Hi Linus, hi everyone, Linus Torvalds - 28.01.18, 22:52: > details), and perhaps equally importantly, to actually get the biggest > fix for the indirect branch mitigations, you need not just the kernel > updates, you need to have a compiler with support for the "retpoline" > indirect branch model. > > You can do > > cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 > > and if you don't have a compiler that supports the retpoline > mitigations, you'll get: > > Vulnerable: Minimal generic ASM retpoline > > because only the assembly code (not the C code) will have the > retpoline mitigation. So keep that in mind.
I have: % cat /proc/version Linux version 4.15.0-tp520-btrfstrim+ ([…]) (gcc version 7.3.0 (Debian 7.3.0-1)) #38 SMP PREEMPT Mon Jan 29 09:38:44 CET 2018 % grep RETPO /boot/config-4.15.0-tp520-btrfstrim+ CONFIG_RETPOLINE=y % gcc --version | head -1 gcc (Debian 7.3.0-1) 7.3.0 % apt changelog gcc-7 gcc-7 (7.3.0-1) unstable; urgency=medium * GCC 7.3.0 release. * Ignore bootstrap comparison failures in gcc/d on alpha. Addresses: #888394. -- Matthias Klose […] Thu, 25 Jan 2018 12:07:10 +0100 Yet: % grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline >From what I read gcc 7.3 was supposed to include back ported retpoline patches. What am I missing here? Thanks, -- Martin
