On Fri, 15 Jun 2018, Juergen Gross wrote: > wrong for 64-bit, too, in case the mitigation is disabled at hypervisor > level.
If that is indeed possible (is it?), then the check we have in pti_check_boottime_disable() is wrong as well. > So the test should be done only for CONFIG_X86_64 Fair enough. > and the returned string should be e.g. "Mitigation: XEN". Well, perhaps; it'd confuse all the scripts that are checking whether system is fully secured or not by parsing sysfs files ... but that's mostly their problem. Thanks, -- Jiri Kosina SUSE Labs
