[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Do I need update the microcode of virtual machine
From: |
Li Qiang |
Subject: |
[Qemu-devel] Do I need update the microcode of virtual machine |
Date: |
Thu, 18 Jan 2018 18:38:57 +0800 |
Hi Paolo, all,
I have a question about the intel microcode update for spectre variant#2.
>From my understanding, there is no need to update the microcode of VMs
because the kvm has expose the SPEC_CTL and PRED_CMD to the guest.
Also, if we need to update the micorcode in guest, who is the vendor for
this.
>From the hyper-v, I think I'm right.
-->
https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/CVE-2017-5715-and-hyper-v-vms
But upon I update the centos guest, the host kvm/qemu has been updated.
The IBPB_ENABLED and IBRS_ENABLED are both zero if I don't update the
microcode in the guest.
If I update the guest micorcode, the are both 1.
So I want to know, if I should update the microcode in guest.
If the answer is Yes, then what about the Windows guest, how to update the
microcode?
Thanks,
Li Qiang
- [Qemu-devel] Do I need update the microcode of virtual machine,
Li Qiang <=