[PATCH V3 net 0/1] net/smc and the RDMA core

2017-05-15 Thread Ursula Braun
From: Ursula Braun Hi Dave, as requested, here is V3 of the smc-patch with an updated commit log. V3: update commit log V2: do not use _internal_mr V1: switch to usage of IB_PD_UNSAFE_GLOBAL_RKEY Kind regards, Ursula Ursula Braun (1): smc: switch to usage of

[PATCH V2 net 0/1] net/smc and the RDMA core

2017-05-12 Thread Ursula Braun
From: Ursula Braun Hi Dave, yesterday I included a patch proposal into a response to Christoph Hellwig, which is now already seen here: http://patchwork.ozlabs.org/patch/761250/ Christoph suggested an additional improvement not to use __internal_mr. Thus I come up

Re: net/smc and the RDMA core

2017-05-11 Thread h...@lst.de
On Thu, May 11, 2017 at 06:50:04PM +0200, Ursula Braun wrote: > Please consider the following patch to make users aware of the > security implications through existing mechanisms. Any such patch would be in addition to the BROKEN marker until there is an actual alternative. > +

Re: net/smc and the RDMA core

2017-05-11 Thread Ursula Braun
On 05/04/2017 10:48 AM, h...@lst.de wrote: > On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: >> I would also suggest that you stop exposing the DMA MR for remote >> access (at least by default) and use a proper reg_mr operations with a >> limited lifetime on a properly sized

Re: net/smc and the RDMA core

2017-05-06 Thread h...@lst.de
On Fri, May 05, 2017 at 11:10:17AM -0600, Jason Gunthorpe wrote: > I recommend immediately sending a kconfig patch cc'd to stable making > SMC require CONFIG_BROKEN so that nobody inadvertantly turns it on. Yes, I'll send the patch.

Re: net/smc and the RDMA core

2017-05-05 Thread Jason Gunthorpe
On Fri, May 05, 2017 at 07:06:56PM +0200, Ursula Braun wrote: > We do not see that just loading the smc module causes this issue.The security > risk starts with the first connection, that actually uses smc. This is only > possible if an AF_SMC socket connection is created while the so-called >

Re: net/smc and the RDMA core

2017-05-05 Thread Ursula Braun
On 05/04/2017 05:31 PM, Jason Gunthorpe wrote: > On Thu, May 04, 2017 at 03:08:39PM +0200, Ursula Braun wrote: >> >> >> On 05/04/2017 10:48 AM, h...@lst.de wrote: >>> On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: I would also suggest that you stop exposing the DMA MR for

Re: net/smc and the RDMA core

2017-05-04 Thread Jason Gunthorpe
On Thu, May 04, 2017 at 03:08:39PM +0200, Ursula Braun wrote: > > > On 05/04/2017 10:48 AM, h...@lst.de wrote: > > On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: > >> I would also suggest that you stop exposing the DMA MR for remote > >> access (at least by default) and use a

Re: net/smc and the RDMA core

2017-05-04 Thread Leon Romanovsky
On Thu, May 04, 2017 at 03:08:39PM +0200, Ursula Braun wrote: > > > On 05/04/2017 10:48 AM, h...@lst.de wrote: > > On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: > >> I would also suggest that you stop exposing the DMA MR for remote > >> access (at least by default) and use a

Re: net/smc and the RDMA core

2017-05-04 Thread Ursula Braun
On 05/04/2017 10:48 AM, h...@lst.de wrote: > On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: >> I would also suggest that you stop exposing the DMA MR for remote >> access (at least by default) and use a proper reg_mr operations with a >> limited lifetime on a properly sized

Re: net/smc and the RDMA core

2017-05-04 Thread h...@lst.de
On Thu, May 04, 2017 at 11:43:50AM +0300, Sagi Grimberg wrote: > I would also suggest that you stop exposing the DMA MR for remote > access (at least by default) and use a proper reg_mr operations with a > limited lifetime on a properly sized buffer. Yes, exposing the default DMA MR is a _major_

Re: net/smc and the RDMA core

2017-05-04 Thread Sagi Grimberg
if you can point out specific issues, we will be happy to work with you to get them addressed! Hello Ursula, My list of issues that I would like to see addressed can be found below. Doug, Christoph and others may have additional inputs. The issues that have not yet been mentioned in other

Re: net/smc and the RDMA core

2017-05-03 Thread Ursula Braun
On 05/02/2017 08:39 PM, Bart Van Assche wrote: > On Tue, 2017-05-02 at 14:25 +0200, Ursula Braun wrote: >> if you can point out specific issues, we will be happy to work with you >> to get them addressed! > > Hello Ursula, > > My list of issues that I would like to see addressed can be found

Re: net/smc and the RDMA core

2017-05-02 Thread Bart Van Assche
On Tue, 2017-05-02 at 14:25 +0200, Ursula Braun wrote: > if you can point out specific issues, we will be happy to work with you > to get them addressed! Hello Ursula, My list of issues that I would like to see addressed can be found below. Doug, Christoph and others may have additional inputs.

