update x86-mm-pti-add-kconfig.patch

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)
diff --git a/queue-4.14/x86-mm-pti-add-kconfig.patch b/queue-4.14/x86-mm-pti-add-kconfig.patch

index 7d5ca30a22296f7ad51d2fc4025eb44dc8abbe7f..1335edff354705bd02b2efa01e8e6db655abe5c9 100644 (file)
--- a/queue-4.14/x86-mm-pti-add-kconfig.patch
+++ b/queue-4.14/x86-mm-pti-add-kconfig.patch
@@ -48,18 +48,19 @@ Signed-off-by: Ingo Molnar <mingo@kernel.org>
  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  
  ---
- security/Kconfig |   10 ++++++++++
- 1 file changed, 10 insertions(+)
+ security/Kconfig |   11 +++++++++++
+ 1 file changed, 11 insertions(+)
  
  --- a/security/Kconfig
  +++ b/security/Kconfig
-@@ -54,6 +54,16 @@ config SECURITY_NETWORK
+@@ -54,6 +54,17 @@ config SECURITY_NETWORK
           implement socket and networking access controls.
           If you are unsure how to answer this question, answer N.
   
  +config PAGE_TABLE_ISOLATION
  +      bool "Remove the kernel mapping in user mode"
  +      depends on X86_64 && !UML
++      default y
  +      help
  +        This feature reduces the number of hardware side channels by
  +        ensuring that the majority of kernel addresses are not mapped
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 2 Jan 2018 11:32:49 +0000 (12:32 +0100)