Hi Eric, First off welcome to OpenStack! Generally for security related questions we use the OpenStack-dev mailing list and preface the subject with a [Security] tag.
One of the functions of a hypervisor is to ensure proper isolation of tenant VMs. That being said I highly recommend deploying some kind of mandatory access control system as a fail-safe. Two leading MAC solutions with good QEMU support are AppArmor and SELinux. The MAC controls that apply specifically to the hypervisor are known as sVirt. When QEMU launches a virutal machine it does so in a separate process. sVirt ensures that each process is only allowed to access its own resources. The net result is that if a hypervisor breakout occurs (code within the virutal machine process is able to access resources on the host system) it is still only able to access a limited set of resources on the host system. I will also add this thread on OpenStack-dev so that others can chime in if they have any good pointers. Thanks, -Travis >Hi all, >I'm a new guy using Openstack and want to know how to well isolate VMs >when >it instanced by the hypervisor. This is avoid attack by covert channel.
smime.p7s
Description: S/MIME cryptographic signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev