2018-05-23 18:45 GMT+02:00 WK <wkmail(a)bneit.com>:
On 5/23/2018 7:57 AM, Sandro Bonazzola wrote:
>
>
> Please note that to fully mitigate this vulnerability, system
> administrators must apply both hardware “microcode” updates and software
> patches that enable new functionality.
> At this time, microprocessor microcode will be delivered by the
> individual manufacturers.
>
>
>
Intel has been promising microcode updates since January when Spectre
first appeared and yet except for the very newest CPUs we haven't seen
anything and in the cases of older CPUs, I wonder if we are ever going to
see anything even if Intel has is on their "roadmap"
Can someone shed some light on the vulnerability at this time given we
have no microcode update, but all Kernel/Os updates applied, which
supposedly handle the original Meltdown and some Spectre Variants.
1) Does the unpatched microcode exploit require "root" permissions?
2) Do the existing libvirt/qemu patches prevent a user "root" or
"otherwise" in a VM from snooping on other VMs and/or the host?
Adding Jonathan Masters, author of
https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it...
Maybe he can answer your questions.
Sincerely,
-wk
_______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
--
SANDRO BONAZZOLA
ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D
Red Hat EMEA <
https://www.redhat.com/>
sbonazzo(a)redhat.com
<
https://red.ht/sig>
<
https://redhat.com/summit>