On Wed, Jan 8, 2020 at 8:38 AM <Arkady.Kanevsky@dell.com> wrote:
Jeremy, Correct. programming devices and "updating firmware" I count as separate activities. Similar to CPU or GPU.
Which makes me really wonder, where is that line between the activities? I guess the worry, from a security standpoint, is persistent bytecode. I guess I just don't have a good enough understanding of all the facets in this area to have a sense for that. :/
-----Original Message----- From: Jeremy Stanley <fungi@yuggoth.org> Sent: Tuesday, January 7, 2020 5:52 PM To: openstack-discuss@lists.openstack.org Subject: Re: [Cyborg][Ironic][Nova][Neutron][TripleO][Cinder] accelerators management
On 2020-01-07 23:17:25 +0000 (+0000), Arkady.Kanevsky@dell.com wrote:
It is hard to image that any production env of any customer will allow anybody but administrator to update FW on any device at any time. The security implication are huge. [...]
I thought this was precisely the point of exposing FPGA hardware into server instances. Or do you not count programming those as "updating firmware?" -- Jeremy Stanley