Q: .. do the host as well as the guest need to have Meltdown/Spectre mitigation enabled?
Yes
When these vulnerabilities announced, QEMU posted on "QEMU and the Spectre and Meltdown attacks":
Right now, there are no public patches to KVM that expose the new CPUID bits and MSRs to the virtual machines, therefore there is no urgent need to update QEMU; remember that updating the host kernel is enough to protect the host from malicious guests. Nevertheless, updates will be posted to the qemu-devel mailing list in the next few days, and a 2.11.1 patch release will be released with the fix.
Once updates are provided, live migration to an updated version of QEMU will not be enough to protect guest kernel from guest userspace. Because the virtual CPU has to be changed to one with the new CPUID bits, the guest will have to be restarted.
(05/01/18 — by Paolo Bonzini and Eduardo Habkost: source)
The updates have been available, so, you should proceed with them and enable the mitigation as well on guests.
By QEMU Article "QEMU 2.11.1 and making use of Spectre/Meltdown mitigation for KVM guests":
What is being addressed here is enabling a guest operating system to enable the same (or similar) mitigations to protect itself from unprivileged guest processes running under the guest operating system.
Enabling mitigation features for x86 KVM guests:
For x86 guests there are 2 additional CPU flags associated with Spectre/Meltdown mitigation: spec-ctrl
, and ibpb
:
spec-ctrl
: exposes Indirect Branch Restricted Speculation (IBRS)
ibpb
: exposes Indirect Branch Prediction Barriers
Utilizing this functionality requires guest/host kernel updates, as well as microcode updates for Intel and recent AMD processors. The status of these kernel patches upstream is still in flux, but most supported distros have some form of the patches that is sufficient to make use of the functionality. The current status/availability of microcode updates depends on your CPU architecture/model. Please check with your vendor/distro to confirm these prerequisites are available/installed.
(14/02/18 — by Michael Roth: source)