.a" -or -name "*.la"); do
    
    # Don't remove libc_nonshared.a. It is used by gcc/ld.
@@ -14,7 +14,7 @@ for file in $(find ${BUILDROOT} -name "*.a" -or -name "*.la"); do
    [ "${file##*/}" = "libfl_pic.a" ] && continue
    [ "${file##*/}" = "libpython2.6.a" ] && continue
    
-	log "  Removing: ${file}"
+	log_debug "  Removing: ${file}"
    rm -f ${file} || exit $?
 done
diff --git a/tools/quality-agent.d/001-unsafe-files b/tools/quality-agent.d/001-unsafe-files
index 34e9483..547a1b1 100755
--- a/tools/quality-agent.d/001-unsafe-files
+++ b/tools/quality-agent.d/001-unsafe-files
@@ -2,24 +2,24 @@
. $(dirname ${0})/qa-include
-log "Searching for world-writeable files..."
+log_debug "Searching for world-writeable files..."
files=$(find ${BUILDROOT} -type f -perm -2 2>/dev/null)
 if [ -n "${files}" ]; then
-	log "  QA Security Notice:"
-	log "   - The folloing files will be world writable."
-	log "   - This may or may not be a security problem, most of the time it is one."
-	log "   - Please double check that these files really need a world writeable bit and file bugs accordingly."
-	log
-	log "${files}"
+	log_error "  QA Security Notice:"
+	log_error "   - The folloing files will be world writable."
+	log_error "   - This may or may not be a security problem, most of the time it is one."
+	log_error "   - Please double check that these files really need a world writeable bit and file bugs accordingly."
+	log_error
+	log_error "${files}"
    exit 1
 fi
files=$(find ${BUILDROOT} -type f '(' -perm -2002 -o -perm -4002 ')')
 if [ -n "${files}" ]; then
-	log "  QA Notice: Unsafe files detected (set*id and world writable)"
-	log
-	log "${files}"
+	log_error "  QA Notice: Unsafe files detected (set*id and world writable)"
+	log_error
+	log_error "${files}"
    exit 1
 fi
diff --git a/tools/quality-agent.d/002-bad-symlinks b/tools/quality-agent.d/002-bad-symlinks
index f3217fd..e05fc82 100755
--- a/tools/quality-agent.d/002-bad-symlinks
+++ b/tools/quality-agent.d/002-bad-symlinks
@@ -5,17 +5,17 @@
 # Check for absolute symlinks.
 # We do not allow them because they may point to any bad location.
-log "Search for absolute symlinks"
+log_debug "Search for absolute symlinks"
failed=0
 for link in $(find ${BUILDROOT} -type l); do
    destination=$(readlink ${link})
    if [ "${destination:0:1}" = "/" ]; then
-		log "  absolute symlink: ${link}"
+		log_error "  absolute symlink: ${link}"
    	failed=1
    fi
    if [ ! -e "${link%/*}/${destination}" ]; then
-		log "  not existant destination: ${link} -> ${destination}"
+		log_error "  not existant destination: ${link} -> ${destination}"
    	failed=1
    fi
 done
diff --git a/tools/quality-agent.d/003-libs-location b/tools/quality-agent.d/003-libs-location
index 09a4280..3d29bea 100755
--- a/tools/quality-agent.d/003-libs-location
+++ b/tools/quality-agent.d/003-libs-location
@@ -4,7 +4,7 @@
# Check for libs that are missing in /usr/lib.
-log "Checking correct installation of libraries"
+log_debug "Checking correct installation of libraries"
failed=0
 for lib in $(find ${BUILDROOT}/lib -type f -name "lib*.so.*" 2>/dev/null); do
@@ -13,7 +13,7 @@ for lib in $(find ${BUILDROOT}/lib -type f -name "lib*.so.*" 2>/dev/null); do
if [ ! -e "${BUILDROOT}/usr/lib/${lib}.so" ]; then
    	failed=1
-		log "  /usr/lib/${lib}.so is missing"
+		log_error "  /usr/lib/${lib}.so is missing"
    fi
 done
diff --git a/tools/quality-agent.d/050-canary b/tools/quality-agent.d/050-canary
new file mode 100755
index 0000000..9841d5a
--- /dev/null
+++ b/tools/quality-agent.d/050-canary
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+. $(dirname ${0})/qa-include
+
+DESC="Every binary file has to provide a canary."
