GNU bug report logs - #30111
[PATCH] gnu: gcc@7: Use retpoline options when building itself.

Previous Next

Package: guix-patches;

Reported by: Alex Vong <alexvong1995 <at> gmail.com>

Date: Sun, 14 Jan 2018 13:10:01 UTC

Severity: normal

Tags: patch, security

Done: zimoun <zimon.toutoune <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #18 received at 30111 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Alex Vong <alexvong1995 <at> gmail.com>
Cc: 30111 <at> debbugs.gnu.org
Subject: Re: [bug#30111] gnu: gcc <at> 7: Apply the 'retpoline' mitigation
 technique.
Date: Tue, 16 Jan 2018 15:33:57 +0100

Hi Alex,

Alex Vong <alexvong1995 <at> gmail.com> skribis:

> From aea3d11f59e260111bdb8bcac458c97a946fa900 Mon Sep 17 00:00:00 2001
> From: Alex Vong <alexvong1995 <at> gmail.com>
> Date: Tue, 16 Jan 2018 20:32:32 +0800
> Subject: [PATCH] gnu: gcc <at> 7: Apply the 'retpoline' mitigation technique.
>
> This is part of Spectre (branch target injection) [CVE-2017-5715]
> mitigation. Suggested by Mark H Weaver <mhw <at> netris.org>.
>
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/gcc.scm (gcc <at> 7): Use them.
> * gnu/packages/patches/gcc-retpoline-Change-V-to-bare-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch,
> gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch,
> gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch,
> gnu/packages/patches/gcc-retpoline-indirect-thunk-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-V-register-operand-modifier.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mfunction-return.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch-register.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch.patch,
> gnu/packages/patches/gcc-retpoline-x86-Disallow-mindirect-branch-mfunction-return-with-.patch:
> New files.

I’d suggest removing the test suite changes from the patches (currently
we don’t run GCC’s test suite.)  Also, ‘guix lint’ may suggest using
shorter file names.

Do you know if a new 7.x including retpoline support is scheduled for
release soon?

Thanks,
Ludo’.
This bug report was last modified 4 years and 153 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.