On Wed, 17 Oct 2018, Tim Chen wrote:
> +void arch_set_dumpable(struct task_struct *tsk, unsigned int value)
> +{
> + bool update;
> +
> + if (!static_branch_unlikely(&spectre_v2_app_lite))
> + return;
> + if (!static_cpu_has(X86_FEATURE_STIBP))
> + return;
> + if (spectre_v2_app2app_enabled == SPECTRE_V2_APP2APP_NONE)
> + return;
Can spectre_v2_app_lite be enabled when the cpu does not support STIBP or
spectre_v2_app2app_enabled is not set to SPECTRE_V2_APP2APP_CMD_LITE?
No it cannot. So checking the static key is sufficient.
Thanks,
tglx
