Search results

I also see it, but so, there is no need to update bios??

You have enable the virtualization in you cpu parameter bios?

How we can know it? last centos7 kernel have it?

Do you have also updated your VM kernels? or only your HOST kernel? If your VM have "host" cpu configuration, no need to pass this option, it only needed if you have other cpu type configurated.

Actually, I think that I will parshes my proxmox HOST with last proxmox kernel and the same with each VM en centos7, but I will no install dell bios or microcode for variant2... I know that the still an risk of security, but can't give an bad performance service to our client solving the...

Fabian, PCID is not since 4.14 kernel?

All our VM are centos7/cloudlinux7 in our case.

Hope that the next week I will be able to test proxmox new kernel with VM new kernel also...

Ufff, so finally better not parching proxmox kernel????

One more things.. PCID seem working only on kernel 4.14... the last proxmox kernel is 4.13.X... this feature is correctly implement in proxmox kernel?

@fabian Ok for kernel, we will try to do it ASAP :-S About PCID, I confirm that this last pve-manager, option is present! I can't really test it because it's an test microserver (Atom c2750) that not have this feature. pveversion -v proxmox-ve: 5.1-35 (running kernel: 4.13.13-4-pve)...

About PCID, it's the same as PTI? or it's an confusion that I have do? About PTI online seem have put graph : https://blog.online.net/2018/01/03/important-note-about-the-security-flaw-impacting-arm-intel-hardware/

Hello Fabian Also if GUEST have kernel updated, HOST it's so vulnerable? I doubt to update yet HOST because for now, only 1 of 3 variant seem be solved on it. About PCID, do you really sure that is better to enable it? Online seem proove that's not the case. Thanks for your help.

The situation is still not clear... In our case, we will just update guest kernel for now that not seem have performance impact but not solve all spectre variant. I will not update HOST for now, waiting to see what we really had to do or what is the better we can do to lower impact performance...

@fabian You resume perfectly the actual situation when saying "that no-one will do it" So basically we had to update kernel host and guest and nothing more? I also don't want assume an 30%, 20 or 15% of loose performance impact....

So performance are poor with PTI than without PTI on guest CPU??

So, today, the status is this one ? intel CPU : - GUEST can have 2 of 3 variant solved - HOST only one... AMD CPU - GUEST and HOST can have 2 of 3 variant solved

Don't worry, this is effectively 2 distinct things... so, in centos : - There is absolutely no way to expend online an partition on same disk (no in ext4 and no in lvm), only can be done offline by iso gparted for exemple. - The only option to do it online (is what I have tested yet in some VM)...

With lvm, I can add without any problem an disk, and extend volume using this new disk... I have test it and work without any problem in centos7...

Difference intel/amd grrrr...