sys-libs/glibc-2.10.1 is in the tree bug #270274 and syslog for fortify

5 files changed, 0 insertions, 720 deletions

diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest
index 1c16ebca..f92c2a6a 100644
--- a/sys-libs/glibc/Manifest
+++ b/sys-libs/glibc/Manifest
@@ -1,6 +1,3 @@
-AUX 2.10/glibc-2.10-hardened-configure-picdefault.patch 865 RMD160 744bdbfb73f1dbced4cb33cb5aa92f3b41d3b4fb SHA1 21e0f83598f5342032a794315f0e3dac07f647da SHA256 b50b29f85d88011555bbcbe6046e6600be9344f2d78412b14aebdea515420774
-AUX 2.10/glibc-2.10-hardened-inittls-nosysenter.patch 8823 RMD160 163e53f0f4f0bd003ef1c50a4eaaa8f4a82695fe SHA1 df23c6756114e1451e6f120723af1b621037c28e SHA256 dcf78c6524c222dbee907200a8878aff727e29d43a4962b977a16d85752e5c10
-AUX 2.10/glibc-2.10-hardened-ssp-compat.patch 4802 RMD160 02bd17455d64b6661ae5f44329357dc254cdf118 SHA1 b40cf1a8f17e448861746ba39aa20afd66a47b2d SHA256 bd6f0aa8eace0a935731749e101d5fe30210f9edb65f2f5ccd425cef581ddce4
 AUX 2.5/glibc-2.5-hardened-configure-picdefault.patch 794 RMD160 7ab81bac4b9625043b1e7edea6fb5707696c144d SHA1 25a0b018eb44f3c9818876a12e9ec817e305d80b SHA256 0c0359f567e4ad2d3184618bf6ac7e6102b703eab6227c7e9a4ff4dcdeed2c91
 AUX 2.5/glibc-2.5-hardened-pie.patch 1569 RMD160 8746aeb9f9c68ca153d93cf92c9df93d0fb324d6 SHA1 c2ec8d9286af38017f5bee5a8823f642c067201d SHA256 ff9cde8857c5da89faa4039e2a81748674fbeaaa49d85c378d80711d55f2b0c1
 AUX 2.6/glibc-2.6-gentoo-chk_fail.c 9407 RMD160 230701dfacfe2481eb49e5384fe4ebb508bd3af2 SHA1 0e9330d57de714dd1ecd7040d3eabf4723cdee7c SHA256 7745c0f5d37b37959b43b41e39762fc35b877161bc5740d9d3e9a83021acbc0e
@@ -26,16 +23,11 @@ AUX nscd.conf 1158 RMD160 50651e89a0cb206b1d37dae8840527694fe561b5 SHA1 5f5166aa
 AUX nsswitch.conf 503 RMD160 f375f92f6b41029c93382c39cef896261b140cfc SHA1 42f7f5cc3de75c69bf60d806ac8490106ea63326 SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d
 AUX test-__thread.c 53 RMD160 dcc9960f3bf26c935f41dc5c408613963885ad58 SHA1 dcb60595b2730a8a05eb045563f13cd615830acf SHA256 28a7836b810cf21f6071126d6b19dbdbf567f2544f9283700d125ad653d7519e
 AUX test-sysctl_h.c 54 RMD160 b7c2e5956e0a232193610701ccc57a8d56615a36 SHA1 d727fbe809fbec9157661fbdb6c8077a68d95044 SHA256 19337cae62f1ebc23ca8d8de8a98e7f03c9dd77a671100995d6e7c8a3833e759
-DIST glibc-2.10.1-patches-3.tar.bz2 94174 RMD160 30c60f12792a3e5abfda3c38b83c68d16ee2d7fb SHA1 f27d678001544f8eee4b8bd70139a8d70db1d3ab SHA256 67bef941afa0dbd6d8879680c8bca133d3b3e65c62e253b189ed398635aec867
-DIST glibc-2.10.1.tar.bz2 16106243 RMD160 ca102519ab32714e788a0db5dd43c2f9962c86e9 SHA1 cb478cf9d6e2c905a1a4f4a2cae44a320b8dc50b SHA256 cbad3e637eab613184405a87a2bf08a41991a0e512a3ced60d120effc73de667
 DIST glibc-2.8-20080602.tar.bz2 16235726 RMD160 8781f2b1dbd22c6579208a689be38a444b5242c7 SHA1 68c2bfcf5f385449c3cb7efbf1f0d425d14cdaad SHA256 142eaba19eb85121206ee034fd828ca5dcd1bf2bfa940fef92c37457c06a6d48
 DIST glibc-2.8-patches-6.tar.bz2 103171 RMD160 c6a9710e53fa6b3698aea1a5f0a497155cf2a1c5 SHA1 39fe516a150621fc34418e23ac1c38cb1f7c1406 SHA256 dc335095de83ff4ff405c9aaf5b3ee3d82148888c73b31081ae1c706510973c2
