CVE-2017-5753
CVE-2017-5715

To reduce overhead of setting IBPB, we only do that when
the new thread cannot ptrace the current one.  If the new
thread has ptrace capability on current thread, it is safe.
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
(backported from commit 294ed6288a44f78781cf33cc9de32c50630c1646)
Signed-off-by: Andy Whitcroft <apw@canonical.com>