On Sat, 2018-03-03 at 20:40 +0000, Ben Hutchings wrote: > On Sat, 2018-03-03 at 11:07 -0500, Roberto C. Sánchez wrote: > > On Sat, Mar 03, 2018 at 03:22:14PM +0000, Ben Hutchings wrote: > > > > > > I think that backporting gcc-4.9 and building the kernel with it (for > > > x86) is lower risk than backporting the retpoline patches to gcc-4.7 > > > and building the kernel with that. (In fact it's not just the kernel; > > > if you change gcc-4.7 that has the potential to affect most updates to > > > wheezy, even though use of retpoline should be disabled by defaul.) > > > > > > > Thanks for clarifying. > > > > I will work on backporting your patched gcc-4.9 to wheezy. Should I also > > start working on getting the wheezy kernel building with gcc-4.9? I > > understand that an upload must wait for the kernel microde update you > > mentioned previously. > > I can handle the kernel changes. I've pushed a new branch > (wheezy-security-retpoline) to > https://anonscm.debian.org/cgit/kernel/linux.git/ > > This builds with gcc-4.9 from jessie. However it doesn't (yet) > actually enable use of retpoline. I'm now working on backporting Spectre mitigations to the 3.16 and 3.2 stable branches. Ben. -- Ben Hutchings compatible: Gracefully accepts erroneous data from any source
Attachment:
signature.asc
Description: This is a digitally signed message part