[pve-devel] retpoline fix for spectre has been commited in kernel 4.14

Fabian Grünbichler f.gruenbichler at proxmox.com
Thu Jan 18 09:27:23 CET 2018


On Wed, Jan 17, 2018 at 03:14:43PM +0100, Alexandre DERUMIER wrote:
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.14.14&id=3a72bd4b60da338e66922e4f9eded174b3ad147d
> 
> Do you plan to backport them to kernel 4.13 ?  (still waiting for a stable intel microcode, as retpoline is an alternative, it could be great :)

yes, eventually. it will take some time though, since
- the SPEC_CTRL/IBRS/.. patches need to be finalized upstream before
  switching to RETPOLINE+SPEC_CTRL is feasible
- RETPOLINE requires a patched gcc, which needs to be available in
  Debian Stretch first (because user-compiled modules need to be
  re-compiled with the patched gcc as well, not just the kernel and
  modules provided by us via packages)




More information about the pve-devel mailing list