On 26/02/2018 12:44, Borislav Petkov wrote: >> The guest write is ignored as the original kvm implementation before the patch. > > That will never work because there's no virtualized microcode loader. > Which will be a dumb idea anyway. > > Goes to show that dealing with microcode revisions for a guest is the > wrong approach. I don't understand how one thing follows from the other. How are writes to 0x8B related to having a virtualized microcode loaded (which is a concept that actually makes no sense at all)? > So that's basically what I'm saying - fix apic_check_deadline_errata() > to check whether the kernel runs as a guest. It has already been fixed for a few months, and fixing it is indeed the right thing to do independent of this patch. Paolo
