Re: Better communication about spectre/meltdown
On 2018-02-25 13:57:07, Roberto C. Sánchez wrote:
> On Sun, Feb 25, 2018 at 07:04:12PM +0100, Moritz Mühlenhoff wrote:
>> On Sun, Feb 25, 2018 at 08:54:06AM -0500, Roberto C. Sánchez wrote:
>> > Hi all,
>> >
>> > Please see my rather long-winded summary of the current state of the
>> > gcc-4.6/gcc-4.7 update. The bottom line is that I am looking for opions
>> > and/or guidance for how to proceed.
>>
>> Why 4.6 _and_ 4.7? Only the compiler used for building the amd64 3.2 kernel
>> is relevant here?
>>
> Both are triaged in dla-needed.txt. In any event, I have done no work at
> all on 4.7 at this point, other than to observe that my investigation
> into the differences in the option parsing code (which was the only
> significant difficulty I encountered in backport the 4.9 patches) made
> me think that backporting the 4.9 patches to 4.7 would be *easier* than
> the backport to 4.6.
>
> As far as I know, it has not been decided that 4.7 will be patched.
jessie also has two gcc compilers from what I can tell (4.8 and 4.9)
yet, the security team is concentrating only on one (4.9). It seems like
we should do the same (concentrate on a single compiler).
is there anything blocking the use of the 4.9 compiler in wheezy, short
of, of course, the backport itself? It's true it's kind of nuts to
introduce a *third* toolchain in a LTS update, but I wonder how feasible
it is to maintain the two that are already there in the long term, if
we're already having trouble with 4.6...
Can't the wheezy kernel build with 4.7 or 4.9 correctly? I guess that
involves the buildds as well...?
Note that only the 4.9.x series has seen upstream releases in the last
~3 years. The last 4.7 release is 4.7.4, from june 2014, and for 4.6.x,
4.6.4 in April 2013. Have anyone tried to contact upstream to see if
they are backporting those changes in any official capacity?
A.
--
I'm no longer accepting the things I cannot change.
I'm changing the things I cannot accept.
- Angela Davis
Reply to: