[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Meltdown / Spectre
|
From: |
ng0 |
|
Subject: |
Re: Meltdown / Spectre |
|
Date: |
Wed, 10 Jan 2018 15:00:12 +0000 |
Alex Vong transcribed 1.7K bytes:
> Mark H Weaver <address@hidden> writes:
>
> > Mark H Weaver <address@hidden> writes:
> >
> >> I just followed this up with a Spectre mitigation for WebKitGTK+
> >> backported from upstream WebKit:
> >>
> >>
> >> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=56804398a94bea941183ae4ed29d2a9f82069a6f
> >
> > FYI, adding a patch to 'webkitgtk' seems to have greatly exacerbated an
> > existing race condition in webkitgtk's build system, presumably due to
> > the zeroing of time stamps in the repacked tarball. I believe that
> > *any* patch would have had this effect. I filed the following bug to
> > track this issue:
> >
> > https://bugs.gnu.org/30015
> >
> > Mark
>
> Thanks for all the help and quick fixes.
>
> I have an idea. Should we add a news entry to Guix blog[0] summarizing
> all the above? For example, we can advice users to install noscript and
> turn off javascript by default and only enable it on trusted site when
> necessary.
Yes. If you ask yourself the question, it's already possible that someone
out there (realistic: multiple someones) doesn't follow the mailinglist
all the time and they miss it out. a summary on the website will be good imho.
> About the "Retpoline" mitigation technique[1]. Right now only GCC 7.2.0
> is patched, but our default gcc version is 5.4.0 in master and 5.5.0 in
> core-updates. So I tried to apply the patches apply the patches to
> 5.5.0. There are totally 17 commits/patches. The first 3 patch can be
> modified to work while the 4th patch cannot be easily modified to work
> because the function ``ix86_nopic_noplt_attribute_p'' is not present on
> 5.5.0. Perhaps discarding the hunk would be fine, but we need to be
> careful about it (maybe running tests make sure the fix really works).
>
> Do you think we should modify the patch to make it work on GCC 5 or
> update core-updates to GCC 7 instead?
>
> [0]: https://www.gnu.org/software/guix/blog/
> [1]:
> http://git.infradead.org/users/dwmw2/gcc-retpoline.git/shortlog/refs/heads/retpoline
>
>
--
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://c.n0.is/ng0_pubkeys/tree/keys
WWW: https://n0.is/a/ :: https://ea.n0.is
signature.asc
Description: PGP signature
- Re: Meltdown / Spectre, (continued)
- Re: Meltdown / Spectre, Alex Vong, 2018/01/09
- Re: Meltdown / Spectre, Leo Famulari, 2018/01/10
- Re: Meltdown / Spectre, Ludovic Courtès, 2018/01/16
- Re: Meltdown / Spectre, Mark H Weaver, 2018/01/19
- Re: Meltdown / Spectre, Leo Famulari, 2018/01/19
- Re: Meltdown / Spectre, Mark H Weaver, 2018/01/21
- Re: Meltdown / Spectre, Ludovic Courtès, 2018/01/24
- Re: Meltdown / Spectre, Mark H Weaver, 2018/01/24
- Re: Meltdown / Spectre, Mark H Weaver, 2018/01/26
- Re: Meltdown / Spectre, Ludovic Courtès, 2018/01/27
- Re: Meltdown / Spectre,
ng0 <=
- Re: Meltdown / Spectre, Ludovic Courtès, 2018/01/08
- Re: Meltdown / Spectre, Leo Famulari, 2018/01/10
Re: Meltdown / Spectre, Chris Marusich, 2018/01/06
- Re: Meltdown / Spectre, Katherine Cox-Buday, 2018/01/08
- Re: Meltdown / Spectre, Marius Bakke, 2018/01/08
- Re: Meltdown / Spectre, Tobias Geerinckx-Rice, 2018/01/08
- Re: Meltdown / Spectre, Tobias Geerinckx-Rice, 2018/01/08
- Re: Meltdown / Spectre, Katherine Cox-Buday, 2018/01/09
- Re: Meltdown / Spectre, Tobias Geerinckx-Rice, 2018/01/09
- Re: Meltdown / Spectre, Leo Famulari, 2018/01/10