Hi Alex, Alex Vong skribis: > From aea3d11f59e260111bdb8bcac458c97a946fa900 Mon Sep 17 00:00:00 2001 > From: Alex Vong > Date: Tue, 16 Jan 2018 20:32:32 +0800 > Subject: [PATCH] gnu: gcc@7: Apply the 'retpoline' mitigation technique. > > This is part of Spectre (branch target injection) [CVE-2017-5715] > mitigation. Suggested by Mark H Weaver . > > * gnu/local.mk (dist_patch_DATA): Add them. > * gnu/packages/gcc.scm (gcc@7): Use them. > * gnu/packages/patches/gcc-retpoline-Change-V-to-bare-reg-names.patch, > gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch, > gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch, > gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch, > gnu/packages/patches/gcc-retpoline-indirect-thunk-reg-names.patch, > gnu/packages/patches/gcc-retpoline-x86-Add-V-register-operand-modifier.patch, > gnu/packages/patches/gcc-retpoline-x86-Add-mfunction-return.patch, > gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch-register.patch, > gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch.patch, > gnu/packages/patches/gcc-retpoline-x86-Disallow-mindirect-branch-mfunction-return-with-.patch: > New files. I’d suggest removing the test suite changes from the patches (currently we don’t run GCC’s test suite.) Also, ‘guix lint’ may suggest using shorter file names. Do you know if a new 7.x including retpoline support is scheduled for release soon? Thanks, Ludo’.