From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
To: Majd Dibbiny <majd@mellanox.com>
Cc: Doug Ledford <dledford@redhat.com>,
Saeed Mahameed <saeedm@dev.mellanox.co.il>,
Ilan Tayari <ilant@mellanox.com>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>,
"jsorensen@fb.com" <jsorensen@fb.com>,
Andy Shevchenko <andy.shevchenko@gmail.com>,
"linux-fpga@vger.kernel.org" <linux-fpga@vger.kernel.org>,
Alan Tull <atull@opensource.altera.com>,
"yi1.li@linux.intel.com" <yi1.li@linux.intel.com>,
Boris Pismenny <borisp@mellanox.com>
Subject: Re: [for-next 4/6] net/mlx5: FPGA, Add basic support for Innova
Date: Mon, 12 Jun 2017 10:17:46 -0600 [thread overview]
Message-ID: <20170612161746.GC24829@obsidianresearch.com> (raw)
In-Reply-To: <CC17D182-E8FF-48C7-8667-67429C6F8259@mellanox.com>
On Sat, Jun 10, 2017 at 02:11:13PM +0000, Majd Dibbiny wrote:
> >> This is especially true for mlx nics as there are many raw packet
> >> bypass mechanisms available to userspace.
> All of the Raw packet bypass mechanisms are restricted to
> CAP_NET_RAW, and thus malicious users can't simply open a RAW Packet
> QP and send it to the FPGA..
It is big expansion of CAP_NET_RAW to also basically also include
reconfiguring ipsec xfrm.
Plus, if someone configures ethernet bridging (eg in a VM situation)
then could a hacked VM reconfigure this FPGA?
Jason
next prev parent reply other threads:[~2017-06-12 16:17 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-23 11:43 [pull request][for-next 0/6] Mellanox mlx5 updates 2017-05-23 Saeed Mahameed
2017-05-23 11:44 ` [for-next 2/6] net/mlx5: Update the list of the PCI supported devices Saeed Mahameed
2017-05-23 11:44 ` [for-next 3/6] net/mlx5: Introduce trigger_health_work function Saeed Mahameed
2017-05-23 11:44 ` [for-next 4/6] net/mlx5: FPGA, Add basic support for Innova Saeed Mahameed
[not found] ` <20170523114404.20387-5-saeedm-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2017-05-24 16:51 ` Alexei Starovoitov
2017-05-25 5:20 ` Ilan Tayari
[not found] ` <AM4PR0501MB1940885C2F1CEF4DDE4EA8D1DBFF0-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-25 10:40 ` Saeed Mahameed
[not found] ` <CALzJLG-B_tAmASn_SMmPNiucq-tTpywHniRTkb4N32oGF6Y3Ng-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-25 20:48 ` Jes Sorensen
2017-05-26 8:29 ` Saeed Mahameed
[not found] ` <CALzJLG9YNpagdJAcrh6O0jJhZWtsck6KigRtVxyjkArTm=82ew-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-26 18:31 ` Jes Sorensen
2017-05-28 7:24 ` Ilan Tayari
2017-06-02 20:31 ` Jes Sorensen
[not found] ` <4c164e09-0103-7daf-e9f8-9260223ada08-b10kYP2dOMg@public.gmane.org>
2017-06-02 20:33 ` Doug Ledford
2017-05-26 3:07 ` Alexei Starovoitov
2017-05-26 8:59 ` Saeed Mahameed
[not found] ` <CALzJLG98D=3yMJV_q4sjVNG41AERFRU+6rwqQJsxnRuVeDTPdA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-26 17:56 ` Alexei Starovoitov
2017-05-26 18:15 ` Jason Gunthorpe
[not found] ` <20170526181517.GA3860-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-05-28 7:22 ` Ilan Tayari
[not found] ` <AM4PR0501MB1940330F0EBAA819C87C5278DBF20-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-29 15:31 ` Jason Gunthorpe
[not found] ` <20170529153131.GB7924-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-05-29 15:58 ` Ilan Tayari
[not found] ` <AM4PR0501MB1940D05A19F098286B99EAD0DBF30-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-29 16:02 ` Jason Gunthorpe
2017-05-29 16:05 ` Ilan Tayari
[not found] ` <AM4PR0501MB194037FF8F17466BC9ECC73DDBF30-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-29 16:09 ` Ilan Tayari
[not found] ` <AM4PR0501MB19409139227E11A4A7F82F0FDBF30-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-06-01 15:37 ` Jason Gunthorpe
[not found] ` <20170601153704.GA1680-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-06-04 7:51 ` Ilan Tayari
[not found] ` <AM4PR0501MB19404B83A69B87AFB1326B45DBF50-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-06-05 15:17 ` Jason Gunthorpe
[not found] ` <20170605151724.GA20182-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-06-06 6:52 ` Ilan Tayari
[not found] ` <AM4PR0501MB194008AAABEB6AAAA2ADFC82DBCB0-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-06-06 15:50 ` David Miller
