The current Meltdown Intel processor vulnerability is currently remedied by having the page table isolation enabled. There is a question how to turn this off: How to disable Page Table Isolation to regain performance lost due to Intel CPU security hole patch?
My question is opposite: is there a way to check on a running system whether the PTI mechanism is effective on the system and thus the system is protected? I'm specifically looking for cat /proc/something
or cat /sys/something
, not checking for kernel version or config parameter or the like.
Best Answer
You can run the command below to see all available mitigations (not only for PTI but also for other vulnerabilities) :