From: Mark H Weaver <mhw@netris.org>
To: guix-devel@gnu.org
Subject: [PATCHES] gnu: linux-libre: Full retpoline support on x86 [spectre mitigation]
Date: Sat, 20 Jan 2018 15:34:08 -0500 [thread overview]
Message-ID: <87po648e2n.fsf@netris.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 685 bytes --]
Here are two patches that:
* Add gcc-7.3.0-RC-20180117, which includes support for retpoline.
* Use gcc-7.3 to build linux-libre on x86 systems.
I'm currently running linux-libre-4.14.14 with full retpoline support:
mhw@jojen ~$ cd /sys/devices/system/cpu/vulnerabilities
mhw@jojen /sys/devices/system/cpu/vulnerabilities$ grep . *
meltdown:Mitigation: PTI
spectre_v1:Vulnerable
spectre_v2:Mitigation: Full generic retpoline
There's also support for retpoline in linux-libre-4.9.77, but none yet
in earlier kernels.
My question is: should we push these patches to 'master' now, or should
we wait until gcc-7.3 is released (possibly as soon as January 24)?
Mark
[-- Attachment #2: [PATCH 1/2] gnu: gcc: Add gcc 7.3.0-RC-20180117 [includes retpoline support] --]
[-- Type: text/x-patch, Size: 2277 bytes --]
From 387a02c3f9e157bdf40b2b5ad0e53e5b209f3aa5 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Sat, 20 Jan 2018 15:15:19 -0500
Subject: [PATCH 1/2] gnu: gcc: Add gcc 7.3.0-RC-20180117 [includes retpoline
support].
* gnu/packages/gcc.scm (gcc-7.3): New variable.
---
gnu/packages/gcc.scm | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index ad8992289..288c4deb3 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2018 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
@@ -433,6 +433,24 @@ Go. It also includes runtime support libraries for these languages.")
for several languages, including C, C++, Objective-C, Fortran, Ada, and Go.
It also includes runtime support libraries for these languages.")))
+(define-public gcc-7.3
+ (package
+ (inherit gcc-7)
+ (version "7.3.0-RC-20180117")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "ftp://gcc.gnu.org/pub/gcc/snapshots/"
+ version "/gcc-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0g447y7q1mdflzkw38d2ycb5w73bgzr5zbwn6135q314wrx6fxp2"))
+ (patches (search-patches "gcc-strmov-store-file-names.patch"
+ "gcc-5.0-libvtv-runpath.patch"))))
+ (description
+ "GCC is the GNU Compiler Collection. It provides compiler front-ends
+for several languages, including C, C++, Objective-C, Fortran, Ada, and Go.
+It also includes runtime support libraries for these languages.")))
+
;; Note: When changing the default gcc version, update
;; the gcc-toolchain-* definitions and the gfortran definition
;; accordingly.
--
2.15.1
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: [PATCH 2/2] gnu: linux-libre: Full retpoline support on x86 [mitigates spectre] --]
[-- Type: text/x-patch, Size: 1072 bytes --]
From d78c7ffa76c3cd2252bd0753c73e88468755184d Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Sat, 20 Jan 2018 15:16:20 -0500
Subject: [PATCH 2/2] gnu: linux-libre: Full retpoline support on x86
[mitigates spectre].
* gnu/packages/linux.scm (make-linux-libre): On x86 systems, build with
gcc-7.3.
---
gnu/packages/linux.scm | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 13e08f265..2425fc709 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -283,6 +283,12 @@ for ARCH and optionally VARIANT, or #f if there is no such configuration."
("bc" ,bc)
("openssl" ,openssl)
("kmod" ,kmod)
+ ,@(match (system->linux-architecture
+ (or (%current-target-system) (%current-system)))
+ ((or "x86_64" "i386")
+ `(("gcc" ,gcc-7.3)))
+ (_
+ '()))
,@(match (and configuration-file
(configuration-file
(system->linux-architecture
--
2.15.1
next reply other threads:[~2018-01-20 20:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-20 20:34 Mark H Weaver [this message]
2018-01-22 6:09 ` [PATCHES] gnu: linux-libre: Full retpoline support on x86 [spectre mitigation] Chris Marusich
2018-01-22 20:51 ` Leo Famulari
2018-01-22 13:18 ` Alex Vong
2018-01-26 11:41 ` Alex Vong
2018-01-23 21:04 ` Leo Famulari
2018-01-27 15:33 ` Ludovic Courtès
2018-01-27 20:01 ` Mark H Weaver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87po648e2n.fsf@netris.org \
--to=mhw@netris.org \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.