@UCA-Team I'm also subscribing the UCA Team as I personally only know about [1] which allows you to use named CPU models.
I expect there already is some general pattern established to handle e.g. the older MDS which if you look at "Configuration as a Hypervisor" at [2] also needs such <feature...> entries to be configured through libvirt. Eventually dropping hle/rtm is no different than adding md-clear back then. @UCATeam - How would in a OS/Charm world one add/disable individual cpu features? Could you outline how this is handled today so we might consider adapting the same for hle/rtm? [1]: https://wiki.openstack.org/wiki/LibvirtXMLCPUModel [2]: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853200 Title: cpu features hle and rtm disabled for security are present in /usr/share/libvirt/cpu_map.xml To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1853200/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs