Hi Paolo, all, I have a question about the intel microcode update for spectre variant#2. >From my understanding, there is no need to update the microcode of VMs because the kvm has expose the SPEC_CTL and PRED_CMD to the guest. Also, if we need to update the micorcode in guest, who is the vendor for this. >From the hyper-v, I think I'm right. --> https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/CVE-2017-5715-and-hyper-v-vms
But upon I update the centos guest, the host kvm/qemu has been updated. The IBPB_ENABLED and IBRS_ENABLED are both zero if I don't update the microcode in the guest. If I update the guest micorcode, the are both 1. So I want to know, if I should update the microcode in guest. If the answer is Yes, then what about the Windows guest, how to update the microcode? Thanks, Li Qiang