 DIST glibc-2.8-ports-20080602.tar.bz2 469234 RMD160 57ae79a79c6f82f5ff217e9052f4569c136dca7d SHA1 c3a45ea27c9eb1bf99f1caafe085b50951089384 SHA256 1f3665e80b5832f7d281c109bc2f5412521cc9ccc3bd7b499fd493ff5eb9aa9b
 DIST glibc-2.9-20081201.tar.bz2 16430489 RMD160 1e1feb4ee9c0892a0544c05adb6dd249544621cf SHA1 5756ca3b543a370c4ec9ffc8038b72bf0aa61c71 SHA256 6f8e515775e20ed48610860d10315adda418a3649b3465f36ee5cd467364a8f6
 DIST glibc-2.9-patches-5.tar.bz2 101693 RMD160 8cd377be020bf95a30862d77c215c16dc544602f SHA1 103839660f4e55871bf68835f8fec83d9afecdec SHA256 6f61c3e212c82eb118780573ac80d61835ff3a98fbea68b6f03a52009cce7d35
 DIST glibc-2.9-ports-20081201.tar.bz2 487663 RMD160 80eb0035ed2e021e79755d4151ccd6d73cd78d8d SHA1 90a6ecbce37aabe6093c4dd0c8817cbf86321627 SHA256 19bb6e89855171d7ae01aef92054dfe4524521fbc13c67bfaa3ee81944210744
-DIST glibc-libidn-2.10.1.tar.bz2 102248 RMD160 0fbb3ecc09f59f0b9e90e0669bd9cd6075164173 SHA1 50c1ac0d9ddff6eb83f75aa1c4cb84ba6fffa0cd SHA256 0fa72d1dd06a30642d3bb20a659f4ed0f4af54a205d7102896b68169b38676dc
-DIST glibc-ports-2.10.1.tar.bz2 584860 RMD160 1f094d4df18306ccb01037d07f0a0e3014fdfc60 SHA1 3cc9eff22d624c5fb6d951bbcb31b40112238fe7 SHA256 b1f1ec9720036a3a33598b8478eef102535444a083d5b5813a6981ed74ab4071
-EBUILD glibc-2.10.1.ebuild 7977 RMD160 31578e360a6bfef799555efa8b3fcf7362e45e1a SHA1 62eb52ab0531ca2332f30d3914cafbef244ad3b6 SHA256 c4e5ce4eb6efbac65826a45ba30d7a8eda4d96179b827e189b87149996560801
 EBUILD glibc-2.8_p20080602-r3.ebuild 13728 RMD160 d30e8a99f4457056fae2a1b9ef239f0466b45367 SHA1 a314d2b0c3c1c3bc308f25c4faa1d16bd8ca274c SHA256 f46a10aa3391d5bdd1e3b6ed1594c38029c82c56b56d8f7d4b86e1bb4c1340f5
 EBUILD glibc-2.9_p20081201-r4.ebuild 8023 RMD160 bccf2564ea221ee4d4d3982fe060d5043ba0e98a SHA1 8a9de34e334928195ae148742442a958e8cd9e56 SHA256 73193ce7c305620cbbf83d0ecb2f6118cc1624de471f27cdd4dd0f9ed3cebd80
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch
deleted file mode 100644
index e75ccc78..00000000
--- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-configure-picdefault.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Prevent default-fPIE from confusing configure into thinking
-PIC code is default.  This causes glibc to build both PIC and
-non-PIC code as normal, which on the hardened compiler generates
-PIC and PIE.
-
-Patch by Kevin F. Quinn <kevquinn@gentoo.org>
-Fixed for glibc 2.10 by Magnus Granberg <zorry@ume.nu>
-
---- configure.in
-+++ configure.in
-@@ -2145,7 +2145,7 @@
- # error PIC is default.
- #endif
- EOF
--if eval "${CC-cc} -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&AS_MESSAGE_LOG_FD 1>&AS_MESSAGE_LOG_FD"; then
-   libc_cv_pic_default=no
- fi
- rm -f conftest.*])
---- configure
-+++ configure
-@@ -7698,7 +7698,7 @@
- # error PIC is default.
- #endif
- EOF
--if eval "${CC-cc} -S conftest.c 2>&5 1>&5"; then
-+if eval "${CC-cc} -fno-PIE -S conftest.c 2>&5 1>&5"; then
-   libc_cv_pic_default=no
- fi
- rm -f conftest.*
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
deleted file mode 100644
index cb6d8e3c..00000000
--- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
+++ /dev/null
@@ -1,274 +0,0 @@
-When building glibc PIE (which is not something upstream support),
-several modifications are necessary to the glibc build process.
-
-First, any syscalls in PIEs must be of the PIC variant, otherwise
-textrels ensue.  Then, any syscalls made before the initialisation
-of the TLS will fail on i386, as the sysenter variant on i386 uses
-the TLS, giving rise to a chicken-and-egg situation.  This patch
-defines a PIC syscall variant that doesn't use sysenter, even when the sysenter
-version is normally used, and uses the non-sysenter version for the brk
-syscall that is performed by the TLS initialisation.  Further, the TLS
-initialisation is moved in this case prior to the initialisation of
-dl_osversion, as that requires further syscalls.
-
-csu/libc-start.c: Move initial TLS initialization to before the
-initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined
-
-csu/libc-tls.c: Use the no-sysenter version of sbrk when
-INTERNAL_SYSCALL_NOSYSENTER is defined.
-
-misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter
-version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined.
-
-misc/brk.c: Define a no-sysenter version of brk if
-INTERNAL_SYSCALL_NOSYSENTER is defined.
-
-sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER
-Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED.
-
-Patch by Kevin F. Quinn <kevquinn@gentoo.org>
-Fixed for 2.10 by Magnus Granberg <zorry@ume.nu>
-
---- csu/libc-start.c
-+++ csu/libc-start.c
-@@ -28,6 +28,7 @@
- extern int __libc_multiple_libcs;
- 
- #include <tls.h>
-+#include <sysdep.h>
- #ifndef SHARED
- # include <dl-osinfo.h>
- extern void __pthread_initialize_minimal (void);
-@@ -129,6 +130,11 @@
- #  endif
-   _dl_aux_init (auxvec);
- # endif
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+  /* Do the initial TLS initialization before _dl_osversion,
-+     since the latter uses the uname syscall.  */
-+  __pthread_initialize_minimal ();
-+# endif
- # ifdef DL_SYSDEP_OSCHECK
-   if (!__libc_multiple_libcs)
-     {
-@@ -138,10 +144,12 @@
-     }
- # endif
- 
-+# ifndef INTERNAL_SYSCALL_NOSYSENTER
-   /* Initialize the thread library at least a bit since the libgcc
-      functions are using thread functions if these are available and
-      we need to setup errno.  */
-   __pthread_initialize_minimal ();
-+# endif
- 
-   /* Set up the stack checker's canary.  */
-   uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
---- csu/libc-tls.c
-+++ csu/libc-tls.c
-@@ -23,6 +23,7 @@
- #include <unistd.h>
- #include <stdio.h>
- #include <sys/param.h>
-+#include <sysdep.h>
- 
- 
- #ifdef SHARED
-@@ -29,6 +30,9 @@
-  #error makefile bug, this file is for static only
- #endif
- 
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER
-+extern void *__sbrk_nosysenter (intptr_t __delta);
-+#endif
- extern ElfW(Phdr) *_dl_phdr;
- extern size_t _dl_phnum;
- 
-@@ -141,14 +145,26 @@
- 
-      The initialized value of _dl_tls_static_size is provided by dl-open.c
-      to request some surplus that permits dynamic loading of modules with
--     IE-model TLS.  */
-+     IE-model TLS.
-+     
-+     Where the normal sbrk would use a syscall that needs the TLS (i386)
-+     use the special non-sysenter version instead.  */
- #if TLS_TCB_AT_TP
-   tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign);
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+  tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align);
-+# else
-   tlsblock = __sbrk (tcb_offset + tcbsize + max_align);
-+# endif
- #elif TLS_DTV_AT_TP
-   tcb_offset = roundup (tcbsize, align ?: 1);
-+# ifdef INTERNAL_SYSCALL_NOSYSENTER
-+  tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align
-+		     + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
-+# else
-   tlsblock = __sbrk (tcb_offset + memsz + max_align
- 		     + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
-+# endif
-   tlsblock += TLS_PRE_TCB_SIZE;
- #else
-   /* In case a model with a different layout for the TCB and DTV
---- misc/sbrk.c
-+++ misc/sbrk.c
-@@ -18,6 +18,7 @@
- #include <errno.h>
- #include <stdint.h>
- #include <unistd.h>
-+#include <sysdep.h>
- 
- /* Defined in brk.c.  */
- extern void *__curbrk;
-@@ -29,6 +30,35 @@
- /* Extend the process's data space by INCREMENT.
-    If INCREMENT is negative, shrink data space by - INCREMENT.
-    Return start of new space allocated, or -1 for errors.  */
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER
-+/* This version is used by csu/libc-tls.c whem initialising the TLS
-+   if the SYSENTER version requires the TLS (which it does on i386).
