
Confidentiality Issues on a GPU in a Virtualized Environment [pdf] - luu
http://s3.eurecom.fr/docs/fc14_maurice.pdf
======
iamsalman
Currently, only AWS offers GPU instances. There are other, smaller providers
like Nimbix or Peer1 but they offer bare-metal instances. With AWS, they
currently have Grid K520 GPUs which is targeted for public and private Clouds.

The gist of this paper is that non ECC memory does not zero the memory but it
conveniently skips the fact that public or private Cloud uses either NVIDIA
Tesla or Quadro series cards, both of which have ECC (one of the main reasons
they're expensive than say GTX Titan which offers same single/double-precision
performance but does not offer ECC). No one really uses GeForce series cards
for anything serious and definitely not virtualization so even though this is
a vulnerability, it may not effect more than 1e-10% of virtualized GPUs out
there

------
maccard
Noticed this with CUDA before. When I tried to render data that lay outside
the buffers I was working on, I would get textures of my web browser appearing
instead of what I expected.

------
j_s
TL;DR: _We found that the GPU global memory is zeroed only in some
configurations._

------
lmeyerov
I've been thinking increasingly that webcl's place is in the cloud, including
because of all the work on multiuser/multitenant
confidentiality+integrity+availability!

