On 01/11/2018 10:51 AM, Linus Torvalds wrote: > On Thu, Jan 11, 2018 at 10:38 AM, Dave Hansen > <dave.han...@linux.intel.com> wrote: >> On 01/11/2018 10:32 AM, Josh Poimboeuf wrote: >>>> hmm. Exposing cr3 to user space will make it trivial for user process >>>> to know whether kpti is active. Not sure how exploitable such >>>> information leak. >>> It's already trivial to detect PTI from user space. >> Do tell. > One way to do it is to just run the attack, and see if you get something.
Not judging how trivial (or not) the attack is, I was hoping for something that was *not* the attack itself. :) I'd love to have a tool that tells you for sure "KPTI enabled or not", but I'd also love to have it be something I can easily distribute without it being handled like a WMD.
