worry more about the fixes than the problems
The risk involved with any of these side channel attacks are so tiny for 98% of the systems out there. I suppose the one place where one might need to be more concerned is if you are a service provider with multiple customers on the same systems. Otherwise if you have control of your workloads there really isn't much to worry about, there's far bigger threats out there than side channel and will be forever, and there will always be some new side channel attack about to be discovered because security folks want to be famous regardless of how limited in scope the issue is. Meanwhile the fixes for these problems cause their own problems whether it's performance or stability issues.
I would like it if there was a simple bios setting to disable these side channel fixes so you could install new microcode for OTHER fixes but keep the side channel stuff disabled. I run all my linux systems with "spectre_v2=off nopti" kernel settings(which may or may not be enough), and most of my systems are quite old at this point(Xeon E5-2699 v4 are my newest) and I have intentionally not updated firmware in many cases to avoid these fixes. Have read too many horror stories about them. I also have gone the extra mile (so far anyway) to exclude microcode updates from vSphere 6.5 (yes still running that) updates.
It's nice to have the fixes for people who are super paranoid and really want them, but also nice to have easy to use options for folks to opt out of them if they desire.
Biting the hand that feeds IT
