Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Michael Stapelbergwrites: > Could you provide the command line for doing this please? Sure, no problem. sudo apt install debootstrap debian-ports-archive-keyring sudo debootstrap --arch=x32 --variant=buildd \ --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg \ unstable $DIR https://deb.debian.org/debian-ports You'll then want to establish an rbind mount for $DIR/dev and regular bind mounts for, at minimum, $DIR/proc and $DIR/sys. (You might consider doing the same for $DIR/home and $DIR/tmp.) -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Could you provide the command line for doing this please? On Mon, Nov 13, 2017 at 5:20 PM, Aaron M. Uckowrote: > Michael Stapelberg writes: > >> Do I understand correctly that you’re saying booting an amd64 machine >> with syscall.x32=y should suffice to reproduce the issue? > > AIUI, that setting should let you work in a local x32 chroot, though you > will of course have to set it up first via debootstrap or the like. > > -- > Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) > http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu -- Best regards, Michael
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Michael Stapelbergwrites: > Do I understand correctly that you’re saying booting an amd64 machine > with syscall.x32=y should suffice to reproduce the issue? AIUI, that setting should let you work in a local x32 chroot, though you will of course have to set it up first via debootstrap or the like. -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Do I understand correctly that you’re saying booting an amd64 machine with syscall.x32=y should suffice to reproduce the issue? On Sun, Nov 12, 2017 at 6:17 PM, Aaron M. Uckowrote: > Michael Stapelberg writes: > >> ucko, what’s the procedure here? How can Steffen get access to a >> machine on which to reproduce this issue? > > Good question. Technically, x32 is an alternate ABI for amd64, so the > amd64 porter box could in principle additionally host x32 chroots. > However, to do so, it would need an explicit kernel command line setting > (syscall.x32=y), since x32 binary support is off by default for now to > avoid adding a potential attack vector for little practical gain. > > I'm not an official porter or buildd maintainer, and don't know what > setup they use, sorry. > > -- > Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) > http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu -- Best regards, Michael
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Michael Stapelbergwrites: > ucko, what’s the procedure here? How can Steffen get access to a > machine on which to reproduce this issue? Good question. Technically, x32 is an alternate ABI for amd64, so the amd64 porter box could in principle additionally host x32 chroots. However, to do so, it would need an explicit kernel command line setting (syscall.x32=y), since x32 binary support is off by default for now to avoid adding a potential attack vector for little practical gain. I'm not an official porter or buildd maintainer, and don't know what setup they use, sorry. -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Sorry, I just realized we don’t actually have an x32 porterbox listed at https://db.debian.org/machines.cgi. ucko, what’s the procedure here? How can Steffen get access to a machine on which to reproduce this issue? Thanks. On Fri, Nov 10, 2017 at 5:30 PM, Michael Stapelbergwrote: > You can get a guest account on Debian porter machines (we have one for > each architecture which Debian supports). Please follow > https://dsa.debian.org/doc/guest-account/, I’m happy to sponsor your > request. > > On Fri, Nov 10, 2017 at 5:26 PM, Steffen Jaeckel wrote: >> On 10/18/2017 05:31 PM, Michael Stapelberg wrote: >>> [+cc steffen, karel] >>> >>> Any clues about this build failure? >>> >>> On Wed, Oct 18, 2017 at 8:22 AM, Aaron M. Ucko wrote: Source: libtomcrypt Version: 1.18-1 Severity: important Justification: fails to build from source (but built successfully in the past) User: debian-...