x86/pti: Enable PTI by default This really want's to be enabled by default. Users who know what they are doing can disable it either in the config or on the kernel command line. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: stable@vger.kernel.org

commit: 87faa0d9b43b4755ff6963a22d1fd1bee1aa3b39 [log] [tgz]
author: Thomas Gleixner <tglx@linutronix.de> Wed Jan 03 15:18:44 2018 +0100
committer: Thomas Gleixner <tglx@linutronix.de> Wed Jan 03 15:57:58 2018 +0100
tree: 786a98c0039da78e572e95ff02fef682bc04c889
parent: 7f414195b0c3612acd12b4611a5fe75995cf10c7 [diff] [blame]
diff --git a/security/Kconfig b/security/Kconfig
index a623d13..3d4debd 100644
--- a/security/Kconfig
+++ b/security/Kconfig

@@ -56,6 +56,7 @@
 
 config PAGE_TABLE_ISOLATION
 	bool "Remove the kernel mapping in user mode"
+	default y
 	depends on X86_64 && !UML
 	help
 	  This feature reduces the number of hardware side channels by
commit	87faa0d9b43b4755ff6963a22d1fd1bee1aa3b39	[log] [tgz]
author	Thomas Gleixner <tglx@linutronix.de>	Wed Jan 03 15:18:44 2018 +0100
committer	Thomas Gleixner <tglx@linutronix.de>	Wed Jan 03 15:57:58 2018 +0100
tree	786a98c0039da78e572e95ff02fef682bc04c889
parent	7f414195b0c3612acd12b4611a5fe75995cf10c7 [diff] [blame]