[openstack-dev] "Evil" Firmware
Robert Collins
robertc at robertcollins.net
Fri Jan 17 08:12:19 UTC 2014
> The physical function is the one with the "real" PCI config space, so as
> long as the host controls it then there should be minimal risk from the
> guests since they have limited access via the virtual functions--typically
> mostly just message-passing to the physical function.
As long as its a whitelist of audited message handlers, thats fine. Of
course, if the message handlers haven't been audited, who knows whats
lurking in there.
-Rob
--
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud
More information about the OpenStack-dev
mailing list