Hello Ai Lim, Thanks for your feedback.. indeed we have not backported the following patch:
commit 20140a82c67467f53814ca197403d5e1b561a5e5 Author: Paolo Bonzini <pbonz...@redhat.com> Date: Thu May 16 15:53:20 2019 target/i386: add MDS-NO feature Microarchitectural Data Sampling is a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers. Some Intel processors use the ARCH_CAP_MDS_NO bit in the IA32_ARCH_CAPABILITIES MSR to report that they are not vulnerable, make it available to guests. Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> Message-Id: <20190516185320.28340-1-pbonz...@redhat.com> Signed-off-by: Eduardo Habkost <ehabk...@redhat.com> The documentation I had: 336996-Speculative-Execution-Side-Channel-Mitigations.pdf, from Intel, showed bits 0-4 only, last feature I had documented for ARCH_CAPABILITIES was SSB_NO. Turns out there is MDS-NO feature, in bit 5, to be backported (Disco & Bionic). Do you know if there is a newer document from Intel showing specs for MDS-NO + ARCH_CAPABILITIES ? Nevertheless, I'll provide you the backports in a PPA, for testing, first thing in my morning. Sorry for missing this one. Best Regards Rafael -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1828495 Title: [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM. To manage notifications about this bug go to: https://bugs.launchpad.net/intel/+bug/1828495/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs