On Mon, Jan 08, 2018 at 04:07:53PM -0600, Eric Blake wrote: > On 01/08/2018 02:03 PM, Stefan Priebe - Profihost AG wrote: > > Hello, > > > > for meltdown mitigation and performance it's important to have the pcid > > flag passed down to the guest (f.e. > > https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU). > > Indeed; you are still waiting on the qemu patch mentioned here: > https://www.qemu.org/2018/01/04/spectre/ > > which is still undergoing the review process, but should be up (in the > form of 2.11.1) "in the next few days".
There's two different things here. The Spectre patch you mention is about exposing a new CPUID feature 'ibrs' that is added to fix Spectre. The 'pcid' feature Stefan mentions is a pre-existing feature that is not a security fix, but rather a way to improve the performance when the KAISER/KPTI patches are enabled for Meltdown. 'pcid' is available in QEMU's Haswell, Broadwell & Skylake based CPU models by default. For other named CPU models, you can turn it on using ',+pcid' after the model name. eg '-cpu Westmere,+pcid' (as long as your host supports it of course) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
