2018-05-23 18:45 GMT+02:00 WK <wkm...@bneit.com>: > > > On 5/23/2018 7:57 AM, Sandro Bonazzola wrote: > >> >> >> Please note that to fully mitigate this vulnerability, system >> administrators must apply both hardware “microcode” updates and software >> patches that enable new functionality. >> At this time, microprocessor microcode will be delivered by the >> individual manufacturers. >> >> >> > Intel has been promising microcode updates since January when Spectre > first appeared and yet except for the very newest CPUs we haven't seen > anything and in the cases of older CPUs, I wonder if we are ever going to > see anything even if Intel has is on their "roadmap" > > Can someone shed some light on the vulnerability at this time given we > have no microcode update, but all Kernel/Os updates applied, which > supposedly handle the original Meltdown and some Spectre Variants. > > 1) Does the unpatched microcode exploit require "root" permissions? > > 2) Do the existing libvirt/qemu patches prevent a user "root" or > "otherwise" in a VM from snooping on other VMs and/or the host? > > Adding Jonathan Masters, author of https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works Maybe he can answer your questions.
> Sincerely, > > -wk > > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > -- SANDRO BONAZZOLA ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D Red Hat EMEA <https://www.redhat.com/> sbona...@redhat.com <https://red.ht/sig> <https://redhat.com/summit>
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org