+
+function check() {
+	local failed=0
+
+	local file
+	for file in $(find_elf_files ${BINARY_PATHS}); do
+		if ! has_canary ${file}; then
+			log_error "  Has no canary: ${file}"
+			failed=1
+		fi
+	done
+
+	return ${failed}
+}
+
+run
diff --git a/tools/quality-agent.d/050-execstacks b/tools/quality-agent.d/050-execstacks
index ce384f1..d3aace6 100755
--- a/tools/quality-agent.d/050-execstacks
+++ b/tools/quality-agent.d/050-execstacks
@@ -2,32 +2,21 @@
. $(dirname ${0})/qa-include
-# Also, executable stacks only matter on linux...
-log "Searching for executeable stacks"
+DESC="Files with executable stacks will not work properly (or at all!) \
+	on some architectures/operating systems."
-command="scanelf -qyRF '%e %p' ${BUILDROOT} 2>/dev/null"
+check() {
+	local failed=0
-for i in $QUALITY_AGENT_WHITELIST_EXECSTACK; do
-	if [ -n "$FILTER" ]; then
-		FILTER="$FILTER|$i"
-	else
-		FILTER="$i"
-	fi
-done
+	local file
+	for file in $(find_elf_files ${BINARY_PATHS}); do
+		if has_execstack ${file}; then
+			log_error "  File has execstack: ${file}"
+			failed=1
+		fi
+	done
-if [ -n "$FILTER" ]; then
-	log "  Filter: $FILTER"
-	command="$command | grep -vE "$FILTER""
-fi
+	return ${failed}
+}
-files=$(${command})
-if [ -n "${files}" ]; then
-	log "  QA Notice: The following files contain executable stacks"
-	log "   Files with executable stacks will not work properly (or at all!)"
-	log "   on some architectures/operating systems."
-	log "${files}"
-
-	exit 1
-fi
-
-exit 0
+run
diff --git a/tools/quality-agent.d/050-libs-needed b/tools/quality-agent.d/050-libs-needed
index 3fefe61..dbc6196 100755
--- a/tools/quality-agent.d/050-libs-needed
+++ b/tools/quality-agent.d/050-libs-needed
@@ -2,17 +2,30 @@
. $(dirname ${0})/qa-include
-check_files=$(find ${BUILDROOT} -name lib*.so)
+DESC="Every shared object has to provide the NEEDED entry."
-log "Searching bad libs that lack the NEEDED attribute"
+check() {
+	local failed=0
-if [ -n "$check_files" ]; then
-	f=$(scanelf -ByF '%n %p' $check_files | awk '$2 == "" { print }')
-	if [ -n "$f" ]; then
-		log "  QA Notice: The following shared libraries lack NEEDED entries"
-		log "${f}"
-		exit 1
-	fi
-fi
+	local file
+	local needed
+	for file in $(find_elf_files ${LIBARY_PATHS}); do
+		if ! is_shared_object ${file}; then
+			continue
+		fi
-exit 0
+		if ! has_interpreter ${file}; then
+			continue
+		fi
+
+		needed=$(get_needed ${file})
+		if [ -z "${needed}" ]; then
+			log_error "  File lacks needed attribute: ${file}"
+			failed=1
+		fi
+	done
+
+	return ${failed}
+}
+
+run
diff --git a/tools/quality-agent.d/050-libs-soname b/tools/quality-agent.d/050-libs-soname
old mode 100644
new mode 100755
index 8430e46..e4f514c
--- a/tools/quality-agent.d/050-libs-soname
+++ b/tools/quality-agent.d/050-libs-soname
@@ -2,30 +2,30 @@
. $(dirname ${0})/qa-include
-log "Searching bad libs that lack a SONAME"
+DESC="Every shared object has to provide the SONAME entry."
