Packages

Glad to see someone is working on this. The sooner this is fixed the better. Hopefully there's a way so it won't slow down the computer too much...

Per https://lwn.net/Articles/743246/ - most bugs have been fixed in 4.9.75, we will be updating soon and monitoring to see if any additional patches are needed.

I hope at some point you find a way to defeat Spectre. I heard no one knows how to defeat spectre yet.

I wish you the best on this and your porting to libreSSL. :)

It is possible to backport retpoline support to GCC-6 compiler using patches from Debian (https://sources.debian.org/src/gcc-6/6.3.0-18+deb9u1/debian/patches/). Then recompile kernel with patched compiler in order to mitigate Spectre V2.

It is possible to backport retpoline support to GCC-6 compiler using patches from Debian (https://sources.debian.org/src/gcc-6/6.3.0-18+deb9u1/debian/patches/). Then recompile kernel with patched compiler in order to mitigate Spectre V2.

For stability reasons, we have plans to implement Debian patches in our toolchain for Milky Way v0.3 because it will be the first version that we will begin rebuild all packages from scratch following our Social Contract. However, we could add retpoline-specific patches from Debian as workaround for Milky Way v0.2, do you know what are those patches?

First 000* patches:

• 0001-i386-Move-struct-ix86_frame-to-machine_function.diff
• 0002-i386-Use-reference-of-struct-ix86_frame-to-avoid-copy.diff
• 0003-i386-Use-const-reference-of-struct-ix86_frame-to-avoi.diff
• 0004-x86-Add-mindirect-branch.diff
• 0005-x86-Add-mfunction-return.diff
• 0006-x86-Add-mindirect-branch-register.diff
• 0007-x86-Add-V-register-operand-modifier.diff
• 0008-x86-Disallow-mindirect-branch-mfunction-return-with-m.diff
• 0009-Use-INVALID_REGNUM-in-indirect-thunk-processing.diff

Thank you Jack, I'm building gcc with those patches.