[bug#30111] gnu: address@hidden: Apply the 'retpoline' mitigation technique.

[Ludovic Courtès]

Hi Alex,

Alex Vong <address@hidden> skribis:

> From aea3d11f59e260111bdb8bcac458c97a946fa900 Mon Sep 17 00:00:00 2001
> From: Alex Vong <address@hidden>
> Date: Tue, 16 Jan 2018 20:32:32 +0800
> Subject: [PATCH] gnu: address@hidden: Apply the 'retpoline' mitigation 
> technique.
>
> This is part of Spectre (branch target injection) [CVE-2017-5715]
> mitigation. Suggested by Mark H Weaver <address@hidden>.
>
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/gcc.scm (address@hidden): Use them.
> * gnu/packages/patches/gcc-retpoline-Change-V-to-bare-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch,
> gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch,
> gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch,
> gnu/packages/patches/gcc-retpoline-indirect-thunk-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-V-register-operand-modifier.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mfunction-return.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch-register.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch.patch,
> gnu/packages/patches/gcc-retpoline-x86-Disallow-mindirect-branch-mfunction-return-with-.patch:
> New files.

I’d suggest removing the test suite changes from the patches (currently
we don’t run GCC’s test suite.)  Also, ‘guix lint’ may suggest using
shorter file names.

Do you know if a new 7.x including retpoline support is scheduled for
release soon?

Thanks,
Ludo’.