12371 – CONFIG_PAGE_TABLE_ISOLATION is enabled on x86_64 only

Bug 12371 - CONFIG_PAGE_TABLE_ISOLATION is enabled on x86_64 only

Summary: CONFIG_PAGE_TABLE_ISOLATION is enabled on x86_64 only

Status:	CLOSED NOTABUG

Alias:	None

Product:	IPFire
Classification:	Unclassified
Component:	--- (show other bugs)
Version:	2
Hardware:	unspecified All

Importance:	Will affect an average number of users Security
Assignee:	Assigned to nobody - feel free to grab it and work on it
QA Contact:

URL:
Keywords:

Depends on:
Blocks:	KERNSEC
	Show dependency tree / graph

Reported:	2020-04-14 15:33 UTC by Peter Müller
Modified:	2020-04-14 17:12 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Peter Müller 2020-04-14 15:33:27 UTC

Quote from https://capsule8.com/blog/kernel-configuration-glossary/:

> Significance: High
> 
> This feature reduces the number of hardware side channels by ensuring that
> the majority of kernel addresses are not mapped into userspace.

Comment 1 Peter Müller 2020-04-14 17:12:04 UTC

This is implemented on x86_64 only. A patch set for i?86 is available, but did not make it into the kernel.