To mitigate Spectre Variant 2, GCC needs to have retpoline
support (-mindirect-branch and -mfunction-return arguments on amd64
and i386).
Patches were pulled from H.J. Lu's backport branch to
4.9 (hjl/indirect/gcc-4_9-branch), available at
https://github.com/hjl-tools/gcc/tree/hjl/indirect/gcc-4_9-branch/master. Upstream
GCC does not apply patches to anything older than the
gcc-6-branch. H.J. Lu is the author of the upstream retpoline commits
as well.
Several Linux distributions already backported these patches to GCC 4
branches and some old kernels (3.13 for instance) have been recompiled
with these GCC patches. These kernels only allow to load kernel
modules that are compiled with the retpoline support.
References:
- Ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/gcc-4.8/+bug/1749261
- Ubuntu package: https://launchpad.net/ubuntu/+source/gcc-4.8/4.8.4-2ubuntu1~14.04.4Fixes#38394
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.
The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:
```
ISA: ARMv8 {-A, -R, -M}
/ \
Mode: Aarch32 Aarch64
| / \
Encoding: A64 A32 T32
```
At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.
The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.
[1]: https://developer.arm.com/products/architecture/a-profile
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/kotlin/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/w1k17lqv3cc8sszxnmzg8g6lcc1pxkk8-kotlin-1.2.40/bin/kotlin -h’ got 0 exit code
- ran ‘/nix/store/w1k17lqv3cc8sszxnmzg8g6lcc1pxkk8-kotlin-1.2.40/bin/.kotlin-wrapped -h’ got 0 exit code
- found 1.2.40 with grep in /nix/store/w1k17lqv3cc8sszxnmzg8g6lcc1pxkk8-kotlin-1.2.40
- directory tree listing: https://gist.github.com/886158de7b36d9a61fcbc13d2638779a
The version bump in c727e7e7d6 (pull
request #35153) didn't actually take into account that Haxe has changed
the way they search for the stdlib. Instead of a hardcoded list of paths
it now searches based on a common prefix.
So when running Haxe, it errored out because it couldn't find its own
standard library. This is now fixed by changing the sed expression
accordingly.
Apart from fixing the actual issue, I've added a small test in
installCheckPhase to make sure something like this won't happen again in
future updates.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @volth, @joachifm
