On Mon, 2018-10-29 at 15:56 +0100, Peter Dreuw wrote: > Am 26.10.18 um 14:48 schrieb Ben Hutchings: > > On Thu, 2018-10-25 at 11:32 +0200, Peter Dreuw wrote: > > > Am 25.10.18 um 10:08 schrieb Peter Dreuw: > > > may one point to make it clear, tho it might be obvious to most of you: > > > > > > We can apply fixes to the original Xen 4.4 version and have done > > > everything possible - without a fixed kernel, there is no mitigation of > > > spectre/meltdown. > > By "kernel", do you mean the Xen kernel or the guest kernel? > Both. > > The Linux > > kernel in jessie does have mitigations for Meltdown (amd64 only), > > Spectre variants 1 and 2, and several other speculation issues. > You are talking of the 4.9 kernel package, aren't you? [...] No. Almost all the same mitigations are in the default Linux 3.16 kernel. The major missing piece at the moment is L1TF mitigation for KVM. Ben. -- Ben Hutchings The Peter principle: In a hierarchy, every employee tends to rise to their level of incompetence.
Attachment:
signature.asc
Description: This is a digitally signed message part