From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ak@linux.intel.com>
Received: from mga03.intel.com ([134.134.136.65])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <ak@linux.intel.com>)
	id 1fFqcR-0000z8-4u
	for speck@linutronix.de; Tue, 08 May 2018 02:36:40 +0200
Date: Mon, 7 May 2018 17:36:32 -0700
From: Andi Kleen <ak@linux.intel.com>
Subject: [MODERATED] Re: [PATCH 5/5] SSB extra v2 5
Message-ID: <20180508003632.GH4050@tassilo.jf.intel.com>
References: <cover.1525734796.git.dave.hansen@intel.com> =?utf-8?q?=3C3c3bda?=
 =?utf-8?q?6cd68a91d9e79ef1da60d481180d544d20=2E1525734796=2Egit=2Edave=2E?=
 =?utf-8?q?hansen=40intel=2Ecom=3E?=
MIME-Version: 1.0
In-Reply-To: =?utf-8?q?=3C3c3bda6cd68a91d9e79ef1da60d481180d544d20=2E15257?=
 =?utf-8?q?34796=2Egit=2Edave=2Ehansen=40intel=2Ecom=3E?=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

> +	/* To mitigate speculative-store-bypass, we only need
> +	 * mitigation for programs that write to memory.  Mark that
> +	 * the program needs mitigation if loaded without
> +	 * CAP_SYS_ADMIN:
> +	 */
> +	if (env->saw_memory_write && !capable(CAP_SYS_ADMIN))
> +		env->prog->need_mitigation = true;

Flag should have a more descriptive name specific to SSB. 
I bet this won't be the last mitigation needed for EBPF :|

-Andi