Re: [PATCH v2] x86/pti: don't report XenPV as vulnerable

[Juergen Gross]

On 18/06/18 09:59, Jiri Kosina wrote:
> From: Jiri Kosina <jkosina@xxxxxxx>
> 
> Xen PV domain kernel is not by design affected by meltdown as it's 
> enforcing split CR3 itself. Let's not report such systems as "Vulnerable" 
> in sysfs (we're also already forcing PTI to off in X86_HYPER_XEN_PV 
> cases); the security of the system ultimately depends on presence of 
> mitigation in Hypervisor, which can't be easily detected from DomU; let's 
> report that.
> 
> Reported-and-tested-by: Mike Latimer <mlatimer@xxxxxxxx>
> Signed-off-by: Jiri Kosina <jkosina@xxxxxxx>

Acked-by: Juergen Gross <jgross@xxxxxxxx>


Juergen