At the moment I pass thru all CPU flags from the host to the guest to allow the guest kernel spectre/meltdown protections to kick in. Restricting this info to root is a great step.
Also preventing unprivileged processes from enumerating info from /proc/pid does make it harder for rowhammer attacks: