On Wed, Jan 10, 2018 at 08:25:08AM +0100, Ingo Molnar wrote:
> We could taint the kernel and warn prominently in the syslog when PTI is
> disabled
> globally on the boot line though, if running on affected CPUs.
>
> Something like:
>
> "x86/intel: Page Table Isolation (PTI) is disabled globally. This allows
> unprivileged, untrusted code to exploit the Meltdown CPU bug to read kernel
> data."
>
I think we should warn in the per-mm disabling case too. Not the same
text but a similar blurb about the trusted process becoming a high-value
target.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
