[openstack-dev] [ironic] Disk Eraser
Chris Friesen
chris.friesen at windriver.com
Fri Jan 17 23:21:35 UTC 2014
On 01/17/2014 04:20 PM, Devananda van der Veen wrote:
> tl;dr, We should not be recycling bare metal nodes between untrusted
> tenants at this time. There's a broader discussion about firmware
> security going on, which, I think, will take a while for the hardware
> vendors to really address.
What can the hardware vendors do? Has anyone proposed a meaningful
solution for the firmware issue?
Given the number of devices (NIC, GPU, storage controllers, etc.) that
could potentially have firmware update capabilities it's not clear to me
how this could be reliably solved.
Chris
More information about the OpenStack-dev
mailing list