Hello.
I have a simple question. I built a gcc8 and I want to build Linux-image 4.15.4 with gcc8 to prevent CVE-2017-5715.
I tried adding “Prefer: gcc8” to the project config, but it didn’t help.
I can’t make update-alternatives because the build users hasn’t enough rights.
How to build a kernel with gcc8?
FYI
https://www.suse.com/security/cve/CVE-2017-5715/
From what I can gather, there is plenty of confusion or disagreement on what it would take to address Spectre properly, so a number of patches have been proposed and implemented.
Bottom line, patching for this vulnerability is partial, in progress and at the moment is “best effort.”
The question you’d probably need to ask and answer is whether whatever you have in mind duplicates, or relates to other patches which may already be implemented.
if you still want to build, is gcc8 a requirement for what you want to do? Will another version suffice?
TSU
I suspect the easiest way is to patch kernel spec to set
MAKE_ARGS=CC=gcc8
in suitable place.
Spec file is likely good.
Alternative might be to create an update-alternatives for gcc as i describe in my following wiki page(which I recommend more commonly when you don’t have access to a spec file)
https://en.opensuse.org/User:Tsu2/gcc_update-alternatives
TSU