Re: net/smc and the RDMA core

2017-05-02 Thread Bart Van Assche
On Tue, 2017-05-02 at 14:41 +0200, Ursula Braun wrote: > On 05/01/2017 07:55 PM, Parav Pandit wrote: > > Hi Bart, Ursula, Dave, > > > > I am particularly concerned about SMC as address family. > > It should not be treated as address family, but rather an additional > > protocol similar for socket

Re: net/smc and the RDMA core

2017-05-02 Thread Doug Ledford
On 5/2/2017 8:34 AM, Ursula Braun wrote: > On 05/01/2017 07:29 PM, Bart Van Assche wrote: >> On Mon, 2017-05-01 at 18:33 +0200, Christoph Hellwig wrote: >>> Hi Ursual, hi netdev reviewers, >>> >>> how did the smc protocol manage to get merged without any review >>> on linux-rdma at all? As the

Re: net/smc and the RDMA core

2017-05-02 Thread Ursula Braun
gt;> Sent: Monday, May 1, 2017 12:30 PM >> To: h...@lst.de; da...@davemloft.net; ubr...@linux.vnet.ibm.com >> Cc: netdev@vger.kernel.org; linux-r...@vger.kernel.org >> Subject: Re: net/smc and the RDMA core >> >> On Mon, 2017-05-01 at 18:33 +0200, Christoph Hellwi

Re: net/smc and the RDMA core

2017-05-02 Thread Ursula Braun
On 05/01/2017 07:29 PM, Bart Van Assche wrote: > On Mon, 2017-05-01 at 18:33 +0200, Christoph Hellwig wrote: >> Hi Ursual, hi netdev reviewers, >> >> how did the smc protocol manage to get merged without any review >> on linux-rdma at all? As the results it seems it's very substandard >> in

Re: net/smc and the RDMA core

2017-05-02 Thread Ursula Braun
On 05/01/2017 06:33 PM, Christoph Hellwig wrote: > Hi Ursual, hi netdev reviewers, > > how did the smc protocol manage to get merged without any review > on linux-rdma at all? As the results it seems it's very substandard > in terms of RDMA API usage, e.g. it neither uses the proper CQ API >

RE: net/smc and the RDMA core

2017-05-01 Thread Steve Wise
> > Hi Ursual, hi netdev reviewers, > > how did the smc protocol manage to get merged without any review > on linux-rdma at all? As the results it seems it's very substandard > in terms of RDMA API usage, e.g. it neither uses the proper CQ API > nor the RDMA R/W API, and other will probably

RE: net/smc and the RDMA core

2017-05-01 Thread Parav Pandit
Bart Van Assche > Sent: Monday, May 1, 2017 12:30 PM > To: h...@lst.de; da...@davemloft.net; ubr...@linux.vnet.ibm.com > Cc: netdev@vger.kernel.org; linux-r...@vger.kernel.org > Subject: Re: net/smc and the RDMA core > > On Mon, 2017-05-01 at 18:33 +0200, Christoph Hellwig wrot

Re: net/smc and the RDMA core

2017-05-01 Thread Bart Van Assche
On Mon, 2017-05-01 at 18:33 +0200, Christoph Hellwig wrote: > Hi Ursual, hi netdev reviewers, > > how did the smc protocol manage to get merged without any review > on linux-rdma at all? As the results it seems it's very substandard > in terms of RDMA API usage, e.g. it neither uses the proper

net/smc and the RDMA core

2017-05-01 Thread Christoph Hellwig
Hi Ursual, hi netdev reviewers, how did the smc protocol manage to get merged without any review on linux-rdma at all? As the results it seems it's very substandard in terms of RDMA API usage, e.g. it neither uses the proper CQ API nor the RDMA R/W API, and other will probably find additional