* Borislav Petkov <b...@alien8.de> wrote:
> On Wed, Jan 10, 2018 at 08:25:08AM +0100, Ingo Molnar wrote:
> > We could taint the kernel and warn prominently in the syslog when PTI is
> > disabled
> > globally on the boot line though, if running on affected CPUs.
> >
> > Something like:
> >
> > "x86/intel: Page Table Isolation (PTI) is disabled globally. This allows
> > unprivileged, untrusted code to exploit the Meltdown CPU bug to read kernel
> > data."
> >
>
> I think we should warn in the per-mm disabling case too. Not the same
> text but a similar blurb about the trusted process becoming a high-value
> target.
Ok - that's fine by me too, as long as it's a one time warning only.
Thanks,
Ingo
