On Fri, 14 Dec 2018 at 15:28, Rafael David Tinoco rafael.tinoco@linaro.org wrote:
Mark, and team,
Copying in Arnd as well.
Before going upstream (specifically to Greg), we would like your opinion
on the following issue:
PAGE_TABLE_ISOLATION feature - to mitigate meltdown - is not enabled by default for i686 (X32) mainly because it depends on HIGHMEM and X86_PAE.
X86_PAE is NOT default on x86 32bit compilations and it gets only automatically selected if HIGHMEM64G is set (which would justify its need).
With that, right now, all 32-bit kernels generated with default config options are susceptible to meltdown vulnerability (https://bugs.linaro.org/show_bug.cgi?id=4135).
We are thinking on enabling CONFIG_PAGE_TABLE_ISOLATION (w/ CONFIG_X86_PAE and CONFIG_HIGHMEM64G options) for our x86 32-bit builds, but we aren't sure if we should ask upstream to consider the same, since X86_PAE does not look like something that should be default.
I don't really have a solid sense of what the right answer is, I think it's worth proposing upstream. It depends what the purpose of the defconfig is - if it's a recommended starting point for making your production configuration (in which case it's good to turn on all the security stuff probably) or if it's something else like a good starting point for your development testing (in which case perhaps meh). My sense is that it's something we have some expectation people will run in production so we should turn on security stuff but like I say that's not 100% solid.
What do you think ? Thanks for your inputs!
Rafael
Rafael D. Tinoco Linaro - Kernel Validation