commit | f21b53b20c754021935ea43364dbf53778eeba32 | [log] [tgz] |
---|---|---|
author | Kees Cook <keescook@chromium.org> | Thu May 03 14:37:54 2018 -0700 |
committer | Thomas Gleixner <tglx@linutronix.de> | Sat May 05 00:51:45 2018 +0200 |
tree | 56c873b4f7dc9b7561858f8e7e4a6bfc2ba8eeeb | |
parent | 8bf37d8c067bb7eb8e7c381bdadf9bd89182b6bc [diff] |
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Unless explicitly opted out of, anything running under seccomp will have SSB mitigations enabled. Choosing the "prctl" mode will disable this. [ tglx: Adjusted it to the new arch_seccomp_spec_mitigate() mechanism ] Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>