On Wed, Jan 10, 2018 at 10:52:29 +0100, Pavel Hrdina wrote:
On Tue, Jan 09, 2018 at 11:45:13PM +0100, Jiri Denemark wrote:
This is the libvirt's part of the changes related to CVE-2017-5715. The new models can be used to pass the protective CPU features to guests. But remember, the host CPU microcode, host kernel, QEMU, and libvirt all need to be updated for this to be any useful.
Based on a patch from Paolo Bonzini.
See QEMU patches from Eduardo for more details: https://patchew.org/QEMU/20180109154519.25634-1-ehabkost@redhat.com/
I guess that you will wait with pushing until the QEMU patches are accepted and pushed as well.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Thanks. All QEMU patches except for EPYC-IBPB CPU model are queued in Eduardo's x86-next and a pull request is coming soon. I pushed the first 16 patches, i.e., without EPYC-IBPB. Jirka