On Wed, Sep 12, 2018, 12:29 Joni Orponen <j.orpo...@4teamwork.ch> wrote:
> On Wed, Sep 12, 2018 at 8:48 PM Wes Turner <wes.tur...@gmail.com> wrote: > >> Should C extensions that compile all add >> `-mindirect-branch=thunk -mindirect-branch-register` [1] to mitigate the >> risk of Spectre variant 2 (which does indeed affect user space applications >> as well as kernels)? >> > > Are those available on GCC <= 4.2.0 as per PEP 513? > Pretty sure no manylinux1 compiler is ever going to get these mitigations. For manylinux2010 on x86-64, we can easily use a much newer compiler: RH maintains a recent compiler, currently gcc 7.3, or if that doesn't work for some reason then the conda folks have be apparently figured out how to build the equivalent from gcc upstream releases. Unfortunately, the manylinux2010 infrastructure is not quite ready... I'm pretty sure it needs some volunteers to push it to the finish line, though unfortunately I haven't had enough time to keep track. -n
-- Distutils-SIG mailing list -- distutils-sig@python.org To unsubscribe send an email to distutils-sig-le...@python.org https://mail.python.org/mm3/mailman3/lists/distutils-sig.python.org/ Message archived at https://mail.python.org/mm3/archives/list/distutils-sig@python.org/message/5A3VEMZXTQDFGFCHPM7Z2DU24KHYG26Y/
