[Responses snipped] Right. Basically, the Gentoo specfiles are designed to remove the need to change Makefiles to include "-pie -fpie" on the PIE end and include -fstack-protector-all on the SSP end - the latter just like Robert's specfile for HLFS. I've been following the GCC-4 LFS branch instructions except for those specfile changes and hardwired those specfile changes into gcc (no patch for that yet, I'm still trying to sort a minimal set of patches out to get Jakub's SSP backport working with vanilla 4.0.x - I'm using almost the full Red Hat branch, and I doubt that'd be what the book wants). Building glibc, there's a snag buried somewhere in the includes - if you build with Gentoo's hardened specs, it'll blow up on trying to compile iconv/gconv_cache.c. As near as I could isolate, it's an assembly problem deeply buried in not-cancel.h in the sysdeps folders, but that's way over my head to fix. Since one of Gentoo's glibc patches fixes this, maybe I can chase down which one. Another thing to note is that if you build GCC with -fstack-protector-all hardwired in, you'll need to force glibc to link libc_nonshared.a into its applications, or it won't find the stack protector symbols and bomb out. That's a simple Makefile change, though. I haven't had too much pain with the rest of the system, although a couple gcc4-fixes are needed - those are all in the Patches project. One thing that won't work is Java, but I'm not worried about /that/ one.
~Andreas -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
