The file /sys/devices/system/cpu/vulnerabilities/meltdown
always says that we are vulnerable, even when PTI mitigation
is actually enabled. The code that checks and prints PTI
mitigation status is under ifdef CONFIG_KAISER which is never
defined. We have CONFIG_PAGE_TABLE_ISOLATION instead of CONFIG_KAISER,
so use it instead.
Before:
cat /sys/devices/system/cpu/vulnerabilities/meltdown
Vulnerable
After:
cat /sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: PTI
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
arch/x86/kernel/cpu/bugs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 21c6210682aa..cc77927b4daf 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -606,7 +606,7 @@ static ssize_t cpu_show_common(struct device *dev, struct
device_attribute *attr
switch (bug) {
case X86_BUG_CPU_MELTDOWN:
-#ifdef CONFIG_KAISER
+#ifdef CONFIG_PAGE_TABLE_ISOLATION
if (kaiser_enabled)
return sprintf(buf, "Mitigation: PTI\n");
#endif
--
2.18.0
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
