On Wed, Sep 19, 2018 at 02:35:30PM -0700, Tim Chen wrote: > This patch provides an application property based spectre_v2 > protection with STIBP against attack from another app from > a sibling hyper-thread. For security sensitive non-dumpable > app, STIBP will be turned on before switching to it for Intel > processors vulnerable to spectre_v2.
Why does that non dumpable thing make sense? Why not use the same prctl() we already use for SSBD?
