[elrepo] building with retpoline-enabled compiler?
Leon Fauster
leonfauster at googlemail.com
Mon Mar 19 21:03:54 EDT 2018
Am 19.03.2018 um 18:57 schrieb Phil Perry <phil at elrepo.org>:
>
> On 19/03/18 07:11, Phil Perry wrote:
>
>> On 18/03/18 23:30, Leon Fauster via elrepo wrote:
>>>
>>> Must all kmod packages be rebuild with the new compiler (released recently)?
>>>
>>> # dmesg | grep -i retpo
>>> Spectre V2 : Mitigation: Full retpoline
>>> Spectre V2 : WARNING: module 'rr174x' built without retpoline-enabled compiler, may affect Spectre v2 mitigation
>>>
>>> "Especially for kernel versions" -ge "kernel-2.6.32-696.23.1.el6.x86_64"
>>
>> I have a ticket open with Red Hat on that subject atm, but my feeling is potentially yes, but it may depend upon the driver code in question.
>
>
> I've rebuilt kmod-rr174x against the latest el6 kernel and uploaded the package to the elrepo testing repository.
> Would you be able to test for me? Backward compatibility against older kernels will be broken.
Thank very much, Phil.
A quick installation went fine. Storage can be mounted.
No "warning" from the kernel:
# dmesg |grep -i retpoline
Spectre V2 : Mitigation: Full retpoline
# grep retpoline <(modinfo rr174x)
retpoline: Y
I guess its "weak-updates" normal behavior; after the update of the kmod-rr174x package
the initramfs.img files of all installed kernels were rebuild and that wiped the old rr174x
module out. So, after restoring an initramfs.img file back, I could also boot an older kernel
(with an older module). Just to be prepared.
# ls -1 /boot/initramfs-2.6.32-696.* | cut -d"/" -f3 | sed 's/initramfs-//;s/.img//' | xargs -n1 lsinitrd -k | grep rr174x.ko
-rw-r--r-- 1 root root 342736 Feb 1 17:33 lib/modules/2.6.32-696.20.1.el6.x86_64/weak-updates/rr174x/rr174x.ko
-rw-r--r-- 1 root root 343128 Mar 20 00:29 lib/modules/2.6.32-696.23.1.el6.x86_64/extra/rr174x/rr174x.ko
If upcoming kernel updates will pick the "extra" module then all seems to be fine ...
Best regards,
LF
More information about the elrepo
mailing list