Feature Request Overview

This RFP covers the implementation of secure NVMe device lifecycle management within Cyborg. A key security gap in multi-tenant Nova deployments is the inability to sanitize NVMe devices between tenant allocations, which risks data leakage. This is a blocker for official NVMe support. Implementing a secure clean-up mechanism in Cyborg addresses this gap directly and provides a generic framework for stateful device management outside of Nova.

Functional Requirements

• Develop a generic NVMe driver/plugin within Cyborg that can manage the lifecycle of NVMe devices assigned to VMs.

• Implement a secure sanitization ("clean") method for NVMe devices upon instance deletion. This must use standard NVMe commands (e.g., Format NVM, Sanitize) to reliably erase all user data.

• Provide hooks to validate that a device is in a clean state before it is allocated to a new instance.

• Integrate the existing cleaning agent code into the new driver.

Non-Functional Requirements

• Security: The sanitization process must meet standards for data deletion in multi-tenant environments.

• Robustness: The clean-up process must handle errors gracefully and leave the device in a safe, unallocatable state if sanitization fails.

• Performance: Sanitization time should be documented for different device types and sizes.

Scope

• IN SCOPE: NVMe device management within Cyborg. Integration of the cleanup agent. Development of a plugin architecture for storage device management.

• OUT OF SCOPE: Cleaning of other device types (e.g., GPU memory). Management of non-passthrough (virtualized) storage.

Acceptance Criteria

• Cyborg can inventory NVMe devices on a host.

• Upon a simulated "release" command, Cyborg executes a sanitization operation on a specified NVMe device.

• A subsequent "check" command confirms the device is clean and ready for reallocation.

• The process works with multiple major NVMe hardware vendors.