Open Stack

Excerpts from Alan Kavanagh's message of 2014-01-16 20:28:05 -0800:
> +1....makes sense to me. I will write up a Blueprint for this for review in Ironic and we take it from their. 
> 
> I don't see this as evil firmware, more a good process we need to automate as part of sanity checks before taking a leased baremetal back and making it available in the pool again, imho. Or do others see it differently, if so would like to hear so.
> 

I think the effort that will go into chasing every piece of firmware
and block of NVRAM where malicious tenants can stuff exploits would be
better spent improving the performance of virtualization. I have no data
to prove this.

However what strikes me is that we _know_ how virtualization interacts
with the hardware, and can control PCI pass through and other potential
places for malicious users to try and plant malware for the next tenant. I
have no idea what firmware does, as much of it is just opaque binary
blobs, and thus I have no idea what secondary parts of the hardware it may
expect to be in a certain state that a bad actor may take advantage of.

If hardware vendors will stand by an automated way to do factory resets,
then perhaps that would be something Ironic could enable. But even that
becomes problematic.. because you want to factory reset everything.. and
then you need the factory defaults to be secure enough where you can
use them to re-initialize the hardware.