15:01:48 #startmeeting security 15:01:49 Meeting started Thu Mar 15 15:01:48 2018 UTC and is due to finish in 60 minutes. The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:51 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:54 The meeting name has been set to 'security' 15:02:38 o/ 15:02:51 #link https://etherpad.openstack.org/p/security-agenda 15:03:04 anyone around? 15:04:28 o/ 15:04:42 ttx o/ 15:04:52 lhinds fungi eeiden 15:04:59 I think lhinds won't make it today 15:05:04 sorry I'm attending two meetings at the same time, so let me know when my topic starts :) 15:05:35 That's all good, can definitely catch up later 15:05:38 you can go now if you'd like, I think the first two topics don't have much to cover 15:06:03 otherwise with short attendance we can push to next week when lhinds is back 15:06:11 eeiden ok 15:07:26 #topic Keystone Threat Analysis 15:07:50 I need to do that still, move the findings to the patchset for the analysis doc 15:08:00 * gagehugo puts it on his todo list 15:08:12 #topic Spectre/Meltdown mitigation 15:08:15 ttx o/ 15:09:02 o/ 15:09:18 This is from the discussion at the PTG right? 15:09:22 OK just a quick update on actions I said I'd do at the PTG 15:09:34 ok cool 15:09:45 I reached out to kashyap regarding te exposure of PCID CPU capabilities 15:09:57 He confirmed he had it covered 15:10:30 I also reached out to jaypipes regarding the option of running the scheduler in a "One tenant per host" granularity mode 15:10:37 i am around, but paying closer attention in the tc office hour 15:10:47 fungi o/ ok 15:11:04 The discussion on that was a bit disrupted by #snowpenstack 15:11:09 heh 15:11:18 He said it was possible but tricky, and future work could facilitate it 15:11:34 hmm ok 15:11:42 i don't think we need to concern ourselves (as the Security SIG) much more at that stage 15:12:17 maybe worth keeping an eye on for now at least? 15:12:26 Just a general need to keep up with what's happening in that area and making sure the openstack community is aware of the situation / optimizations available 15:12:51 ok 15:14:07 ttx I'll put some notes down to be aware 15:15:06 thanks! 15:15:21 #topic LCOO 15:15:32 I think I'd like to have lhinds in for this, can move to next week 15:16:29 #topic Performance loss mitigation 15:17:27 this seems like the same topic as spectre/meltdown 15:17:36 yeah 15:17:56 #topic Bandit 15:18:05 not sure if browne is around 15:18:19 couple ps up for review 15:18:27 otherwise not much updates 15:18:43 #topic Tatu Update 15:19:20 Not sure what Pino's irc is or if he is here? 15:20:03 #topic OSSN 15:20:42 heh 15:21:22 don't think there's any updates here 15:21:50 #topic VMT 15:22:02 same as before, I will update the keystonemiddleware doc 15:22:24 #topic General Discussion 15:22:46 Does anyone have anything else? 15:22:52 otherwise will end a bit early 15:25:09 thanks everyone! 15:25:15 #endmeeting