mitigations

I've noticed that switching from kvm64 CPU to x86-64-v2-AES or host slows down Windows guest insanely on Intel(R) Xeon(R) CPU E5-2650 v2 @ 2.60GHz host. Choose CPU:

• ivybridge CPU mark 4236 but user experience slower than kvm64
• ivybridge-IBRS - (Adds only spec-ctrl) for security.
• x86-64-v2-AES
• kvm64 CPU mark 4030
• host + hv-passthroughCPU mark 4249
• host - insanely slow!!! CPU mark 2750

The spec-ctrl KVM feature is a CPU flag passed to virtual machines (VMs) to enable indirect branch restricted speculation (IBRS) and indirect branch prediction barrier (IBPB) support, mitigating Spectre v2 vulnerabilities. It allows guests to utilize hardware-level security, requiring microcode/BIOS updates on the host

Mitigations can be disabled in Windows guest using this tool:

InSpectre

Or:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f