Add gcc 7.3.0 #13

donald · 2018-02-10T22:47:45Z

gcc 7.3 supports -mindirect-branch=thunk-extern which is used (if available) by the kernel build to mitigate Spectre attacks with a method called retpoline. If -mindirect-branch=thunk-extern is not available, the kernel build will not (no longer) emit a warning [1]. The insufficient protection will be visible on the running system

root@dose:/sys# cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 
Vulnerable: Minimal generic ASM retpoline

whereas when the kernel is compiled with gcc 7.3 ( `prun gcc-7.3.0-0 ./linux-4.14.18-207.bee the output is:

root@dose:~# cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 
Mitigation: Full generic retpoline

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.14.y&id=198660b7a5dd33b114001023d540c9072603e2a8

Created by cp gcc-7.2.0-0.build.sh gcc-7.3.0-0.build.sh after which the VERSION= line was updated

gcc doesn't support to be build in the source directory. https://gcc.gnu.org/wiki/InstallingGCC

This is to support a rebuild during development. Do not fail if target already exists.

donald added 5 commits February 10, 2018 19:46

Add gcc-7.3.0

07e39b8

Created by cp gcc-7.2.0-0.build.sh gcc-7.3.0-0.build.sh after which the VERSION= line was updated

gcc-7.3.0: Build in subdirectory

30f4e02

gcc doesn't support to be build in the source directory. https://gcc.gnu.org/wiki/InstallingGCC

gcc-7.3.0: Change ln -s to ln -sf

22c94be

This is to support a rebuild during development. Do not fail if target already exists.

gcc-7.3.0: Add comment regarding vm.overcommit_memory

63a2b62

gcc-7.3.0: Fix whitespace issue

694ed65

donald merged commit f148782 into master Feb 23, 2018

david deleted the add-gcc-7.3.0 branch March 16, 2018 10:43

Add gcc 7.3.0 #13

Add gcc 7.3.0 #13

Conversation

donald commented Feb 10, 2018