-check_files=$(find ${BUILDROOT} -name lib*.so)
+check() {
+	local failed=0
-command="scanelf -ByF '%S %p' $check_files | awk '$2 == "" { print }'"
+	local file
+	local soname
+	for file in $(find_elf_files ${LIBARY_PATHS}); do
+		if ! is_shared_object ${file}; then
+			continue
+		fi
-for i in $QUALITY_AGENT_WHITELIST_SONAME; do
-	if [ -n "$FILTER" ]; then
-		FILTER="$FILTER|$i"
-	else
-		FILTER="$i"
-	fi
-done
+		if ! has_interpreter ${file}; then
+			continue
+		fi
-if [ -n "$FILTER" ]; then
-	command="$command | grep -vE "$FILTER""
-fi
+		soname=$(get_soname ${file})
+		if [ -z "${soname}" ]; then
+			log_error "  File lacks soname attribute: ${file}"
+			failed=1
+		fi
+	done
-files=$(${command})
-if [ -n "${files}" ]; then
-	log "  QA Notice: The following shared libraries lack a SONAME"
-	log "${files}"
+	return ${failed}
+}
-	exit 1
-fi
-
-exit 0
+run
diff --git a/tools/quality-agent.d/050-nx b/tools/quality-agent.d/050-nx
new file mode 100755
index 0000000..7a78a72
--- /dev/null
+++ b/tools/quality-agent.d/050-nx
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+. $(dirname ${0})/qa-include
+
+function check() {
+	local failed=0
+
+	local file
+	for file in $(find_elf_files ${BINARY_PATHS}); do
+		if ! has_nx ${file}; then
+			log_error "  No NX: ${file}"
+			failed=1
+		fi
+	done
+
+	return ${failed}
+}
+
+run
diff --git a/tools/quality-agent.d/050-relro b/tools/quality-agent.d/050-relro
new file mode 100755
index 0000000..f11c07e
--- /dev/null
+++ b/tools/quality-agent.d/050-relro
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+. $(dirname ${0})/qa-include
+
+DESC="Text relocations force the dynamic linker to perform extra \
+	work at startup, waste system resources, and may pose a security \
+	risk. On some architectures, the code may not even function \
+	properly, if at all."
+
+function check() {
+	local failed=0
+
+	local file
+	for file in $(find_elf_files ${BINARY_PATHS}); do
+		if ! is_relro_full ${file}; then
+			log_error "  Is not full relro: ${file}"
+			failed=1
+		fi
+	done
+
+	return ${failed}
+}
+
+run
diff --git a/tools/quality-agent.d/050-rpaths b/tools/quality-agent.d/050-rpaths
index f14607d..a5da540 100755
--- a/tools/quality-agent.d/050-rpaths
+++ b/tools/quality-agent.d/050-rpaths
@@ -2,33 +2,41 @@
. $(dirname ${0})/qa-include
-# Make sure we disallow insecure RUNPATH/RPATH's
-# Don't want paths that point to the tree where the package was built
-# (older, broken libtools would do this).  Also check for null paths
-# because the loader will search $PWD when it finds null paths.
-log "Searching for bad RPATH attributes"
-
-command="scanelf -qyRF '%r %p' ${BUILDROOT} 2>/dev/null"
-
-for i in $QUALITY_AGENT_WHITELIST_RPATH; do
+DESC="Searching for RPATHs. We don't want paths that point to the tree where \
+	the package was built (older, broken libtools would do this). \
+	Also check for null paths because the loader will search $PWD when it \
+	finds null paths."
+
+check() {
+	for i in $QUALITY_AGENT_WHITELIST_RPATH; do
+		if [ -n "$FILTER" ]; then
+			FILTER="$FILTER|$i"
+		else
+			FILTER="$i"
+		fi
+	done
+	
    if [ -n "$FILTER" ]; then
-		FILTER="$FILTER|$i"
-	else
-		FILTER="$i"
+		log_debug "  Filter: $FILTER"
    fi
-done
-if [ -n "$FILTER" ]; then
-	log "  Filter: $FILTER"
-	command="$command | grep -vE "$FILTER""
-fi
+	local failed=0
+
+	local file
+	local rpath
+	for file in $(find_elf_files ${BINARY_PATHS}); do
+		if filtered ${file}; then
+			continue
+		fi
-files=$(${command})
-if [ -n "${files}" ]; then
-	log "  QA Notice: The following files contain insecure RUNPATH's"
-	log "${files}"
+		rpath=$(get_rpath ${file})
+		if [ -n "${rpath}" ]; then
+			log_error "  File has rpath: ${file} - ${rpath}"
+			failed=1
+		fi
+	done
-	exit 1
-fi
+	return ${failed}
+}
-exit 0
+run
diff --git a/tools/quality-agent.d/050-textrels b/tools/quality-agent.d/050-textrels
deleted file mode 100755
index a3c2f2e..0000000
--- a/tools/quality-agent.d/050-textrels
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-
-. $(dirname ${0})/qa-include
-
-# TEXTREL's are baaaaaaaad
-log "Searching for bad TEXTRELs"
-
-files=$(scanelf -qyRF '%t %p' ${BUILDROOT} 2>/dev/null | awk '{ print $NF }')
-if [ -n "${files}" ]; then
-	log "  QA Notice: The following files contain runtime text relocations"
-	log "   Text relocations force the dynamic linker to perform extra"
-	log "   work at startup, waste system resources, and may pose a security"
-	log "   risk. On some architectures, the code may not even function"
-	log "   properly, if at all."
