cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Kudryavtsev <kudryavtsev...@bw-sw.com>
Subject Re: CVE-2017-5754: perofmance levels after patching the kernel
Date Sat, 06 Jan 2018 04:38:11 GMT
Hi, Vladimir.

I have built and upgraded dev cloud to 4.14.11 with KPTI backported and it
works well, unfortunately haven't tested performance impact, but Phoronix
shows it's acceptable and more to say, we don't have other choice... But,
as I see the situation now is not completely mitigated and current patch
protects hv from vm and vm from vm, but we also have to upgrade cpu
microcode (I haven't found one yet at Intel), qemu to support new (cpuid
and registers) and KVM itself. Qemu community sais that no patches for kvm
released yet too. So, assuming that every product has to be upgraded it's
worth waiting jan, 9 when major vendors release all the fixes (I believe
they do)...

5 янв. 2018 г. 20:53 пользователь "Vladimir Melnik" <v.melnik@uplink.ua>
написал:

> Dear colleagues,
>
> Have you already upgraded? How do KVM-driven virtual machines feel? Did
> you measure or observe any changes? What does your Zabbix/Munin/etc. show?
>
> Thanks for sharing your experience.
>
> --
> Best regards,
> V.Melnyk
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message