On 15/06/18 08:16, Jiri Kosina wrote: > On Fri, 15 Jun 2018, Juergen Gross wrote: > >>>> wrong for 64-bit, too, in case the mitigation is disabled at hypervisor >>>> level. >>> >>> If that is indeed possible (is it?), then the check we have in >>> pti_check_boottime_disable() is wrong as well. >> >> No, it isn't. PTI for 32-bit kernels isn't paravirtualized, so it has to >> be disabled. > > I was talking about this "mitigation disabled at Xen hypervisor level for > 64-bit" situation though. >
Why? PTI has to be disabled in PV guests as it can't work there due to missing paravirtualization of the PTI feature (mov to/from %cr3). The Xen meltdown mitigation ("XPTI") for 64-bit pv guests is primarily securing the hypervisor against meltdown attacks of the guest. The guest itself can't do anything in this regard in 64-bit mode, as user and kernel code are already using different %cr3 values even without PTI. Juergen