-+   Obviously using the TLS before it is initialised is broken. */
-+extern int __brk_nosysenter (void *addr);
-+void *
-+__sbrk_nosysenter (intptr_t increment)
-+{
-+  void *oldbrk;
-+
-+  /* If this is not part of the dynamic library or the library is used
-+     via dynamic loading in a statically linked program update
-+     __curbrk from the kernel's brk value.  That way two separate
-+     instances of __brk and __sbrk can share the heap, returning
-+     interleaved pieces of it.  */
-+  if (__curbrk == NULL || __libc_multiple_libcs)
-+    if (__brk_nosysenter (0) < 0)		/* Initialize the break.  */
-+      return (void *) -1;
-+
-+  if (increment == 0)
-+    return __curbrk;
-+
-+  oldbrk = __curbrk;
-+  if (__brk_nosysenter (oldbrk + increment) < 0)
-+    return (void *) -1;
-+
-+  return oldbrk;
-+}
-+#endif
- void *
- __sbrk (intptr_t increment)
- {
---- sysdeps/unix/sysv/linux/i386/brk.c
-+++ sysdeps/unix/sysv/linux/i386/brk.c
-@@ -31,6 +31,30 @@
-    linker.  */
- weak_alias (__curbrk, ___brk_addr)
- 
-+#ifdef INTERNAL_SYSCALL_NOSYSENTER
-+/* This version is used by csu/libc-tls.c whem initialising the TLS
-+ * if the SYSENTER version requires the TLS (which it does on i386).
-+ * Obviously using the TLS before it is initialised is broken. */
-+int
-+__brk_nosysenter (void *addr)
-+{
-+  void *__unbounded newbrk;
-+
-+  INTERNAL_SYSCALL_DECL (err);
-+  newbrk = (void *__unbounded) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1,
-+						 __ptrvalue (addr));
-+
-+  __curbrk = newbrk;
-+
-+  if (newbrk < addr)
-+    {
-+      __set_errno (ENOMEM);
-+      return -1;
-+    }
-+
-+  return 0;
-+}
-+#endif
- int
- __brk (void *addr)
- {
---- sysdeps/unix/sysv/linux/i386/sysdep.h
-+++ sysdeps/unix/sysv/linux/i386/sysdep.h
-@@ -187,7 +187,7 @@
- /* The original calling convention for system calls on Linux/i386 is
-    to use int $0x80.  */
- #ifdef I386_USE_SYSENTER
--# ifdef SHARED
-+# if defined SHARED || defined __PIC__
- #  define ENTER_KERNEL call *%gs:SYSINFO_OFFSET
- # else
- #  define ENTER_KERNEL call *_dl_sysinfo
-@@ -358,7 +358,7 @@
-    possible to use more than four parameters.  */
- #undef INTERNAL_SYSCALL
- #ifdef I386_USE_SYSENTER
--# ifdef SHARED
-+# if defined SHARED || defined __PIC__
- #  define INTERNAL_SYSCALL(name, err, nr, args...) \
-   ({									      \
-     register unsigned int resultvar;					      \
-@@ -384,6 +384,18 @@
-     : "0" (name), "i" (offsetof (tcbhead_t, sysinfo))			      \
-       ASMFMT_##nr(args) : "memory", "cc");				      \
-     (int) resultvar; })
-+#  define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \
-+  ({									      \
-+    register unsigned int resultvar;					      \
-+    EXTRAVAR_##nr							      \
-+    asm volatile (							      \
-+    LOADARGS_NOSYSENTER_##nr						      \
-+    "movl %1, %%eax\n\t"						      \
-+    "int $0x80\n\t"							      \
-+    RESTOREARGS_NOSYSENTER_##nr						      \
-+    : "=a" (resultvar)							      \
-+    : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc");		      \
-+    (int) resultvar; })
- # else
- #  define INTERNAL_SYSCALL(name, err, nr, args...) \
-   ({									      \
-@@ -447,12 +459,20 @@
- 
- #define LOADARGS_0
- #ifdef __PIC__
--# if defined I386_USE_SYSENTER && defined SHARED
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
- #  define LOADARGS_1 \
-     "bpushl .L__X'%k3, %k3\n\t"
- #  define LOADARGS_5 \
-     "movl %%ebx, %4\n\t"						      \
-     "movl %3, %%ebx\n\t"
-+#  define LOADARGS_NOSYSENTER_1 \
-+    "bpushl .L__X'%k2, %k2\n\t"
-+#  define LOADARGS_NOSYSENTER_2	LOADARGS_NOSYSENTER_1
-+#  define LOADARGS_NOSYSENTER_3	LOADARGS_3
-+#  define LOADARGS_NOSYSENTER_4	LOADARGS_3
-+#  define LOADARGS_NOSYSENTER_5 \
-+    "movl %%ebx, %3\n\t"						      \
-+    "movl %2, %%ebx\n\t"
- # else
- #  define LOADARGS_1 \