2017-06-06 16:17 ` Jason Gunthorpe
[not found] ` <20170606161709.GA8671-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-06-06 17:42 ` Alexei Starovoitov
[not found] ` <20170606174233.w377ctwtapzccsk7-+o4/htvd0TCa6kscz5V53/3mLCh9rsb+VpNB7YpNyf8@public.gmane.org>
2017-06-06 17:47 ` David Miller
2017-06-06 18:34 ` Alexei Starovoitov
2017-06-06 18:38 ` David Miller
[not found] ` <20170606.143824.717466091308335341.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-06-06 18:55 ` Alexei Starovoitov
[not found] ` <20170606185532.2byjdonwsyan2asl-+o4/htvd0TCa6kscz5V53/3mLCh9rsb+VpNB7YpNyf8@public.gmane.org>
2017-06-06 19:01 ` David Miller
[not found] ` <20170606.150151.1650636686526694540.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-06-06 22:44 ` Alexei Starovoitov
2017-06-07 0:48 ` Andrew Lunn
2017-06-07 3:47 ` Saeed Mahameed
2017-06-07 4:16 ` Saeed Mahameed
2017-06-07 15:48 ` Jason Gunthorpe
2017-06-07 19:13 ` Saeed Mahameed
2017-06-07 19:21 ` Jason Gunthorpe
[not found] ` <20170607192132.GA10929-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-06-09 22:24 ` Doug Ledford
[not found] ` <1497047041.7171.234.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-06-10 14:11 ` Majd Dibbiny
2017-06-12 16:17 ` Jason Gunthorpe [this message]
2017-06-13 16:05 ` Saeed Mahameed
2017-06-11 5:59 ` Ilan Tayari
[not found] ` <AM4PR0501MB19401208254971445E61367EDBCC0-dp/nxUn679gfNUYDR5dMTsDSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-06-12 16:14 ` Jason Gunthorpe
2017-05-28 12:33 ` Or Gerlitz
2017-05-26 3:58 ` please revert. Was: " Alexei Starovoitov
2017-05-26 4:13 ` David Miller
2017-05-26 4:40 ` Alexei Starovoitov
2017-05-26 14:51 ` David Miller
2017-05-23 11:44 ` [for-next 5/6] net/mlx5: Bump driver version Saeed Mahameed
[not found] ` <20170523114404.20387-6-saeedm-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2017-05-26 12:56 ` Dennis Dalessandro
2017-05-26 16:35 ` Saeed Mahameed
[not found] ` <CALzJLG_ha-XiPAMnoKrUgm_EwPx2yH0T2y4EBRfrWNYSZi1cTg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-26 16:55 ` Dennis Dalessandro
[not found] ` <ee23ad82-4a2e-8546-d41b-11f979b127bb-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-05-26 18:10 ` Leon Romanovsky
2017-05-26 21:53 ` Jakub Kicinski
[not found] ` <20170526145318.7fd8c8e2-68UzVGuGftmUSpRRplVxJ1aTQe2KTcn/@public.gmane.org>
2017-05-29 5:47 ` Leon Romanovsky
[not found] ` <20170523114404.20387-1-saeedm-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2017-05-23 11:43 ` [for-next 1/6] {net, IB}/mlx5: Replace mlx5_vzalloc with kvzalloc Saeed Mahameed
2017-05-23 11:44 ` [for-next 6/6] IB/mlx5: Bump driver version Saeed Mahameed
2017-05-25 16:02 ` [pull request][for-next 0/6] Mellanox mlx5 updates 2017-05-23 David Miller
2017-06-01 22:57 ` Doug Ledford
[not found] ` <1496357879.7171.76.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-06-02 15:39 ` Leon Romanovsky
[not found] ` <20170602153940.GX5406-U/DQcQFIOTAAJjI8aNfphQ@public.gmane.org>
2017-06-02 16:06 ` Alexei Starovoitov
[not found] ` <20170602160641.ylowbobe5v72ui7g-+o4/htvd0TCa6kscz5V53/3mLCh9rsb+VpNB7YpNyf8@public.gmane.org>
2017-06-02 16:08 ` David Miller
[not found] ` <20170602.120839.1394660754953676217.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-06-02 16:57 ` Alexei Starovoitov
[not found] ` <20170602165736.nwunidodmu6xsmuv-+o4/htvd0TCa6kscz5V53/3mLCh9rsb+VpNB7YpNyf8@public.gmane.org>
2017-06-03 19:46 ` Or Gerlitz
2017-06-03 22:45 ` Saeed Mahameed
2017-06-14 19:30 ` Doug Ledford
2017-06-14 19:44 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170612161746.GC24829@obsidianresearch.com \
--to=jgunthorpe@obsidianresearch.com \
--cc=alexei.starovoitov@gmail.com \
--cc=andy.shevchenko@gmail.com \
--cc=atull@opensource.altera.com \
--cc=borisp@mellanox.com \
--cc=davem@davemloft.net \
--cc=dledford@redhat.com \
--cc=ilant@mellanox.com \
--cc=jsorensen@fb.com \
--cc=linux-fpga@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=majd@mellanox.com \
--cc=netdev@vger.kernel.org \
--cc=saeedm@dev.mellanox.co.il \
--cc=yi1.li@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.