@lists.debian.or The latest build of libtomcrypt for x32 (admittedly not a release architecture) failed per the below excerpts from https://buildd.debian.org/status/fetch.php?pkg=libtomcrypt=x32=1.18.0-1=1508165690=0: libtool: compile: gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now -c src/ciphers/aes/aes.c -fPIC -DPIC -o src/ciphers/aes/.libs/aes.o [...] libtool --mode=link --tag=CC gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now src/ciphers/aes/aes.lo src/ciphers/aes/aes_enc.lo src/ciphers/anubis.lo [...] src/stream/sober128/sober128_test.lo -lgmp -ltommath -o libtomcrypt.la -rpath /usr/local/lib -version-info 1:0 libtool: link: gcc -shared -fPIC -DPIC src/ciphers/aes/.libs/aes.o src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o [...] src/stream/sober128/.libs/sober128_test.o -lgmp -ltommath -O3 -g -O2 -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -specs=/usr/share/dpkg/pie-link.specs -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.0 /usr/bin/ld: src/ciphers/aes/.libs/aes.o: relocation R_X86_64_PC32 against symbol `rijndael_setup' can not be used when making a shared object; recompile with -fPIC /usr/bin/ld: final link failed: Bad value collect2: error: ld returned 1 exit status I'm not sure why the linker's complaining about missing an option you did in fact supply, but perhaps the use of pie-*.specs is somehow throwing things off; please try forgoing PIE on x32 for now. Thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu >> >> Any updates on this? >> >> I built the library with x32 support on my local machine and that >> works as expected >> >>> $ file .libs/test >>> .libs/test: ELF 32-bit LSB executable, x86-64, version 1 (SYSV), >> dynamically linked, interpreter /libx32/ld-linux-x32.so.2, for GNU/Linux >> 3.4.0, BuildID[sha1]=e747673ddc8a354679b2e0f97b12886a7c6273c2, not stripped >>> $ gcc -dumpversion >>> 5.4.0 >> >> >> Can I somehow create this exact environment locally so I can try to >> reproduce? >> >> -- >> Steffen Jaeckel - s_jaec...@gmx.de >> GnuPG fingerprint: C438 6A23 7ED4 3A47 5541 B942 7B2C D0DD 4BCF F59B >> My OTR key has changed on 30. Sept. 2015! >> jabber: jaec...@jabber.ccc.de F052DE29 4FA9A02D 44A794E5 AE5AC0FB C5865C64 > > > > -- > Best regards, > Michael -- Best regards, Michael
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
You can get a guest account on Debian porter machines (we have one for each architecture which Debian supports). Please follow https://dsa.debian.org/doc/guest-account/, I’m happy to sponsor your request. On Fri, Nov 10, 2017 at 5:26 PM, Steffen Jaeckelwrote: > On 10/18/2017 05:31 PM, Michael Stapelberg wrote: >> [+cc steffen, karel] >> >> Any clues about this build failure? >> >> On Wed, Oct 18, 2017 at 8:22 AM, Aaron M. Ucko wrote: >>> Source: libtomcrypt >>> Version: 1.18-1 >>> Severity: important >>> Justification: fails to build from source (but built successfully in the >>> past) >>> User: debian-...@lists.debian.or >>> >>> The latest build of libtomcrypt for x32 (admittedly not a release >>> architecture) failed per the below excerpts from >>> https://buildd.debian.org/status/fetch.php?pkg=libtomcrypt=x32=1.18.0-1=1508165690=0: >>> >>> libtool: compile: gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow >>> -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align >>> -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement >>> -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer >>> -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. >>> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat >>> -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time >>> -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro >>> -Wl,-z,now -c src/ciphers/aes/aes.c -fPIC -DPIC -o >>> src/ciphers/aes/.libs/aes.o >>> [...] >>> libtool --mode=link --tag=CC gcc -I./src/headers/ -Wall -Wsign-compare >>> -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast >>> -Wcast-align -Wstrict-prototypes -Wpointer-arith >>> -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 >>> -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 >>> -fdebug-prefix-map=/<>=. >>> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat >>> -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time >>> -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro >>> -Wl,-z,now src/ciphers/aes/aes.lo src/ciphers/aes/aes_enc.lo >>> src/ciphers/anubis.lo [...] src/stream/sober128/sober128_test.lo -lgmp >>> -ltommath -o libtomcrypt.la -rpath /usr/local/lib -version-info 1:0 >>> libtool: link: gcc -shared -fPIC -DPIC src/ciphers/aes/.libs/aes.o >>> src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o [...] >>> src/stream/sober128/.libs/sober128_test.o -lgmp -ltommath -O3 -g -O2 >>> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong >>> -specs=/usr/share/dpkg/pie-link.specs -Wl,-z -Wl,relro -Wl,-z -Wl,now >>> -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.0 >>> /usr/bin/ld: src/ciphers/aes/.libs/aes.o: relocation R_X86_64_PC32 >>> against symbol `rijndael_setup' can not be used when making a shared >>> object; recompile with -fPIC >>> /usr/bin/ld: final link failed: Bad value >>> collect2: error: ld returned 1 exit status >>> >>> I'm not sure why the linker's complaining about missing an option you >>> did in fact supply, but perhaps the use of pie-*.specs is somehow >>> throwing things off; please try forgoing PIE on x32 for now. >>> >>> Thanks! >>> >>> -- >>> Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) >>> http://www.mit.edu/~amu/ | >>> http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu > > Any updates on this? > > I built the library with x32 support on my local machine and that > works as expected > >> $ file .libs/test >> .libs/test: ELF 32-bit LSB executable, x86-64, version 1 (SYSV), > dynamically linked, interpreter /libx32/ld-linux-x32.so.2, for GNU/Linux > 3.4.0, BuildID[sha1]=e747673ddc8a354679b2e0f97b12886a7c6273c2, not stripped >> $ gcc -dumpversion >> 5.4.0 > > > Can I somehow create this exact environment locally so I can try to > reproduce? > > -- > Steffen Jaeckel - s_jaec...@gmx.de > GnuPG fingerprint: C438 6A23 7ED4 3A47 5541 B942 7B2C D0DD 4BCF F59B > My OTR key has changed on 30. Sept. 2015! > jabber: jaec...@jabber.ccc.de F052DE29 4FA9A02D 44A794E5 AE5AC0FB C5865C64 -- Best regards, Michael
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
On 10/18/2017 05:31 PM, Michael Stapelberg wrote: > [+cc steffen, karel] > > Any clues about this build failure? > > On Wed, Oct 18, 2017 at 8:22 AM, Aaron M. Uckowrote: >> Source: libtomcrypt >> Version: 1.18-1 >> Severity: important >> Justification: fails to build from source (but built successfully in the >> past) >> User: debian-...@lists.debian.or >> >> The latest build of libtomcrypt for x32 (admittedly not a release >> architecture) failed per the below excerpts from >> https://buildd.debian.org/status/fetch.php?pkg=libtomcrypt=x32=1.18.0-1=1508165690=0: >> >> libtool: compile: gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow >> -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align >> -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement >> -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer >> -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. >> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat >> -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time >> -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro >> -Wl,-z,now -c src/ciphers/aes/aes.c -fPIC -DPIC -o >> src/ciphers/aes/.libs/aes.o >> [...] >> libtool --mode=link --tag=CC gcc -I./src/headers/ -Wall -Wsign-compare >> -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast >> -Wcast-align -Wstrict-prototypes -Wpointer-arith >> -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 >> -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 >> -fdebug-prefix-map=/<>=. >> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat >> -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time >> -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro >> -Wl,-z,now src/ciphers/aes/aes.lo src/ciphers/aes/aes_enc.lo >> src/ciphers/anubis.lo [...] src/stream/sober128/sober128_test.lo -lgmp >> -ltommath -o libtomcrypt.la -rpath /usr/local/lib -version-info 1:0 >> libtool: link: gcc -shared -fPIC -DPIC src/ciphers/aes/.libs/aes.o >> src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o [...] >> src/stream/sober128/.libs/sober128_test.o -lgmp -ltommath -O3 -g -O2 >> -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong >> -specs=/usr/share/dpkg/pie-link.specs -Wl,-z -Wl,relro -Wl,-z -Wl,now >> -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.0 >> /usr/bin/ld: src/ciphers/aes/.libs/aes.o: relocation R_X86_64_PC32 against >> symbol `rijndael_setup' can not be used when making a shared object; >> recompile with -fPIC >> /usr/bin/ld: final link failed: Bad value >> collect2: error: ld returned 1 exit status >> >> I'm not sure why the linker's complaining about missing an option you >> did in fact supply, but perhaps the use of pie-*.specs is somehow >> throwing things off; please try forgoing PIE on x32 for now. >> >> Thanks! >> >> -- >> Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) >> http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu Any updates on this? I built the library with x32 support on my local machine and that works as expected > $ file .libs/test > .libs/test: ELF 32-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /libx32/ld-linux-x32.so.2, for GNU/Linux 3.4.0, BuildID[sha1]=e747673ddc8a354679b2e0f97b12886a7c6273c2, not stripped > $ gcc -dumpversion > 5.4.0 Can I somehow create this exact environment locally so I can try to reproduce? -- Steffen Jaeckel - s_jaec...@gmx.de GnuPG fingerprint: C438 6A23 7ED4 3A47 5541 B942 7B2C D0DD 4BCF F59B My OTR key has changed on 30. Sept. 2015! jabber: jaec...@jabber.ccc.de F052DE29 4FA9A02D 44A794E5 AE5AC0FB C5865C64
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
