From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: [PATCHES] gnu: linux-libre: Full retpoline support on x86
	[spectre mitigation]
Date: Tue, 23 Jan 2018 16:04:04 -0500
Message-ID: <20180123210404.GA24348@jasmine.lan>
References: <87po648e2n.fsf@netris.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="EeQfGwPcQSOJBaQU"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36234)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1ee5jm-0007IR-2z
	for guix-devel@gnu.org; Tue, 23 Jan 2018 16:04:10 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1ee5ji-0006d8-Qx
	for guix-devel@gnu.org; Tue, 23 Jan 2018 16:04:10 -0500
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:48953)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1ee5ji-0006cy-Mu
	for guix-devel@gnu.org; Tue, 23 Jan 2018 16:04:06 -0500
Content-Disposition: inline
In-Reply-To: <87po648e2n.fsf@netris.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Mark H Weaver <mhw@netris.org>
Cc: guix-devel@gnu.org


--EeQfGwPcQSOJBaQU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jan 20, 2018 at 03:34:08PM -0500, Mark H Weaver wrote:
> Here are two patches that:
>=20
> * Add gcc-7.3.0-RC-20180117, which includes support for retpoline.
> * Use gcc-7.3 to build linux-libre on x86 systems.
>=20
> I'm currently running linux-libre-4.14.14 with full retpoline support:
>=20
>   mhw@jojen ~$ cd /sys/devices/system/cpu/vulnerabilities
>   mhw@jojen /sys/devices/system/cpu/vulnerabilities$ grep . *
>   meltdown:Mitigation: PTI
>   spectre_v1:Vulnerable
>   spectre_v2:Mitigation: Full generic retpoline
>=20
> There's also support for retpoline in linux-libre-4.9.77, but none yet
> in earlier kernels.
>=20
> My question is: should we push these patches to 'master' now, or should
> we wait until gcc-7.3 is released (possibly as soon as January 24)?

I'm used this compiler and Guix packages to build a custom Linux 4.14.14
and have used it on my laptop for a day or so now. No problems and the
kernel does see the retpoline:

$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic=
 retpoline

--EeQfGwPcQSOJBaQU
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlpno0QACgkQJkb6MLrK
fwjSpg//Yktt6/bmTuiCUPoDG4V5T1YhrgKKMibhK8kLAqik7SrCNeOAmaaW8pkn
LI6vLdAkPAdx66G3UCpf2p/H25GLGvcGv/40XT7GdvJJ5doWPfj+xu/R9TgPZkRz
2tQNKzHL5c7lDPs5NtId+LkyYOl0ZM2/qOtEGzPVDCygz7lF1l4qDQX/2abm6Gi5
j2ln+bRau1pHPmMq+9xdeo6bjjyS7lAajYBc7Yl/lbK3EBUvsSVEGmLB54Ssor7V
V+SzpGuhYjLx9FcQkvIoBe1+jU5BzCRRInGFhX0VBBM7wUfwGrv+55jhe8Q8DduD
zRpi+rGeuX9Zrbpy43Tn3eyrrfXFG9hyGRYPOo9bWGO/lN5JUtFBSwHU07v5gy/t
GakhoF/x99izpFKeKtwnd7wT5KszzS2cHvV9BpdtRLV7Hp/7HqZ0OcPuBQAKcjEO
MvBlB3MYmMYcvLnVTuKs19mxgKcNfPCEkMD1ugOL3x/O2U3xUI5PyvSlMudTJBub
4wPOafZSp17MDRk+u84hPcpEcpC2DEqzKA+lj8FBjTs5SFL2I1jfjozda6fMIyzk
LHdef3YX5p+jN/BoWiO/+vIJfHqq3J0otbAnaLUKSY3/2RjwMt4gPvHpgoYq9ehM
+kEyPSlhKWU5Y1ZSJ/ea7/3SSZdWTEw/6Prgohpto1fKU/7/ujA=
=vN7/
-----END PGP SIGNATURE-----

--EeQfGwPcQSOJBaQU--