LinuxConf [ZA] 2019
Oct 7, 2019 - The Wanderers Club, 21 North Street, Illovo, Johannesburg, 2196
Network interface hardware can see everything and do anything! Labeling a modern network interface as pure hardware is a gross misnomer. These devices execute software, more benignly known as firmware, and as such can modify packets, hide packets that have been seen, covertly mirror packets and even manufacture new packets on your behalf. The capacity to do harm is compounded when cipher keys are entrusted to the device. People cannot validate the security of their systems without access to the source code of the firmware running inside those systems. This is true for any piece of hardware controlled by firmware, but is especially of concern for network processors. Open source addresses these issues head on. This talk will delve into the capabilities of device firmware as well as the rationale behind the choice to open source the software running inside Netronome's network interfaces.