[+cc steffen, karel] Any clues about this build failure? On Wed, Oct 18, 2017 at 8:22 AM, Aaron M. Uckowrote: > Source: libtomcrypt > Version: 1.18-1 > Severity: important > Justification: fails to build from source (but built successfully in the past) > User: debian-...@lists.debian.or > > The latest build of libtomcrypt for x32 (admittedly not a release > architecture) failed per the below excerpts from > https://buildd.debian.org/status/fetch.php?pkg=libtomcrypt=x32=1.18.0-1=1508165690=0: > > libtool: compile: gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow > -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align > -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement > -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer > -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. > -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat > -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time > -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro > -Wl,-z,now -c src/ciphers/aes/aes.c -fPIC -DPIC -o > src/ciphers/aes/.libs/aes.o > [...] > libtool --mode=link --tag=CC gcc -I./src/headers/ -Wall -Wsign-compare > -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast > -Wcast-align -Wstrict-prototypes -Wpointer-arith > -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 > -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 > -fdebug-prefix-map=/<>=. > -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat > -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time > -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro > -Wl,-z,now src/ciphers/aes/aes.lo src/ciphers/aes/aes_enc.lo > src/ciphers/anubis.lo [...] src/stream/sober128/sober128_test.lo -lgmp > -ltommath -o libtomcrypt.la -rpath /usr/local/lib -version-info 1:0 > libtool: link: gcc -shared -fPIC -DPIC src/ciphers/aes/.libs/aes.o > src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o [...] > src/stream/sober128/.libs/sober128_test.o -lgmp -ltommath -O3 -g -O2 > -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong > -specs=/usr/share/dpkg/pie-link.specs -Wl,-z -Wl,relro -Wl,-z -Wl,now > -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.0 > /usr/bin/ld: src/ciphers/aes/.libs/aes.o: relocation R_X86_64_PC32 against > symbol `rijndael_setup' can not be used when making a shared object; > recompile with -fPIC > /usr/bin/ld: final link failed: Bad value > collect2: error: ld returned 1 exit status > > I'm not sure why the linker's complaining about missing an option you > did in fact supply, but perhaps the use of pie-*.specs is somehow > throwing things off; please try forgoing PIE on x32 for now. > > Thanks! > > -- > Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) > http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu -- Best regards, Michael
Bug#879027: libtomcrypt: FTBFS on x32: final link failed: Bad value
Source: libtomcrypt Version: 1.18-1 Severity: important Justification: fails to build from source (but built successfully in the past) User: debian-...@lists.debian.or The latest build of libtomcrypt for x32 (admittedly not a release architecture) failed per the below excerpts from https://buildd.debian.org/status/fetch.php?pkg=libtomcrypt=x32=1.18.0-1=1508165690=0: libtool: compile: gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now -c src/ciphers/aes/aes.c -fPIC -DPIC -o src/ciphers/aes/.libs/aes.o [...] libtool --mode=link --tag=CC gcc -I./src/headers/ -Wall -Wsign-compare -Wshadow -DLTC_SOURCE -Wextra -Wsystem-headers -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wwrite-strings -Wno-type-limits -O3 -funroll-loops -fomit-frame-pointer -DGIT_VERSION=\"1.18.0\" -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -DGMP_DESC -DLTM_DESC -DUSE_LTM -Wdate-time -D_FORTIFY_SOURCE=2 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now src/ciphers/aes/aes.lo src/ciphers/aes/aes_enc.lo src/ciphers/anubis.lo [...] src/stream/sober128/sober128_test.lo -lgmp -ltommath -o libtomcrypt.la -rpath /usr/local/lib -version-info 1:0 libtool: link: gcc -shared -fPIC -DPIC src/ciphers/aes/.libs/aes.o src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o [...] src/stream/sober128/.libs/sober128_test.o -lgmp -ltommath -O3 -g -O2 -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -specs=/usr/share/dpkg/pie-link.specs -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.0 /usr/bin/ld: src/ciphers/aes/.libs/aes.o: relocation R_X86_64_PC32 against symbol `rijndael_setup' can not be used when making a shared object; recompile with -fPIC /usr/bin/ld: final link failed: Bad value collect2: error: ld returned 1 exit status I'm not sure why the linker's complaining about missing an option you did in fact supply, but perhaps the use of pie-*.specs is somehow throwing things off; please try forgoing PIE on x32 for now. Thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu