I'm a proxmox beginner here, and just installed proxmox on a similar CPU: 'i7-3615QM'
It's a home system, and I was thinking of running pfSense in a container - as a kind of router-on-a-stick, as well as using it for some self-education.
The CPU vulnerabilities are:
I'm concerned that it may be mitigated into uselessness. The first line, and the fact the IOMMU mapping is disabled concern me, but I don't know enough yet to work out if I'm wasting my time.
Cheers...
It's a home system, and I was thinking of running pfSense in a container - as a kind of router-on-a-stick, as well as using it for some self-education.
The CPU vulnerabilities are:
Vulnerability Itlb multihit: KVM: Mitigation: VMX disabled
Vulnerability L1tf: Mitigation; PTE Inversion; VMX conditional cache flushes, SMT vulnerable
Vulnerability Mds: Mitigation; Clear CPU buffers; SMT vulnerable
Vulnerability Meltdown: Mitigation; PTI
Vulnerability Mmio stale data: Unknown: No mitigations
Vulnerability Retbleed: Not affected
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2: Mitigation; Retpolines, IBPB conditional, IBRS_FW, STIBP conditional, RSB filling, PBRSB-e
IBRS Not affected
Vulnerability Srbds: Vulnerable: No micI'm concerned that it may be mitigated into uselessness. The first line, and the fact the IOMMU mapping is disabled concern me, but I don't know enough yet to work out if I'm wasting my time.
Cheers...