| 1 |
On Thu, Jan 4, 2018 at 11:02 AM, Holger Hoffstätte |
| 2 |
<holger@××××××××××××××××××.com> wrote: |
| 3 |
> On Wed, 03 Jan 2018 15:53:07 -0500, Rich Freeman wrote: |
| 4 |
> |
| 5 |
>> On Wed, Jan 3, 2018 at 3:35 PM, Wols Lists <antlists@××××××××××××.uk> wrote: |
| 6 |
>>> |
| 7 |
>>> And as I understand it the code can be disabled with either a compile |
| 8 |
>>> time option or command line switch to the kernel. |
| 9 |
>> |
| 10 |
>> I suspect the compile-time option is PAGE_TABLE_ISOLATION (which was |
| 11 |
>> newly added in 4.14.11). The command line option nopti will disable |
| 12 |
>> it at runtime. |
| 13 |
>> |
| 14 |
>> Rumor has it that it will be disabled on AMD CPUs in 4.14.12, but I |
| 15 |
> |
| 16 |
> That's not a rumor and it can be easily verified either here: |
| 17 |
> |
| 18 |
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-4.14/x86-cpu-x86-pti-do-not-enable-pti-on-amd-processors.patch |
| 19 |
> |
| 20 |
> or in mainline git, respectively. |
| 21 |
> |
| 22 |
|
| 23 |
Not back when I made my post, as is evident from the timestamps. |
| 24 |
|
| 25 |
All the info around these vulnerabilities is rapidly evolving, so take |
| 26 |
anything you hear with some skepticism until the dust settles... |
| 27 |
|
| 28 |
-- |
| 29 |
Rich |
Archives