git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Cyborg][Ironic][Nova][Neutron][TripleO][Cinder] accelerators management


On Wed, Jan 8, 2020 at 8:38 AM <Arkady.Kanevsky at dell.com> wrote:
>
> Jeremy,
> Correct.
> programming devices and  "updating firmware" I count as separate activities.
> Similar to CPU or GPU.
>

Which makes me really wonder, where is that line between the
activities? I guess the worry, from a security standpoint, is
persistent bytecode. I guess I just don't have a good enough
understanding of all the facets in this area to have a sense for that.
:/

> -----Original Message-----
> From: Jeremy Stanley <fungi at yuggoth.org>
> Sent: Tuesday, January 7, 2020 5:52 PM
> To: openstack-discuss at lists.openstack.org
> Subject: Re: [Cyborg][Ironic][Nova][Neutron][TripleO][Cinder] accelerators management
>
> On 2020-01-07 23:17:25 +0000 (+0000), Arkady.Kanevsky at dell.com wrote:
> > It is hard to image that any production env of any customer will allow
> > anybody but administrator to update FW on any device at any time. The
> > security implication are huge.
> [...]
>
> I thought this was precisely the point of exposing FPGA hardware into server instances. Or do you not count programming those as "updating firmware?"
> --
> Jeremy Stanley
>