CONFIG_UNMAP_KERNEL_AT_EL0 is not available for thedefaultarchitecture x86.
Result is shown for architecture arm64
Unmap kernel when running in userspace (KPTI)
configname: CONFIG_UNMAP_KERNEL_AT_EL0
Linux Kernel Configuration
└─>Kernel Features
└─>Unmap kernel when running in userspace (KPTI)
In linux kernel since version 3.10 (release Date: 2013-06-30)
Speculation attacks against some high-performance processors can
be used to bypass MMU permission checks and leak kernel data to
userspace. This can be defended against by unmapping the kernel
when running in userspace, mapping it back in on exception entry
via a trampoline page in the vector table.
If unsure, say Y.
be used to bypass MMU permission checks and leak kernel data to
userspace. This can be defended against by unmapping the kernel
when running in userspace, mapping it back in on exception entry
via a trampoline page in the vector table.
If unsure, say Y.