Good Lord, the questions are not exactly worthy of the talk on SPECTRE/MELTDOWN...
@cynicalsecurity If I understand his explanation of Spectre 2 correctly, openbsd's vmm is immune.
IIUC, it depends on the guest's memory being part of the kernel (I am assuming that is true in kvm). In openbsd, the guest's memory is in the vmd user process, not the kernel.
@phessler @cynicalsecurity I don’t think its that simple. It is true that you can only read the memory that has mappings in the kernel but you can still extract interesting information, e.g. register values of other guests etc.
See also Udo’s (author of NOVA microkernel& former (?) Intel employe) comments on the Genode Mailing list:
"Also, guest memory is mapped in the hypervisor. So while the hypervisor and the guest don't share their virtual address space the hypervisor has a separate mapping of all the pages you have in the guest."
@cynicalsecurity @phessler "This means that if you can figure out where this mapping in the hypervisor is you can place guest-controlled data in memory in the hypervisor and then reference this memory from the instructions that you are transiently executing to get even more control over the execution in the hypervisor."