i've just finished working on a new toolchain for Efika. It is a very hard and time consuming task - since it's going to be a hardened toolchain, creating a special kind of binaries, to mittigate most of the attacks. After a lot of help i've got from the uclibc and embedded gentoo projects (yes, i know hardened gentoo should be interested in ppc - but that's typical, they don't care at all because it works on x86). finally i have what i was expecting. cross hardened toolchain, with support for PIE, SSP, secure plt (required many days of co-work with uclibc hacker). PaX project that's going to be used here have also been tested on Efika with success (both on vanilla and hardened userland). Same goes for RSBAC - makes no problems and just works. Aparently, the most problems i'm having come from autoconf/automake crap (gues why i'm calling it autocrap ;) - many of tests it does before setting up a build enviroment for application is done by compiling some small app for a target ppc and trying to run it. That's breaking cross compilation all the time, so i have to develop some 'hacks' to get around it. Other applications are also trying to make my life 'interesting' - using say, altivec instructions even if i explictly specyfiy i don't want one. It took me a lot of time before i've discovered this strange behaviour - apps were just segfaulting without any good reason. Hacking into source code does fix it...but i'm really disapointed. The only thing i can do is fill a bug and hope somebody fixes it upstream.