Excerpts from Alan Kavanagh's message of 2014-01-16 20:28:05 -0800: > +1....makes sense to me. I will write up a Blueprint for this for review in > Ironic and we take it from their. > > I don't see this as evil firmware, more a good process we need to automate as > part of sanity checks before taking a leased baremetal back and making it > available in the pool again, imho. Or do others see it differently, if so > would like to hear so. >
I think the effort that will go into chasing every piece of firmware and block of NVRAM where malicious tenants can stuff exploits would be better spent improving the performance of virtualization. I have no data to prove this. However what strikes me is that we _know_ how virtualization interacts with the hardware, and can control PCI pass through and other potential places for malicious users to try and plant malware for the next tenant. I have no idea what firmware does, as much of it is just opaque binary blobs, and thus I have no idea what secondary parts of the hardware it may expect to be in a certain state that a bad actor may take advantage of. If hardware vendors will stand by an automated way to do factory resets, then perhaps that would be something Ironic could enable. But even that becomes problematic.. because you want to factory reset everything.. and then you need the factory defaults to be secure enough where you can use them to re-initialize the hardware. _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
