Skip to content
Commit 6cb2b08f authored by Jiri Kosina's avatar Jiri Kosina Committed by Ingo Molnar
Browse files

x86/pti: Don't report XenPV as vulnerable



Xen PV domain kernel is not by design affected by meltdown as it's
enforcing split CR3 itself. Let's not report such systems as "Vulnerable"
in sysfs (we're also already forcing PTI to off in X86_HYPER_XEN_PV cases);
the security of the system ultimately depends on presence of mitigation in
the Hypervisor, which can't be easily detected from DomU; let's report
that.

Reported-and-tested-by: default avatarMike Latimer <mlatimer@suse.com>
Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Acked-by: default avatarJuergen Gross <jgross@suse.com>
Cc: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/nycvar.YFH.7.76.1806180959080.6203@cbobk.fhfr.pm


[ Merge the user-visible string into a single line. ]
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent 9ffc59d5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment