Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

On 05/01/2018 11:40, Stefan Priebe - Profihost AG wrote: > Thanks! But it‘s very difficult to get all opinions all together. > > SuSE Enterprise told me to update: > - kernel > - qemu > - Intel microcode > > And the released already updates for all of them. Yes, but live migrate an updated guest

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

Thanks! But it‘s very difficult to get all opinions all together. SuSE Enterprise told me to update: - kernel - qemu - Intel microcode And the released already updates for all of them. Stefan Excuse my typo sent from my mobile phone. > Am 05.01.2018 um 09:33 schrieb Paolo Bonzini : > >> On 04

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

On 04/01/2018 21:15, Stefan Priebe - Profihost AG wrote: > attached the relevant patch for everybody who needs it. This is the original patch from Intel, which doesn't work unless you have a patched kernel (which you almost certainly don't have) and doesn't even warn you about that. In other word

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

need: >> 1.) intel / amd cpu microcode update >> 2.) qemu update to pass the new MSR and CPU flags from the microcode update >> 3.) host kernel update >> 4.) guest kernel update >> >> The microcode update and the kernel update is publicly available but i

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

t;> Can anybody point me to the relevant qemu patches? >> >> I don't have find them yet. >> >> Do you known if a vm using kvm64 cpu model is protected or not ? >> >> - Mail original - >> De: "Stefan Priebe, Profihost AG" >>

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

Nobody? Is this something they did on their own? Stefan Am 04.01.2018 um 07:27 schrieb Stefan Priebe - Profihost AG: > Hello, > > i've seen some vendors have updated qemu regarding meltdown / spectre. > > f.e.: > > CVE-2017-5715: QEMU was updated to allow passing through new MSR and > CP

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

ilable but i'm > missing the qemu one. > > Greets, > Stefan > >> - Mail original - >> De: "aderumier" >> À: "Stefan Priebe, Profihost AG" >> Cc: "qemu-devel" >> Envoyé: Jeudi 4 Janvier 2018 08:24:34

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

- Mail original - De: "Stefan Priebe, Profihost AG" À: "aderumier" Cc: "qemu-devel" Envoyé: Jeudi 4 Janvier 2018 09:17:41 Objet: Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches Am 04.01.2018 um 08:27 schrieb Alexandre DERUMIER: > does s

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

e update and the kernel update is publicly available but i'm missing the qemu one. Greets, Stefan > - Mail original - > De: "aderumier" > À: "Stefan Priebe, Profihost AG" > Cc: "qemu-devel" > Envoyé: Jeudi 4 Janvier 2018 08:24:34 > Ob

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

host AG" Cc: "qemu-devel" Envoyé: Jeudi 4 Janvier 2018 08:24:34 Objet: Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches >>Can anybody point me to the relevant qemu patches? I don't have find them yet. Do you known if a vm using kvm64 cpu model is protected or no

Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches

>>Can anybody point me to the relevant qemu patches? I don't have find them yet. Do you known if a vm using kvm64 cpu model is protected or not ? - Mail original - De: "Stefan Priebe, Profihost AG" À: "qemu-devel" Envoyé: Jeudi 4 Janvier 2018 07:27:

[Qemu-devel] CVE-2017-5715: relevant qemu patches

Hello, i've seen some vendors have updated qemu regarding meltdown / spectre. f.e.: CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling branch prediction features in the Intel CPU. (bsc#1068032) Can