A Libvirt lead dev recommends passing thru the host CPU config to enable meltdown and spectre mitigations for guests (They are already mitigated on patched hosts). I think this is very important.
I already allow the GW full passthrough since its trusted. I would like to do the same for WS since hiding host CPU info is ineffective since it can be easily discovered by benchmarking. With this config change it should be no different than the state of Xen guests currently. I can still blacklist problematic instructions like tsc with this too.
https://www.berrange.com/posts/2018/06/29/cpu-model-configuration-for-qemu-kvm-on-x86-hosts/