From patchwork Wed May 10 07:26:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christoph Hellwig X-Patchwork-Id: 9719375 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5618760365 for ; Wed, 10 May 2017 07:26:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4656428307 for ; Wed, 10 May 2017 07:26:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3A5642857B; Wed, 10 May 2017 07:26:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BD71028307 for ; Wed, 10 May 2017 07:26:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751228AbdEJH0d (ORCPT ); Wed, 10 May 2017 03:26:33 -0400 Received: from bombadil.infradead.org ([65.50.211.133]:34274 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750780AbdEJH0c (ORCPT ); Wed, 10 May 2017 03:26:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=Message-Id:Date:Subject:Cc:To:From: Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ESqMX4waepMZ27VrWP3Q8WZJuhOaLfIKRRHgHxJak4c=; b=EN3ObwHmM4d5LAR8CnSG3Nl8b z9rVBcym3Yv5weRcGjOXXFmYKbqGTAxgLi6gEpWY4A/ntv98mmaRAj6zYCCjnYRXeIytymha+4MhC JGlMh/eqsRl2vxD7EAh17HrvNlrCqVbgw5rO8Bw6mX1gbqc+m0SC9k44A4lxAfvyXtAXB/woU3tJB QIOAKKz9nPZkWfFbgo4wBC7u89QGRRNpSRx29MWj2cMXgD9LXtMzz34KqnhRSL2UfG1AnWdaPegX/ v+CJYlJ+PcJhIEwrYB4qiCLwU6ohp8UfR5n09VrJVsbEiCHCtkzwNNJ/ugTgKkFaqELLjUhwYFvnE lQFLHBBsw==; Received: from [91.114.64.3] (helo=localhost) by bombadil.infradead.org with esmtpsa (Exim 4.87 #1 (Red Hat Linux)) id 1d8M0z-0001CL-Im; Wed, 10 May 2017 07:26:30 +0000 From: Christoph Hellwig To: davem@davemloft.net Cc: ubraun@linux.vnet.ibm.com, netdev@vger.kernel.org, linux-rdma@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH] net/smc: mark as BROKEN due to remote memory exposure Date: Wed, 10 May 2017 09:26:27 +0200 Message-Id: <20170510072627.12060-1-hch@lst.de> X-Mailer: git-send-email 2.11.0 X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-rdma-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-rdma@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The driver has a lot of quality issues due to the lack of RDMA-side review, and explicitly bypasses APIs to register all memory once a connection is made, and thus allows remote access to memoery. Mark it as broken until at least that part is fixed. Signed-off-by: Christoph Hellwig Cc: stable@vger.kernel.org Acked-by: Bart Van Assche -- --- net/smc/Kconfig | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/smc/Kconfig b/net/smc/Kconfig index c717ef0896aa..fe6b78bc515f 100644 --- a/net/smc/Kconfig +++ b/net/smc/Kconfig @@ -1,6 +1,6 @@ config SMC tristate "SMC socket protocol family" - depends on INET && INFINIBAND + depends on INET && INFINIBAND && BROKEN ---help--- SMC-R provides a "sockets over RDMA" solution making use of RDMA over Converged Ethernet (RoCE) technology to upgrade @@ -8,6 +8,10 @@ config SMC The Linux implementation of the SMC-R solution is designed as a separate socket family SMC. + Warning: SMC will expose all memory for remote reads and writes + once a connection is established. Don't enable this option except + for tightly controlled lab environment. + Select this option if you want to run SMC socket applications config SMC_DIAG