Optimism is what I have control over :P.
Realistically looking into the problem it seems that KVM is well positioned to deal with this problem more so than XEN or vSphere. Looking at the white pages it seems any attack would require not only an outdated kernel (which is possible but unlikely as it’s Google’s entire business model when it comes to GCP) but also hours of suspicious activity on a typically IaaS hardware.
I understand the concern over trust but realistically modern application are so complicated (I’m talking Nextflix scale things) that you need to outsource some responsibility. I’m comfortable with the likes of AWS and Google dealing with hypervisor level security.
That said: Google did let their load balancer service go down for 18 hours in a row last year…
