On Wed, Nov 21, 2018 at 9:41 AM Tim Chen tim.c.chen@linux.intel.com wrote:
When STIBP is on, it will prevent not only untrusted code from attacking, but also trusted code from getting attacked. So non-dumpable task running with STIBP will protect itself from attacks from code running on sibling CPU.
I understand.
You didn't read my email about why "dumpable" is not sensible.
Linus