|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 2/2] x86: allow Meltdown band-aid to be disabled
On Mon, Jan 15, 2018 at 11:07 AM, Jan Beulich <JBeulich@xxxxxxxx> wrote: > First of all we don't need it on AMD systems. Additionally allow its use > to be controlled by command line option. For best backportability, this > intentionally doesn't use alternative instruction patching to achieve > the intended effect - while we likely want it, this will be later > follow-up. Is it worth making it optional to apply to dom0? In most cases, if an attacker can manage to get userspace on dom0, they should be able to take over the whole system anyway; turning it off on dom0 to get better performance seems like a policy decision that administrators might reasonably make. -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |