diff --git a/contrib/devtools/symbol-check.py b/contrib/devtools/symbol-check.py
--- a/contrib/devtools/symbol-check.py
+++ b/contrib/devtools/symbol-check.py
@@ -36,17 +36,18 @@
 #   (glibc)    GLIBC_2_19
 #
 MAX_VERSIONS = {
-    'GCC':     (4, 8, 0),
-    'CXXABI':  (1, 3, 7),
-    'GLIBCXX': (3, 4, 18),
-    'GLIBC':   (2, 19)
+    'GCC':       (4, 8, 0),
+    'CXXABI':    (1, 3, 7),
+    'GLIBCXX':   (3, 4, 18),
+    'GLIBC':     (2, 19),
+    'LIBATOMIC': (1, 0)
 }
 # See here for a description of _IO_stdin_used:
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109
 
 # Ignore symbols that are exported as part of every executable
 IGNORE_EXPORTS = {
-    '_edata', '_end', '_init', '__bss_start', '_fini', '_IO_stdin_used', 'stdin', 'stdout', 'stderr',
+    '_edata', '_end', '__end__', '_init', '__bss_start', '__bss_start__', '_bss_end__', '__bss_end__', '_fini', '_IO_stdin_used', 'stdin', 'stdout', 'stderr',
     # Figure out why we get these symbols exported on xenial.
     '_ZNKSt5ctypeIcE8do_widenEc', 'in6addr_any', 'optarg',
     '_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE2EE10_M_destroyEv'
@@ -62,8 +63,11 @@
     'libanl.so.1',  # DNS resolve
     'libm.so.6',  # math library
     'librt.so.1',  # real-time (clock)
+    'libatomic.so.1',
     'ld-linux-x86-64.so.2',  # 64-bit dynamic linker
     'ld-linux.so.2',  # 32-bit dynamic linker
+    'ld-linux-aarch64.so.1',  # 64-bit ARM dynamic linker
+    'ld-linux-armhf.so.3',  # 32-bit ARM dynamic linker
     # bitcoin-qt only
     'libX11-xcb.so.1',  # part of X11
     'libX11.so.6',  # part of X11
@@ -72,6 +76,12 @@
     'libfreetype.so.6',  # font parsing
     'libdl.so.2'  # programming interface to dynamic linker
 }
+ARCH_MIN_GLIBC_VER = {
+    '80386':  (2, 1),
+    'X86-64': (2, 2, 5),
+    'ARM':    (2, 4),
+    'AArch64': (2, 17)
+}
 
 
 class CPPFilt(object):
@@ -101,7 +111,7 @@
     Parse an ELF executable and return a list of (symbol,version) tuples
     for dynamic, imported symbols.
     '''
-    p = subprocess.Popen([READELF_CMD, '--dyn-syms', '-W', executable], stdout=subprocess.PIPE,
+    p = subprocess.Popen([READELF_CMD, '--dyn-syms', '-W', '-h', executable], stdout=subprocess.PIPE,
                          stderr=subprocess.PIPE, stdin=subprocess.PIPE, universal_newlines=True)
     (stdout, stderr) = p.communicate()
     if p.returncode:
@@ -110,17 +120,19 @@
     syms = []
     for line in stdout.splitlines():
         line = line.split()
+        if 'Machine:' in line:
+            arch = line[-1]
         if len(line) > 7 and re.match('[0-9]+:$', line[0]):
             (sym, _, version) = line[7].partition('@')
             is_import = line[6] == 'UND'
             if version.startswith('@'):
                 version = version[1:]
             if is_import == imports:
-                syms.append((sym, version))
+                syms.append((sym, version, arch))
     return syms
 
 
-def check_version(max_versions, version):
+def check_version(max_versions, version, arch):
     if '_' in version:
         (lib, _, ver) = version.rpartition('_')
     else:
@@ -129,7 +141,7 @@
     ver = tuple([int(x) for x in ver.split('.')])
     if not lib in max_versions:
         return False
-    return ver <= max_versions[lib]
+    return ver <= max_versions[lib] or lib == 'GLIBC' and ver <= ARCH_MIN_GLIBC_VER[arch]
 
 
 def read_libraries(filename):
@@ -156,13 +168,13 @@
     retval = 0
     for filename in sys.argv[1:]:
         # Check imported symbols
-        for sym, version in read_symbols(filename, True):
-            if version and not check_version(MAX_VERSIONS, version):
+        for sym, version, arch in read_symbols(filename, True):
+            if version and not check_version(MAX_VERSIONS, version, arch):
                 print('{}: symbol {} from unsupported version {}'.format(
                     filename, cppfilt(sym), version))
                 retval = 1
         # Check exported symbols
-        for sym, version in read_symbols(filename, False):
+        for sym, version, arch in read_symbols(filename, False):
             if sym in IGNORE_EXPORTS:
                 continue
             print('{}: export of symbol {} not allowed'.format(
diff --git a/contrib/gitian-descriptors/gitian-linux.yml b/contrib/gitian-descriptors/gitian-linux.yml
--- a/contrib/gitian-descriptors/gitian-linux.yml
+++ b/contrib/gitian-descriptors/gitian-linux.yml
@@ -161,17 +161,7 @@
     CONFIG_SITE=${BASEPREFIX}/${i}/share/config.site ./configure --prefix=/ --disable-ccache --disable-maintainer-mode --disable-dependency-tracking ${CONFIGFLAGS} CFLAGS="${HOST_CFLAGS}" CXXFLAGS="${HOST_CXXFLAGS}" LDFLAGS="${HOST_LDFLAGS}"
     make ${MAKEOPTS}
     make ${MAKEOPTS} -C src check-security
-
-    #TODO: This is a quick hack that disables symbol checking for arm.
-    #      Instead, we should investigate why these are popping up.
-    #      For aarch64, we'll need to bump up the min GLIBC version, as the abi
-    #      support wasn't introduced until 2.17.
-    case $i in
-       aarch64-*) : ;;
-       arm-*) : ;;
-       *) make ${MAKEOPTS} -C src check-symbols ;;
-    esac
-
+    make ${MAKEOPTS} -C src check-symbols
     make install DESTDIR=${INSTALLPATH}
     cd installed
     find . -name "lib*.la" -delete