diff options
Diffstat (limited to 'chromium/sandbox/features.gni')
| -rw-r--r-- | chromium/sandbox/features.gni | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/chromium/sandbox/features.gni b/chromium/sandbox/features.gni index 09280d35f6a..46c8a03f45e 100644 --- a/chromium/sandbox/features.gni +++ b/chromium/sandbox/features.gni @@ -14,3 +14,8 @@ use_seccomp_bpf = (is_linux || is_android) && current_cpu == "mipsel" || current_cpu == "mips64el") use_seccomp_bpf = use_seccomp_bpf || is_nacl_nonsfi + +# SSBD (Speculative Store Bypass Disable) is a mitigation of Spectre Variant 4. +# As Spectre Variant 4 can be mitigated by site isolation, opt-out SSBD on site +# isolation fully applied platform. +disable_seccomp_ssbd = use_seccomp_bpf && !is_android |