-     "bpushl .L__X'%k2, %k2\n\t"
-@@ -474,11 +495,18 @@
- 
- #define RESTOREARGS_0
- #ifdef __PIC__
--# if defined I386_USE_SYSENTER && defined SHARED
-+# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
- #  define RESTOREARGS_1 \
-     "bpopl .L__X'%k3, %k3\n\t"
- #  define RESTOREARGS_5 \
-     "movl %4, %%ebx"
-+#  define RESTOREARGS_NOSYSENTER_1 \
-+    "bpopl .L__X'%k2, %k2\n\t"
-+#  define RESTOREARGS_NOSYSENTER_2	RESTOREARGS_NOSYSENTER_1
-+#  define RESTOREARGS_NOSYSENTER_3	RESTOREARGS_3
-+#  define RESTOREARGS_NOSYSENTER_4	RESTOREARGS_3
-+#  define RESTOREARGS_NOSYSENTER_5 \
-+    "movl %3, %%ebx"
- # else
- #  define RESTOREARGS_1 \
-     "bpopl .L__X'%k2, %k2\n\t"
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch
deleted file mode 100644
index a1c9eef6..00000000
--- a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch
+++ /dev/null
@@ -1,168 +0,0 @@
-Add backwards compat support for gcc-3.x ssp ... older ssp versions
-used __guard and __stack_smash_handler symbols while gcc-4.1 and newer
-uses __stack_chk_guard and __stack_chk_fail.
-
---- config.h.in
-+++ config.h.in
-@@ -42,6 +42,9 @@
-    assembler instructions per line.  Default is `;'  */
- #undef ASM_LINE_SEP
- 
-+/* Define if we want to enable support for old ssp symbols */
-+#undef	ENABLE_OLD_SSP_COMPAT
-+
- /* Define if not using ELF, but `.init' and `.fini' sections are available.  */
- #undef	HAVE_INITFINI
- 
---- configure
-+++ configure
-@@ -1378,6 +1378,9 @@ Optional Features:
-   --enable-kernel=VERSION compile for compatibility with kernel not older than
-                           VERSION
-   --enable-all-warnings   enable all useful warnings gcc can issue
-+  --disable-old-ssp-compat
-+                          enable support for older ssp symbols
-+                          [default=no]
-   --enable-multi-arch     enable single DSO with optimizations for multiple
-                           architectures
-   --enable-experimental-malloc
-@@ -6462,6 +6465,20 @@ fi
- $as_echo "$libc_cv_ssp" >&6; }
- 
- 
-+# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given.
-+if test "${enable_old_ssp_compat+set}" = set; then
-+  enableval="$enable_old_ssp_compat"
-+  enable_old_ssp_compat=$enableval
-+else
-+  enable_old_ssp_compat=no
-+fi;
-+if test "x$enable_old_ssp_compat" = "xyes"; then
-+  cat >>confdefs.h <<\_ACEOF
-+#define ENABLE_OLD_SSP_COMPAT 1
-+_ACEOF
-+
-+fi
-+
- { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5
- $as_echo_n "checking for -fgnu89-inline... " >&6; }
- if test "${libc_cv_gnu89_inline+set}" = set; then
---- configure.in
-+++ configure.in
-@@ -1641,6 +1641,15 @@ fi
- rm -f conftest*])
- AC_SUBST(libc_cv_ssp)
- 
-+AC_ARG_ENABLE([old-ssp-compat],
-+	      AC_HELP_STRING([--enable-old-ssp-compat],
-+	                     [enable support for older ssp symbols @<:@default=no@:>@]),
-+	      [enable_old_ssp_compat=$enableval],
-+	      [enable_old_ssp_compat=no])
-+if test "x$enable_old_ssp_compat" = "xyes"; then
-+  AC_DEFINE(ENABLE_OLD_SSP_COMPAT)
-+fi
-+
- AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl
- cat > conftest.c <<EOF
- int foo;
---- csu/libc-start.c
-+++ csu/libc-start.c
-@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal
- uintptr_t __stack_chk_guard attribute_relro;
- # endif
- #endif
-+#ifdef ENABLE_OLD_SSP_COMPAT
-+uintptr_t __guard attribute_relro;
-+#endif
- 
- #ifdef HAVE_PTR_NTHREADS
- /* We need atomic operations.  */
-@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char 
- 
-   /* Set up the stack checker's canary.  */
-   uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
-+#ifdef ENABLE_OLD_SSP_COMPAT
-+  __guard = stack_chk_guard;
-+#endif
- # ifdef THREAD_SET_STACK_GUARD
-   THREAD_SET_STACK_GUARD (stack_chk_guard);
- # else
---- csu/Versions
-+++ csu/Versions
-@@ -17,6 +17,12 @@ libc {
-     # New special glibc functions.
-     gnu_get_libc_release; gnu_get_libc_version;
-   }
-+  GLIBC_2.3.2 {
-+%ifdef ENABLE_OLD_SSP_COMPAT
-+    # global objects and functions for the old propolice patch in gcc
-+    __guard;
-+%endif
-+  }
-   GLIBC_PRIVATE {
- %if HAVE___THREAD
-     # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol.
---- debug/Versions
-+++ debug/Versions
-@@ -10,6 +10,12 @@ libc {
-     # These are to support some gcc features.
-     __cyg_profile_func_enter; __cyg_profile_func_exit;
-   }
-+%ifdef ENABLE_OLD_SSP_COMPAT
-+  GLIBC_2.3.2 {
-+    # backwards ssp compat support; alias to __stack_chk_fail
-+    __stack_smash_handler;
-+  }
-+%endif
-   GLIBC_2.3.4 {
-     __chk_fail;
-     __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk;
---- elf/rtld.c
-+++ elf/rtld.c
-@@ -89,6 +89,9 @@ INTDEF(_dl_argv)
-    in thread local area.  */
- uintptr_t __stack_chk_guard attribute_relro;
- #endif
-+#ifdef ENABLE_OLD_SSP_COMPAT
-+uintptr_t __guard attribute_relro;
-+#endif
- 
- /* Only exported for architectures that don't store the pointer guard
-    value in thread local area.  */
-@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load
- 
-   /* Set up the stack checker's canary.  */
-   uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
-+#ifdef ENABLE_OLD_SSP_COMPAT
-+  __guard = stack_chk_guard;
-+#endif
- #ifdef THREAD_SET_STACK_GUARD
-   THREAD_SET_STACK_GUARD (stack_chk_guard);
- #else
---- elf/Versions
-+++ elf/Versions
-@@ -43,6 +43,12 @@ ld {
-     # runtime interface to TLS
-     __tls_get_addr;
-   }
-+%ifdef ENABLE_OLD_SSP_COMPAT
-+  GLIBC_2.3.2 {
-+    # backwards ssp compat support
-+    __guard;
-+  }
-+%endif
-   GLIBC_2.4 {
-     # stack canary
-     __stack_chk_guard;
---- Versions.def
-+++ Versions.def
-@@ -109,6 +109,9 @@ ld {
-   GLIBC_2.0
-   GLIBC_2.1
-   GLIBC_2.3
-+%ifdef ENABLE_OLD_SSP_COMPAT
-+  GLIBC_2.3.2
-+%endif
-   GLIBC_2.4
-   GLIBC_PRIVATE
- }
diff --git a/sys-libs/glibc/glibc-2.10.1.ebuild b/sys-libs/glibc/glibc-2.10.1.ebuild
deleted file mode 100644
index 57158706..00000000
--- a/sys-libs/glibc/glibc-2.10.1.ebuild
+++ /dev/null
@@ -1,240 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: $
-
-inherit eutils versionator libtool toolchain-funcs flag-o-matic gnuconfig multilib
-
-DESCRIPTION="GNU libc6 (also called glibc2) C library"
-HOMEPAGE="http://www.gnu.org/software/libc/libc.html"
-
-LICENSE="LGPL-2"
-KEYWORDS="~amd64 ~x86"
-RESTRICT="strip" # strip ourself #46186
-EMULTILIB_PKG="true"
-
-# Configuration variables
-if [[ ${PV} == *_p* ]] ; then
-RELEASE_VER=${PV%_p*}
-BRANCH_UPDATE=""
-SNAP_VER=${PV#*_p}
-LIBIDN_VER=""
-else
-RELEASE_VER=${PV}
-BRANCH_UPDATE=""
-SNAP_VER=""
-LIBIDN_VER=${RELEASE_VER}
-fi
-MANPAGE_VER=""                                 # pregenerated manpages
-INFOPAGE_VER=""                                # pregenerated infopages
-PATCH_VER="3"                                  # Gentoo patchset
-PORTS_VER=${RELEASE_VER}                       # version of glibc ports addon
-LT_VER=""                                      # version of linuxthreads addon
-NPTL_KERN_VER=${NPTL_KERN_VER:-"2.6.9"}        # min kernel version nptl requires
-#LT_KERN_VER=${LT_KERN_VER:-"2.4.1"}           # min kernel version linuxthreads requires
-
-IUSE="debug gd glibc-omitfp hardened multilib nls selinux profile vanilla crosscompile_opts_headers-only ${LT_VER:+glibc-compat20 nptl nptlonly}"
-S=${WORKDIR}/glibc-${RELEASE_VER}${SNAP_VER:+-${SNAP_VER}}
-
-# Here's how the cross-compile logic breaks down ...
-#  CTARGET - machine that will target the binaries
-#  CHOST   - machine that will host the binaries
-#  CBUILD  - machine that will build the binaries
-# If CTARGET != CHOST, it means you want a libc for cross-compiling.
-# If CHOST != CBUILD, it means you want to cross-compile the libc.
-#  CBUILD = CHOST = CTARGET    - native build/install
-#  CBUILD != (CHOST = CTARGET) - cross-compile a native build
-#  (CBUILD = CHOST) != CTARGET - libc for cross-compiler
-#  CBUILD != CHOST != CTARGET  - cross-compile a libc for a cross-compiler
-# For install paths:
-#  CHOST = CTARGET  - install into /
-#  CHOST != CTARGET - install into /usr/CTARGET/
-
-export CBUILD=${CBUILD:-${CHOST}}
-export CTARGET=${CTARGET:-${CHOST}}
-if [[ ${CTARGET} == ${CHOST} ]] ; then
-	if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then
-		export CTARGET=${CATEGORY/cross-}
-	fi
-fi
-
-[[ ${CTARGET} == hppa* ]] && NPTL_KERN_VER=${NPTL_KERN_VER/2.6.9/2.6.20}
-
-is_crosscompile() {
-	[[ ${CHOST} != ${CTARGET} ]]
-}
-alt_libdir() {
-	if is_crosscompile ; then
-		echo /usr/${CTARGET}/$(get_libdir)
-	else
-		echo /$(get_libdir)
-	fi
-}
-
-if is_crosscompile ; then
-	SLOT="${CTARGET}-2.2"
-else
-	# Why SLOT 2.2 you ask yourself while sippin your tea ?
-	# Everyone knows 2.2 > 0, duh.
-	SLOT="2.2"
-	PROVIDE="virtual/libc"
-fi
-
-# General: We need a new-enough binutils for as-needed
-# arch: we need to make sure our binutils/gcc supports TLS
-DEPEND=">=sys-devel/gcc-3.4.4
-	arm? ( >=sys-devel/binutils-2.16.90 >=sys-devel/gcc-4.1.0 )
-	ppc? ( >=sys-devel/gcc-4.1.0 )
-	ppc64? ( >=sys-devel/gcc-4.1.0 )
-	>=sys-devel/binutils-2.15.94
-	${LT_VER:+nptl? (} >=sys-kernel/linux-headers-${NPTL_KERN_VER} ${LT_VER:+)}
-	>=sys-devel/gcc-config-1.3.12
-	>=app-misc/pax-utils-0.1.10
-	virtual/os-headers
-	nls? ( sys-devel/gettext )
-	>=sys-apps/sandbox-1.2.18.1-r2
-	>=sys-apps/portage-2.1.2
-	selinux? ( sys-libs/libselinux )"
-RDEPEND="!sys-kernel/ps3-sources
-	nls? ( sys-devel/gettext )
-	selinux? ( sys-libs/libselinux )"
-
-if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then
-	DEPEND="${DEPEND} ${CATEGORY}/gcc"
-	[[ ${CATEGORY} == *-linux* ]] && DEPEND="${DEPEND} ${CATEGORY}/linux-headers"
-else
-	DEPEND="${DEPEND} >=sys-libs/timezone-data-2007c"
-	RDEPEND="${RDEPEND} sys-libs/timezone-data"
-fi
-
-SRC_URI=$(
-	upstream_uris() {
-		echo mirror://gnu/glibc/$1 ftp://sources.redhat.com/pub/glibc/{releases,snapshots}/$1 mirror://gentoo/$1
-	}
-	gentoo_uris() {
-		local devspace="HTTP~vapier/dist/URI HTTP~azarah/glibc/URI"
-		devspace=${devspace//HTTP/http://dev.gentoo.org/}
-		echo mirror://gentoo/$1 ${devspace//URI/$1}
-	}
-
-	TARNAME=${PN}
-	if [[ -n ${SNAP_VER} ]] ; then
-		TARNAME="${PN}-${RELEASE_VER}"
-		[[ -n ${PORTS_VER} ]] && PORTS_VER=${SNAP_VER}
-		upstream_uris ${TARNAME}-${SNAP_VER}.tar.bz2
-	else
-		upstream_uris ${TARNAME}-${RELEASE_VER}.tar.bz2
-	fi
-	[[ -n ${LIBIDN_VER}    ]] && upstream_uris glibc-libidn-${LIBIDN_VER}.tar.bz2
-	[[ -n ${PORTS_VER}     ]] && upstream_uris ${TARNAME}-ports-${PORTS_VER}.tar.bz2
-	[[ -n ${LT_VER}        ]] && upstream_uris ${TARNAME}-linuxthreads-${LT_VER}.tar.bz2
-	[[ -n ${BRANCH_UPDATE} ]] && gentoo_uris glibc-${RELEASE_VER}-branch-update-${BRANCH_UPDATE}.patch.bz2
-	[[ -n ${PATCH_VER}     ]] && gentoo_uris glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.bz2
-	[[ -n ${MANPAGE_VER}   ]] && gentoo_uris glibc-manpages-${MANPAGE_VER}.tar.bz2
-	[[ -n ${INFOPAGE_VER}  ]] && gentoo_uris glibc-infopages-${INFOPAGE_VER}.tar.bz2
-)
-
-# eblit-include [--skip] <function> [version]
-eblit-include() {
-	local skipable=false
-	[[ $1 == "--skip" ]] && skipable=true && shift
-	[[ $1 == pkg_* ]] && skipable=true
-
-	local e v func=$1 ver=$2
-	[[ -z ${func} ]] && die "Usage: eblit-include <function> [version]"
-	for v in ${ver:+-}${ver} -${PVR} -${PV} "" ; do
-		e="${FILESDIR}/eblits/${func}${v}.eblit"
-		if [[ -e ${e} ]] ; then
-			source "${e}"
-			return 0
-		fi
-	done
-	${skipable} && return 0
-	die "Could not locate requested eblit '${func}' in ${FILESDIR}/eblits/"
-}
-
-# eblit-run-maybe <function>
-# run the specified function if it is defined
-eblit-run-maybe() {
-	[[ $(type -t "$@") == "function" ]] && "$@"
-}
-
-# eblit-run <function> [version]
-# aka: src_unpack() { eblit-run src_unpack ; }
-eblit-run() {
-	eblit-include --skip common "${*:2}"
-	eblit-include "$@"
-	eblit-run-maybe eblit-$1-pre
-	eblit-${PN}-$1
-	eblit-run-maybe eblit-$1-post
-}
-
-src_unpack()  { eblit-run src_unpack  ; }
-src_compile() { eblit-run src_compile ; }
-src_test()    { eblit-run src_test    ; }
-src_install() { eblit-run src_install ; }
-
-# FILESDIR might not be available during binpkg install
-for x in setup {pre,post}inst ; do
-	e="${FILESDIR}/eblits/pkg_${x}.eblit"
-	if [[ -e ${e} ]] ; then
-		. "${e}"
-		eval "pkg_${x}() { eblit-run pkg_${x} ; }"
-	fi
-done
-
-eblit-src_unpack-post() {
-	if use hardened ; then
-		cd "${S}"
-		einfo "Patching to get working PIE binaries on PIE (hardened) platforms"
-		gcc-specs-pie && epatch "${FILESDIR}"/2.5/glibc-2.5-hardened-pie.patch
-		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch
-		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
-
-		einfo "Patching Glibc to support older SSP __guard"
-		epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-ssp-compat.patch
-
-		einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"
-		cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \
-			debug/stack_chk_fail.c || die
-		cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-chk_fail.c \
-			debug/chk_fail.c || die
-
-		if use debug ; then
-			# When using Hardened Gentoo stack handler, have smashes dump core for
-			# analysis - debug only, as core could be an information leak
-			# (paranoia).
-			sed -i \
-				-e '/^CFLAGS-backtrace.c/ iCFLAGS-stack_chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
-				debug/Makefile \
-				|| die "Failed to modify debug/Makefile for debug stack handler"
-			sed -i \
-				-e '/^CFLAGS-backtrace.c/ iCFLAGS-chk_fail.c = -DSSP_SMASH_DUMPS_CORE' \
-				debug/Makefile \
-				|| die "Failed to modify debug/Makefile for debug fortify handler"
-		fi
-
-		# Build nscd with ssp-all
-		sed -i \
-			-e 's:-fstack-protector$:-fstack-protector-all:' \
-			nscd/Makefile \
-			|| die "Failed to ensure nscd builds with ssp-all"
-	fi
-}
-
-maint_pkg_create() {
-	local base="/usr/local/src/gnu/glibc/glibc-${PV:0:1}_${PV:2:1}"
-	cd ${base}
-	local stamp=$(date +%Y%m%d)
-	local d
-	for d in libc ports ; do
-		#(cd ${d} && cvs up)
-		case ${d} in
-			libc)  tarball="${P}";;
-			ports) tarball="${PN}-ports-${PV}";;
-		esac
-		rm -f ${tarball}*
-		ln -sf ${d} ${tarball}
-		tar hcf - ${tarball} --exclude-vcs | lzma > "${T}"/${tarball}.tar.lzma
-		du -b "${T}"/${tarball}.tar.lzma
-	done
-}