Re: [PATCH 02/11] arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry

From: Christoph Hellwig
Date: Thu Jan 04 2018 - 10:39:49 EST


On Thu, Jan 04, 2018 at 03:08:26PM +0000, Will Deacon wrote:
> Although CONFIG_UNMAP_KERNEL_AT_EL0 does make KASLR more robust, it's
> actually more useful as a mitigation against speculation attacks that
> can leak arbitrary kernel data to userspace through speculation.
>
> Reword the Kconfig help message to reflect this, and make the option
> depend on EXPERT so that it is on by default for the majority of users.
>
> Signed-off-by: Will Deacon <will.deacon@xxxxxxx>

Why is this not reusing the PAGE_TABLE_ISOLATION setting in
security/Kconfig ?