In a solution of GPU in Cloud (with OpenStack) where the VMs can access the graphic cards via PCI-passthrough, we want to be sure no malicious person changed the firmware of the GPU from inside a VM.
A potential solution we came up with was to use NVFlash (or other tool for flashing the card) to compare the firmware currently present on the GPU with the one that should be present. This operation could be done after a VM has been deleted and the GPU linked has been released.
Does this idea make sense? Or else, what kind of operation should we use?
We use Nvidia cards with the Pascal architecture.