<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi,</p>
<p>with regards Intels L1TF vulnerabilities, it seems they are
somewhat non-committal on whether turning off HyperThreading is
required, suggesting people
<blockquote type="cite">Consult with your hypervisor vendor for
more guidance.</blockquote>
<a moz-do-not-send="true"
href="https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html#faq-answers-10-0">https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html#faq-answers-10-0</a></p>
<p>What is the consensus in the Libvirt community about the risks
(or not) of leaving Hyperthreading enabled? After updates my
hosts are showing they have conditional cache flushing enabled yet
still report as "SMT vulnerable":</p>
<p>root@trk-kvm-03:~# cat
/sys/devices/system/cpu/vulnerabilities/l1tf<br>
Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
vulnerable<br>
</p>
<p>Thoughts?<br>
</p>
<div class="moz-signature">-- <br>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title></title>
<p><b>Paul O'Rorke</b><br>
<b>Tracker Software Products (Canada) Limited </b><br>
<a href="http://www.tracker-software.com/">www.tracker-software.com</a><br>
Tel:
+1 (250) 324 1621<br>
Fax: +1 (250) 324 1623<br>
<br>
<a href="http://www.tracker-software.com/"> <img
src="https://www.tracker-software.com/fckfiles/image/images/resellers/logo/TrackerSofwareProducts_Logo_330x100.png"
name="image.png" align="bottom" width="198" border="0"
height="60">
</a>
<br>
<br>
Support:
<br>
<a href="http://www.tracker-software.com/support">http://www.tracker-software.com/support
</a><br>
Download latest Releases
<br>
<a href="http://www.tracker-software.com/downloads/">http://www.tracker-software.com/downloads/</a></p>
<p><br>
<br>
</p>
<p style="margin-bottom: 0cm; line-height: 100%"><br>
</p>
</div>
</body>
</html>