There are two CPU flags related to the Meltdown and Spectre vulnerabilities which need to be set manually unless the selected CPU type of your VM already enables them by default. pcid, helps to reduce the performance impact of the Meltdown mitigation called Kernel Page-Table Isolation (KPTI), which effectively hides the Kernel memory from the user space. Without PCID, KPTI is quite an expensive mechanism. spec-ctrl, which allows an operating system to selectively disable or restrict speculative execution in order to limit the ability of attackers to exploit the Spectre vulnerability. Firmware 1.04 have implemented fix for Spectre. If pcid flag try to be activated: Code: vm: warning: host doesn't support requested feature: CPUID.01H:ECX.pcid [bit 17] kvm: Host doesn't support requested features Any plans to get the PCID Flag implemented? On this "small" systems optimization are critical to achieve performance! Reference https://pve.proxmox.com/wiki/Qemu/KVM_Virtual_Machines
