bhyve MDS / TAA CPU bug present and SMT on, data leak possible.

[ZioMario]

Hello.

I gave a look at the dmesg messages present on Ubuntu 21.10 virtualized with bhyve and I read this :

[    0.143942] smpboot: CPU0: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz (family: 0x6, model: 0x9e, stepping: 0xd)
[    0.144025] Performance Events: unsupported p6 CPU model 158 no PMU driver, software events only.
[ 0.144043] rcu: Hierarchical SRCU implementation.
[    0.144318] NMI watchdog: Perf NMI watchdog permanently disabled
[    0.144348] smp: Bringing up secondary CPUs ...
[    0.144413] x86: Booting SMP configuration:
[    0.144414] .... node  #0, CPUs:      #1
[ 0.146712] MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html fo
r more details.
[ 0.146712] TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_a
bort.html for more details.
[ 0.146712] #2 #3

and most importantly,here : https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html

Best effort mitigation mode​

If the processor is vulnerable, but the availability of the microcode based mitigation mechanism is not advertised via CPUID the kernel selects a best effort mitigation mode. This mode invokes the mitigation instructions without a guarantee that they clear the CPU buffers.
This is done to address virtualization scenarios where the host has the microcode update applied, but the hypervisor is not yet updated to expose the CPUID to the guest. If the host has updated microcode the protection takes effect otherwise a few cpu cycles are wasted pointlessly.
The state in the mds sysfs file reflects this situation accordingly.

So,the question that I want to ask is easy to guess : is the Ubuntu virtualized with bhyve exposed to these bugs ?