0

In a solution of GPU in Cloud (with OpenStack) where the VMs can access the graphic cards via PCI-passthrough, we want to be sure no malicious person changed the firmware of the GPU from inside a VM.

A potential solution we came up with was to use NVFlash (or other tool for flashing the card) to compare the firmware currently present on the GPU with the one that should be present. This operation could be done after a VM has been deleted and the GPU linked has been released.

Does this idea make sense? Or else, what kind of operation should we use?

We use Nvidia cards with the Pascal architecture.

J. Chorin
  • 41
  • 3
  • Best would be that no one could upload a new firmware. What are you gong to do if the firmware gets corrupted? Some cards can be phisically locked from writing, too. – Federico Galli Aug 08 '18 at 14:29
  • Unfortunately, letting user access to GPU from a VM using PCI-passthrough also gives them full control over the GPU itself. No way to change this (or no way that I know of) – J. Chorin Aug 08 '18 at 15:57

0 Answers0