Hi Darshan, I believe you are referring to the recent Foreshadow / l1tf vulnerability? If that's the case OpenStack compute workloads are protected with all relevant to the specific hypervisor type mechanisms. AFAIK OpenStack at this moment supports KVM-Qemu, Xen, vSphere/ESXI and Hyper-V hypervisors. All of the above hypervisors offer side channel protection mechanisms implementations. You can also consult OpenStack Security Guide, compute sections seems to be most relevant to the question you raised, https://docs.openstack.org/security-guide/compute.html
HTH, On Fri, Aug 24, 2018 at 7:35 AM Darshan Tank <dmt...@gmail.com> wrote: > Dear Sir, > > I would like to know, whether cache-based cross-VM side channel attacks > are possible in OpenStack VM or not ? > > If the answer of above question is no, then what are the mechanisms > employed in OpenStack to prevent or to mitigate such types of security > threats? > > I'm looking forward to hearing from you. > > Thanks in advance for your support. > > With Warm Regards, > *Darshan Tank * > > [image: Please consider the environment before printing] > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Adam Heczko Security Engineer @ Mirantis Inc.
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
