Re: Better communication about spectre/meltdown

To: Ben Hutchings <ben@decadent.org.uk>
Cc: Antoine Beaupré <anarcat@orangeseeds.org>, Moritz Mühlenhoff <jmm@inutil.org>, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: Better communication about spectre/meltdown
From: Roberto C. Sánchez <roberto@debian.org>
Date: Thu, 1 Mar 2018 07:56:45 -0500
Message-id: <[🔎] 20180301125645.wt3nkodmksce3a6v@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, Ben Hutchings <ben@decadent.org.uk>, Antoine Beaupré <anarcat@orangeseeds.org>, Moritz Mühlenhoff <jmm@inutil.org>, debian-lts@lists.debian.org, team@security.debian.org
In-reply-to: <1519686363.2617.351.camel@decadent.org.uk>
References: <20180208151003.GA24080@home.ouaza.com> <20180215113312.GA9304@home.ouaza.com> <20180215195642.GA22972@inutil.org> <20180225135405.qj22tgl47lpglypl@connexer.com> <20180225180412.GA12589@pisco.westfalen.local> <20180225185707.gnuiabby352mahvs@connexer.com> <871sh7tu7z.fsf@curie.anarc.at> <1519686363.2617.351.camel@decadent.org.uk>

On Mon, Feb 26, 2018 at 11:06:03PM +0000, Ben Hutchings wrote:
> 
> It will almost certainly build correctly with 4.9 on x86.  AIUI the
> Spectre mitigations in gcc are x86-specific, so there's no value in
> changing it for ARM and there would be a risk of exceeding code size
> limits on armel.  The kernel package already has provision for using
> different compiler versions per-architecture.
> 
So, I have let this issue alone for several days but there does not
appear to be much discussion, or even a consensus. I would really like
some definitive guidance (especially from people who know the kernel
better than I).

As I do not know what would be involved in a gcc 4.9 backport or how
complex it would be, my intent to is to do the following: attempt to get
the wheezy kernel building in a jessie chroot with gcc-4.9 and, if that
succeeds, investigate the feasibility of building a gcc 4.9 backport for
wheezy. If that works, I envision there would be two advisories arising
from it:

 - a DLA for the new gcc-4.9 backport
 - a DLA for an updated amd64 (and i386?) kernel build with gcc 4.9

Of course, if this looks like it would be substantially more complex, I
will again ask for guidance, but the likely course at that point seems
to implement the necessary option parsing in gcc 4.6.

I suppose another possibility would be to backport the patches to gcc
4.7 instead of 4.6 and switch the kernel build to gcc 4.7. Would that be
considered to introduce less risk than bringing gcc 4.9 into wheezy at
this stage?

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Follow-Ups:
- Re: Better communication about spectre/meltdown
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: Better communication about spectre/meltdown
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Re: Wheezy update of freexl?
Next by Date: LTS Report for February 2018
Previous by thread: Re: Wheezy update of freexl?
Next by thread: Re: Better communication about spectre/meltdown
Index(es):
- Date
- Thread