1 |
On Thu, Jan 4, 2018 at 11:02 AM, Holger Hoffstätte |
2 |
<holger@××××××××××××××××××.com> wrote: |
3 |
> On Wed, 03 Jan 2018 15:53:07 -0500, Rich Freeman wrote: |
4 |
> |
5 |
>> On Wed, Jan 3, 2018 at 3:35 PM, Wols Lists <antlists@××××××××××××.uk> wrote: |
6 |
>>> |
7 |
>>> And as I understand it the code can be disabled with either a compile |
8 |
>>> time option or command line switch to the kernel. |
9 |
>> |
10 |
>> I suspect the compile-time option is PAGE_TABLE_ISOLATION (which was |
11 |
>> newly added in 4.14.11). The command line option nopti will disable |
12 |
>> it at runtime. |
13 |
>> |
14 |
>> Rumor has it that it will be disabled on AMD CPUs in 4.14.12, but I |
15 |
> |
16 |
> That's not a rumor and it can be easily verified either here: |
17 |
> |
18 |
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-4.14/x86-cpu-x86-pti-do-not-enable-pti-on-amd-processors.patch |
19 |
> |
20 |
> or in mainline git, respectively. |
21 |
> |
22 |
|
23 |
Not back when I made my post, as is evident from the timestamps. |
24 |
|
25 |
All the info around these vulnerabilities is rapidly evolving, so take |
26 |
anything you hear with some skepticism until the dust settles... |
27 |
|
28 |
-- |
29 |
Rich |