> ssbd
> md-clear
> bpb
> ibrs-all
> rdctl-no
> rsba
> skip-l1dfl-vmentry
>
> I guess that we will have to backport this support in libvirt, in order
> to allow QEMU to pick specific CPU mitigation flags.
Those are not all missing at least. I have seen ssbd and md-clear for
sure in Bionic e.g. for the latter coming with
ubuntu/bionic-4.0:debian/patches/md-clear.patch
In the context of this bug we will take a look at arch_capabilities
and if some of the others are low hanging fruits.
Quite often - but not always - for libvirt it is just a CPU bit
definition, but as we know e.g. arch_cap is more complex.
> ssbd
> md-clear
> bpb
> ibrs-all
> rdctl-no
> rsba
> skip-l1dfl-vmentry
>
> I guess that we will have to backport this support in libvirt, in order
> to allow QEMU to pick specific CPU mitigation flags.
Those are not all missing at least. I have seen ssbd and md-clear for bionic- 4.0:debian/ patches/ md-clear. patch
sure in Bionic e.g. for the latter coming with
ubuntu/
In the context of this bug we will take a look at arch_capabilities
and if some of the others are low hanging fruits.
Quite often - but not always - for libvirt it is just a CPU bit
definition, but as we know e.g. arch_cap is more complex.