Comment 15 for bug 1761372

You could use this bug as well as I want to remind you that you need Ubuntu Releases as well as a set of Ubuntu Cloud Archive targets - like bug 1744882 essentially.

But THIS bug here is just about the addtion of a easy-to-use-enable-all-workarounds machine type.
This is
a) likely not happening to modify/add those machine types for all the former releases
   (at least I'd object atm)
   Post-adding such types would mean add all those types to all releases like a huge
   matrix, which for a convenience "enable all types" change is not a valid tradeoff.
   There "cap-cfpc=workaround,cap-sbbc=workaround,cap-ibs=fixed" is ok to be used instead of
   -M pseris-<release>-sxxm - both is a change of configs and one is not harder than the other.
   But in terms of extra types to maintain it absolutely is.
   So nack to "backport the -sxxm type"

b) This is not what you actually want which is the code that makes it possible to set those.
   So like "3dc1227 target/ppc/spapr_caps: Add new tristate cap safe_cache"
   Which was not part of this request.
   IMHO what you want is the security backport of the actual spectre/meltdown related features.
   What is in 2.11.1 as you find it here [1] and covered here [2]

I didn't find a security tracker or bug for it, but that would be the right bug to drive for SRUs into older releases not this ticket here.

I'll ping mdeslaur who likely worked or works on the actual security fixes backport and might know the right bug for you.

[1]: https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
[2]: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5715.html