I did already exactly that, and glibc failed in first step! What else should I check??
On 10/25/08, Mike Edenfield <[EMAIL PROTECTED]> wrote: > Jan Klod wrote: >> Hello. >> >> I was trying to make a switch form normal, freshly installed gentoo to >> hardened like described in PaX quickstart. >> http://www.gentoo.org/proj/en/hardened/pax-quickstart.xml Though, that >> guide is missing to inform about when should I boot hardened-sources. >> Not sure if after "emerge binutils gcc virtual/libc" or "emerge -e >> world", but I got this error, which persists: >> >> ============================================================================ >> *** stack smashing detected ***: cc1 - terminated >> cc1: stack smashing attack in function ix86_split_to_parts - terminated >> Report to http://bugs.gentoo.org/ >> i686-pc-linux-gnu-gcc: Internal error: Killed (program cc1) >> Please submit a full bug report. >> See <URL:http://bugs.gentoo.org/> for instructions. >> make[2]: *** >> [/var/tmp/portage/sys-libs/glibc-2.6.1/work/build-default-i686-pc-linux-gnu-nptl/math/s_catanl.o] >> Error 1 >> make[2]: Leaving directory >> `/var/tmp/portage/sys-libs/glibc-2.6.1/work/glibc-2.6.1/math' >> make[1]: *** [math/others] Error 2 >> make[1]: Leaving directory >> `/var/tmp/portage/sys-libs/glibc-2.6.1/work/glibc-2.6.1' >> make: *** [all] Error 2 >> * >> * ERROR: sys-libs/glibc-2.6.1 failed. >> * Call stack: >> * ebuild.sh, line 49: Called src_compile >> * environment, line 3350: Called eblit-run 'src_compile' >> * environment, line 1075: Called eblit-glibc-src_compile >> * src_compile.eblit, line 181: Called toolchain-glibc_src_compile >> * src_compile.eblit, line 122: Called die >> * The specific snippet of code: >> * make PARALLELMFLAGS="${MAKEOPTS}" || die "make for >> ${ABI} failed" >> * The die message: >> * make for default failed >> * >> * If you need support, post the topmost build error, and the call >> stack if relevant. >> * A complete build log is located at >> '/var/tmp/portage/sys-libs/glibc-2.6.1/temp/build.log'. >> * The ebuild environment file is located at >> '/var/tmp/portage/sys-libs/glibc-2.6.1/temp/environment'. >> ============================================================================ >> >> Should I really discard my work with normal install (lost >> configurations + some hustle) and use hardened stage3? (somehow I >> don't believe, I discovered something really "bug") >> And one more question: is hardened toolchain built userland going to >> work with gentoo-sources? > > You should not boot into the PaX-enabled kernel until you > have rebuilt everything with the new binutils/gcc > combination. Otherwise you risk a critical application > still doing something bad, which is happening here. > > To fix this, you need to boot into a non-PaX kernel but > hardened profile, and re-emerge gcc. I'd suggest, to be > absolutely sure you got everything, you just rerun the two > emerge steps again from the beginning: > > emerge -1 bintils gcc virtual/libc > emerge -e world > > >