-	log "${files}"
-
-	exit 1
-fi
-
-exit 0
diff --git a/tools/quality-agent.d/095-directory-layout b/tools/quality-agent.d/095-directory-layout
index cf1f0bd..c18fd44 100755
--- a/tools/quality-agent.d/095-directory-layout
+++ b/tools/quality-agent.d/095-directory-layout
@@ -2,26 +2,22 @@
. $(dirname ${0})/qa-include
-function check() {
-	local dir=${1}
+DESC="The filelayout should comply to the FHS."
-	log "    ...${dir}"
+DIRS="/etc/init.d /etc/rc.d /lib/pkgconfig /usr/etc /usr/local /usr/man /usr/var"
-	if [ -d "${BUILDROOT}/${dir}" ]; then
-		log "ERROR: This directory should not be there: ${dir}"
-		exit 1
-	fi
-}
+function check() {
+	local failed=0
-log "Check directory layout"
+	local dir
+	for dir in ${DIRS}; do
+		if [ -d "${dir}" ]; then
+			log_error "Bad directory: ${dir}"
+			failed=1
+		fi
+	done
-log "  Checking for directories that should not be there"
-check /etc/init.d
-check /etc/rc.d
-check /lib/pkgconfig
-check /usr/etc
-check /usr/local
-check /usr/man
-check /usr/var
+	return ${failed}
+}
-exit 0
+run
diff --git a/tools/quality-agent.d/qa-include b/tools/quality-agent.d/qa-include
index c719726..1644a91 100644
--- a/tools/quality-agent.d/qa-include
+++ b/tools/quality-agent.d/qa-include
@@ -1,7 +1,29 @@
 #!/bin/bash
+# Include additional functions
+. $(dirname ${0})/qa-functions
+
+function debug() {
+	[ "${NAOKI_DEBUG}" = "1" ]
+}
+
 function log() {
-	printf "%-22s: %s\n" "${0##*/}" "$@"
+	local facility=${1}
+	shift
+
+	printf " %-7s %s\n" "${facility}" "$@"
+}
+
+function log_debug() {
+	debug && log DEBUG "$@"
+}
+
+function log_error() {
+	log "ERROR" "$@"
+}
+
+function log_info() {
+	log "INFO" "$@"
 }
if [ -z "${BUILDROOT}" ]; then
@@ -9,5 +31,55 @@ if [ -z "${BUILDROOT}" ]; then
    exit 1
 fi
-# Include additional functions
-. $(dirname ${0})/qa-functions
+function filtered() {
+	[ -z "${FILTER}" ] && return 1
+	grep -qE ${FILTER} <<<$@
+}
+
+function print_description() {
+	# Remove all whitespaces
+	local desc=$(echo ${DESC})
+
+	log_info "Check: $(basename ${0})"
+	IFS='
+'
+	for line in $(fold -s -w 60 <<<${desc}); do
+		log_info "  ${line}"
+	done
+	log_info # Empty line
+
+	unset IFS
+}
+
+function qa_find() {
+	local filetype=${1}
+	local command=${2}
+
+	log_debug "Running qa_find with command ${command} in ${filetype}"
+
+	local file
+	for file in $(find_elf_files ${!filetype}); do
+		${command} ${file}
+	done
+}
+
+function check() {
+	log_error "REPLACE THIS FUNCTION BY A CUSTOM CHECK"
+	return 1
+}
+
+function run() {
+	local error_message
+	local ret
+
+	error_message=$(check)
+	ret=$?
+
+	[ "${ret}" = "0" ] && return 0
+
+	print_description
+
+	echo "${error_message}"
+	return ${ret}	
+}
+
hooks/post-receive
--
IPFire 3.x development tree

    