This is because the Spectre/Meltdown can't be patched with microcode updates, th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

eklitzke on June 22, 2021 | parent | context | favorite | on: Your CPU may have slowed down on Wednesday

This is because the Spectre/Meltdown can't be patched with microcode updates, the mitigations instead use different kernel mechanisms (KPTI for Meltdown, retpolines for Spectre). If the guest kernel for your VM is using these mitigations it will be protected even if the host has mitigations disabled.

Wowfunhappy on June 23, 2021 [–]

And I guess those kernel mechanisms can’t be applied per process? If a hypervisor is required, could, say, JVM do it?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact