From: "J.L. Burr" <jlburr-vna1KIf7WgpBDgjK7y7TUQ@public.gmane.org>
To: linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 00/10] IB: Replace safe uses for ib_get_dma_mr with pd->local_dma_lkey
Date: Tue, 28 Jul 2015 11:01:12 -0400 [thread overview]
Message-ID: <mp85i7$6hc$1@ger.gmane.org> (raw)
In-Reply-To: 1437608083-22898-1-git-send-email-jgunthorpe@obsidianresearch.com
"Jason Gunthorpe" <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> wrote in message
news:1437608083-22898-1-git-send-email-jgunthorpe-ePGOBjL8dl3ta4EC/59zMK2raWmgRF17@public.gmane.org
> This series moves dealing with the safe all physical mr:
>
> ib_get_dma_mr(pd,IB_ACCESS_LOCAL_WRITE);
>
> Into ib_alloc_pd, and in the process makes the global local_dma_lkey functionality
> broadly enabled for all ULPs.
> The remaining users of ib_get_dma_mr are all unsafe:
[snip]
> Calling ib_get_dma_mr with IB_ACCESS_REMOTE_* flags is considered to be a
> serious security problem and should not be done without the user directly
> opting in to an off-by-default scheme. The call allows the peer on the QP
> unrestricted access to local physical memory if they can guess the rkey value.
>
> A future series will cause the kernel to be tainted by the above call sites to
> promote migrating away from this.
[snip]
We use ib_get_dma_mr with IB_ACCESS_REMOTE_* flags in an embedded device environment (in a custom out-of-tree device driver). Not
to allow remote access to CPU memory but to allow remote access to PCIe device memory (the IB card makes peer accesses directly to
other PCIe devices).
I understand the concerns about safety with ib_get_dma_mr but want to be sure there will be a way to "opt-in", as you describe
above. I can live with the tainting.
How is the opt-in done? Is that via a kernel parameter? Or via a module parameter on one of the IB core modules? Some other way?
I'm trying to avoid having to run a modified kernel for our environment, so hope this is not a kernel compile option!
Thanks.
John Burr
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2015-07-28 15:01 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-22 23:34 [PATCH 00/10] IB: Replace safe uses for ib_get_dma_mr with pd->local_dma_lkey Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 01/10] IB/core: Guarantee that a local_dma_lkey is available Jason Gunthorpe
2015-07-23 10:47 ` Sagi Grimberg
2015-07-23 18:36 ` Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 04/10] IB/mlx4: Remove ib_get_dma_mr calls Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 05/10] IB/mlx5: " Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 06/10] IB/iser: Use pd->local_dma_lkey Jason Gunthorpe
2015-07-23 10:49 ` Sagi Grimberg
[not found] ` <1437608083-22898-1-git-send-email-jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-07-22 23:34 ` [PATCH 02/10] IB/mad: Remove ib_get_dma_mr calls Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 03/10] IB/ipoib: " Jason Gunthorpe
2015-07-22 23:34 ` [PATCH 07/10] iser-target: " Jason Gunthorpe
2015-07-23 10:49 ` Sagi Grimberg
2015-07-22 23:34 ` [PATCH 08/10] IB/srp: Use pd->local_dma_lkey Jason Gunthorpe
[not found] ` <1437608083-22898-9-git-send-email-jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-07-23 10:50 ` Sagi Grimberg
2015-07-22 23:34 ` [PATCH 09/10] ib_srpt: Remove ib_get_dma_mr calls Jason Gunthorpe
2015-07-23 10:51 ` Sagi Grimberg
2015-07-22 23:34 ` [PATCH 10/10] net/9p: " Jason Gunthorpe
2015-07-23 7:46 ` Dominique Martinet
2015-07-23 10:56 ` [PATCH 00/10] IB: Replace safe uses for ib_get_dma_mr with pd->local_dma_lkey Sagi Grimberg
2015-07-23 13:47 ` Bart Van Assche
2015-07-23 18:30 ` Jason Gunthorpe
[not found] ` <20150723183044.GA1868-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-07-23 18:42 ` Bart Van Assche
[not found] ` <55B13583.5010208-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
2015-07-23 18:47 ` Jason Gunthorpe
2015-07-26 8:45 ` Sagi Grimberg
2015-07-29 16:39 ` Doug Ledford
2015-07-25 6:27 ` Christoph Hellwig
2015-07-28 15:01 ` J.L. Burr [this message]
2015-07-28 18:23 ` Jason Gunthorpe
2015-07-28 20:58 ` J.L. Burr
2015-07-28 22:10 ` Jason Gunthorpe
2015-07-28 23:56 ` J.L. Burr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='mp85i7$6hc$1@ger.gmane.org' \
--to=jlburr-vna1kif7wgpbdgjk7y7tuq@public.gmane.org \
--cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox