Re: Better communication about spectre/meltdown
On Sun, Feb 18, 2018 at 01:39:13AM +0000, Ben Hutchings wrote:
> On Thu, 2018-02-15 at 20:56 +0100, Moritz Muehlenhoff wrote:
> > On Thu, Feb 15, 2018 at 12:33:12PM +0100, Raphael Hertzog wrote:
> > > On IRC I learned that Moritz Muehlenhoff (jmm) started the work of
> > > bakcporting retpoline to gcc-4.9 for jessie. We need to do the same
> > > for gcc-4.6 (and maybe gcc-4.7) in wheezy. gcc-4.6 is used for the
> > > kernel build so that's the important target really.
> >
> > Or rather introduce gcc-4.9 as a new source package to wheezy LTS
> > which can then be used for the kernel build (once 3.2.x has
> > retpoline backported).
> >
> > For the architectures supported in LTS the compiler difference
> > between 4.6 and 4.9 should not matter.
>
> I hope so, but that's quite a large jump.
Maybe using HJ Lu's patches for 4.9 against 4.6 also works out
just fine, but it's hard to tell.
> Won't we also rebuild firefox-esr and xen with retpoline?
The spectre v2 fix for Xen is still WIP, that remains to be seen.
Firefox doesn't use it either (and I doubt they build their MacOS
or Windows binaries with GCC), so they'll probably work out a
custom solution, but we're following their ESR releases, so it
will trickle in naturally over time (only probably not for ESR52
anyway)
Cheers,
Moritz
Reply to: