On 05/01/2018 11:40, Stefan Priebe - Profihost AG wrote: > Thanks! But it‘s very difficult to get all opinions all together. > > SuSE Enterprise told me to update: > - kernel > - qemu > - Intel microcode > > And the released already updates for all of them.
Yes, but live migrate an updated guest from updated to non-updated host and you'll have a bad surprise. Paolo > Stefan > > Excuse my typo sent from my mobile phone. > > Am 05.01.2018 um 09:33 schrieb Paolo Bonzini <pbonz...@redhat.com > <mailto:pbonz...@redhat.com>>: > >> On 04/01/2018 21:15, Stefan Priebe - Profihost AG wrote: >>> attached the relevant patch for everybody who needs it. >> >> This is the original patch from Intel, which doesn't work unless you >> have a patched kernel (which you almost certainly don't have) and >> doesn't even warn you about that. >> >> In other words, it's rubbish. Please read >> https://www.qemu.org/2018/01/04/spectre/ several times, until you >> understand why there is no urgent need to update QEMU. >> >> Days are 24 hours for QEMU developers just like for you (and believe me, >> we wished several times that they weren't during the last two months). >> We are prioritizing the fixes according to their effect in mitigating >> the vulnerability, their applicability and the availability of patches >> to the lower levels of the stack. Right now, the most urgent part is >> the simple mitigations that can go in Linux 4.15 and stable kernels. >> >> Paolo
