[pve-devel] Updated qemu pkg needed for Meltdown and Spectre?
Alexandre DERUMIER
aderumier at odiso.com
Wed Jan 10 07:01:32 CET 2018
also on ovh doc, pretty good information for each cve
https://docs.ovh.com/fr/dedicated/information-about-meltdown-spectre-vulnerability-fixes/
----- Mail original -----
De: "aderumier" <aderumier at odiso.com>
À: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Mercredi 10 Janvier 2018 05:02:16
Objet: Re: [pve-devel] Updated qemu pkg needed for Meltdown and Spectre?
Hi, I have found a nice wiki, updated each day with infos about with new patches for spectre/meltown (kernel , kvm, microcode , ...)
https://github.com/hannob/meltdownspectre-patches
----- Mail original -----
De: "Waschbüsch IT-Services GmbH" <service at waschbuesch.it>
À: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Samedi 6 Janvier 2018 09:24:01
Objet: Re: [pve-devel] Updated qemu pkg needed for Meltdown and Spectre?
> Am 05.01.2018 um 21:41 schrieb Fabian Grünbichler <f.gruenbichler at proxmox.com>:
>
> On Fri, Jan 05, 2018 at 06:50:33PM +0100, Waschbüsch IT-Services GmbH wrote:
>>
>> AFAIK Meltdown is only affecting Intel (& ARM), but not AMD - see 'Forcing direct cache loads' here:
>>
>> https://lwn.net/SubscriberLink/742702/83606d2d267c0193/ <https://lwn.net/SubscriberLink/742702/83606d2d267c0193/> <https://lwn.net/SubscriberLink/742702/83606d2d267c0193/ <https://lwn.net/SubscriberLink/742702/83606d2d267c0193/>>
>>
>> Does anyone know if the current patching efforts will differentiate between Intel and AMD x86-64 offerings?
>>
>> I would hate to update kernels with these patches unless my systems are indeed affected.
>> Not because of possible performance impacts, mind, but because of stability.
>> I just feel it in my bones this major intervention is going to introduce regressions... :-(
>
> the Meltdown fix (KPTI) is disabled on AMD by default (and also
> possible to disable using a kernel parameter on all platforms).
>
> the (planned) Spectre fixes (Retpoline, IBRS and IBPB) are for all/most
> platforms and vendors, some of them will likely be exposed as kernel
> parameters, but some of them will likely only available as compile time
> options or not tunable at all.
Thanks! That is very good to know.
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list