This is old, but talks about other possible problems with xen changing the CPUID: https://xenbits.xen.org/people/andrewcoop/2016-Summit/cpuidlevel.pdf
I didn’t fully read your thread, but wanted to make sure that you know that the instructions ( xl.cfg - xl domain configuration file syntax ) say that you can add “cpuid=” to
/etc/libvirt/libxl/{qube name}.cfg
/etc/libvirt/libxl/{qube name}.cfg is auto-generated, so you would probably want to change the template (which i believe is /usr/share/qubes/templates/libvirt/xen.xml , but don’t quote me on that one)
Changing the template should change it for all the VMs except dom0 (which would be a good thing, so that dom0 knows what the actual processor bugs are)
There is also a way to change the template for a specific VM, but i don’t remember how at the moment. (it might be a new 4.2 feature?)
Anyway, I have not done this myself, but am interested in privacy enhancements, so wanted to make sure you knew about this.
If your up for it, you could try doing it yourself and see how it goes, and if it works, then create a “How to set your CPUID for a AppVM Guide”, getting other people on board and possibly ending up with a well tested procedure after a while.
Good luck!