search for: spectre_v1

Does anyone know if Red Hat are working on backporting improved mitigation techniques and features from newer, 4.14.14+ kernels? $ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline $

...lush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc arch_perfmon rep_good nopl nonstop_tsc pni pclmulqdq monitor est ssse3 cx16 sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm fsgsbase erms xsaveopt dtherm ida arat pln pts bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds You will note that there is a lack of flags for ssbd, spec_ctrl, intel_stibp, flush_l1d, ibrs, etc. # for i in /sys/devices/system/cpu/vulnerabilities/* ; do echo -n "$i : "; cat $i ; done /sys/devices/system/cpu/vulnerabilities/l1tf : Mitigation: P...

...r ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm cpuid_fault epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts flush_l1d bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf This results on my cpu being detected, if I allow host copy, as AMD chip and the guest becomes unbearably slow. The model of the host cpu is correct. I'm using Debian testing/unstable. Compiled against library: libvirt 4.7.0 Using library: libvirt 4.7.0 Using...