From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 2 Nov 2021 00:25:09 +0000 (-0700)
Subject: Merge tag 'seccomp-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees... 
X-Git-Tag: v5.19~1974
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=a5a9e006059e7ac1af3df57d6d7c53e385da5deb;p=mirror_ubuntu-kernels.git

Merge tag 'seccomp-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull seccomp updates from Kees Cook:
 "These are x86-specific, but I carried these since they're also
  seccomp-specific.

  This flips the defaults for spec_store_bypass_disable and
  spectre_v2_user from "seccomp" to "prctl", as enough time has passed
  to allow system owners to have updated the defensive stances of their
  various workloads, and it's long overdue to unpessimize seccomp
  threads.

  Extensive rationale and details are in Andrea's main patch.

  Summary:

   - set spec_store_bypass_disable & spectre_v2_user to prctl (Andrea Arcangeli)"

* tag 'seccomp-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  x86: deduplicate the spectre_v2_user documentation
  x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl
---

a5a9e006059e7ac1af3df57d6d7c53e385da5deb