From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4C0083ACF19
	for <linux-kernel@vger.kernel.org>; Fri, 10 Apr 2026 15:43:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.175
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775835810; cv=none; b=ssFRVOg71a8Jmx6gEEWJEh6MM/dobyAoXdTxCKjRTuV8n01ntvV9W9S/v6li8aenAh+OAguxIX4+xcrVh57QfnqVzWsGN/D3CPJhCRY8dGupMqRu2drXB22EIfFNxm40UFYs1giCUgdmrgqR//o3IBaYM7QaKIAPIfO3NLf0m/Q=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775835810; c=relaxed/simple;
	bh=15c4ee0axhyY9xh/M09tb/QEQ2DqSdy7iBQH6Onsn94=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=FpsFwjc3XTEBORt/K0j6yhwaY7YDtYzH+HftMYOoVz8OSRMRHaLKgIvVg0X5+prOVWzapVlFbUvZOmlKj1s9ty5akhAoZNxnRBqEIqdl9Q0YEF+fVSHqZ7eXMbuuHusAQA+oUMTxcLfv+Kvv1uG0E+YCRnm7ggnkH7KbzmvJImU=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca; spf=pass smtp.mailfrom=ziepe.ca; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b=VuSfqimM; arc=none smtp.client-ip=209.85.160.175
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ziepe.ca
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b="VuSfqimM"
Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-50335b926c2so16320281cf.2
        for <linux-kernel@vger.kernel.org>; Fri, 10 Apr 2026 08:43:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ziepe.ca; s=google; t=1775835808; x=1776440608; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=15c4ee0axhyY9xh/M09tb/QEQ2DqSdy7iBQH6Onsn94=;
        b=VuSfqimMCZK642rs+v4jbhfAalGWZ1ko3jrnQrP0Hmwe3J6KBNE0VMWXPO0R9BCWcR
         djvQbOzYVJ75uzuM8VDI0Xsl+i/rJb60uY/hg/na1X8+aYrVQ9TUOuuIrBHu/U/bsobq
         JDUBckPVm60udk67/AELLoxZwbj/iM7EUsrGa+57s1X12HBJPeSeKPsv3n6MKYALHkLc
         Vl8kt5EamiRkX4LNuMUSbhVV3rT1agQF4e1cmWdyijO3gNtH1Z39QUKWAKQVzZ55cO++
         S8/oBCkWXS0JVqQlMZ8FTlPXePXMudCUD5OxEpMuHRC7328WNNDbBvsMUBu8WQFQIoj7
         dlBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775835808; x=1776440608;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=15c4ee0axhyY9xh/M09tb/QEQ2DqSdy7iBQH6Onsn94=;
        b=hjheezIoBGOQWks4ZQmT1BQp+M5jlIIam3P/OgpGTQqKYFNcnyWEeNptvr2cOdlxS4
         3yInYQN3/UsvCSrwu4R1z683/FY3Xu9id8RzVZKg0iZWojij5GmsBuRXjtvMORvrCiXd
         9ERVAwCLm14a/jDpFnY+HpxPOMEKf+IWz6tC4r/Aiy8NYVClePB2xFRFBEK6KfsyjUah
         DyuVjuU61cPvEkIYUln2EUQGSs/wm9vJs3MtfUh8cYvxTTniZG2jfrBcTgGl+s+JrcrQ
         FKEQu3YSjJVJqx57fFDPY6rekABm4e4bbOaI/E+sjT9r8dVtPDDivPCmfHhPEQQO7edm
         sBBA==
X-Forwarded-Encrypted: i=1; AJvYcCU7hsMOCsM5a0gUKmMzy2XojVW/7sLjRC2OanYYgZQ4HO3KwO4C9qIFZx5PnMfNjMMgxjK4/l0uVlo4V4c=@vger.kernel.org
X-Gm-Message-State: AOJu0YxCu2/Gr+oy9N0fuM+X8rcXxZ9v2+bvXWY83cINwylGSjrxrcLy
	xvLY9ZWpaCuD4fDxCdVobMq9dJBSZmr2apDZkhVB2U3fh6j865eqmIJzXYZD2e6fmB4=
X-Gm-Gg: AeBDiesz7AaZ6JVtLZgnYyIJMYu3Q+mcehGNJTZsdE0DFX7zuKsCjhZjQrrYJBOWdQV
	qzkLeKLYcLmbln551HdNZTIo5/K3ZjsbvBpNo2rt3Zr92ZesrWe6vRWOVt7yXrNFrpYS8PvCnK8
	VAYNR4/bYyVg64nCiaZ3jazFuqG5vWWPwO0ShtsE5t0OjJgMTabUNmGUteo22DPO5x+2QMYG051
	XmjGnv9ZG3ZfvUx6Y68X55LQISzFOSpBAm8kIwbm8ikELUoniI6i2JAJ8zrMW4vwP3J3Cvdt8yE
	xSGqJyoJGM7xw03hOKtr42EyPfG7YMKCguawAxKVeHnVotqrXZ8Gdi3Xc7bFeMkrY/vxwuOG5qQ
	5zHgTAM55RjoZyotqC0/T88EZc85P5n9ibucgA4W+2vNUBuSviHYbc5iuqp3FNPKjjsRgdv87Hb
	WnzmBME/G1uP/+OUQAfMYygVFP7ucS9ovZ3cVKK+ynwyRM+I8Z1AZiCCt1zzD6+k8UawkN5Q==
X-Received: by 2002:ac8:5a53:0:b0:50d:5a11:1a8 with SMTP id d75a77b69052e-50dd5ba3952mr57073421cf.25.1775835808064;
        Fri, 10 Apr 2026 08:43:28 -0700 (PDT)
Received: from ziepe.ca (mctnnbsa70w-159-2-73-22.dhcp-dynamic.fibreop.nb.bellaliant.net. [159.2.73.22])
        by smtp.gmail.com with ESMTPSA id d75a77b69052e-50dd539b49dsm25682421cf.6.2026.04.10.08.43.27
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 10 Apr 2026 08:43:27 -0700 (PDT)
Received: from jgg by wakko with local (Exim 4.97)
	(envelope-from <jgg@ziepe.ca>)
	id 1wBE11-0000000EiT7-077R;
	Fri, 10 Apr 2026 12:43:27 -0300
Date: Fri, 10 Apr 2026 12:43:27 -0300
From: Jason Gunthorpe <jgg@ziepe.ca>
To: Long Li <longli@microsoft.com>
Cc: Leon Romanovsky <leon@kernel.org>,
	Erni Sri Satya Vennela <ernis@linux.microsoft.com>,
	Konstantin Taranov <kotaranov@microsoft.com>,
	"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>,
	"linux-hyperv@vger.kernel.org" <linux-hyperv@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [EXTERNAL] Re: [PATCH rdma-next v2] RDMA/mana_ib: hardening:
 Clamp adapter capability values from MANA_IB_GET_ADAPTER_CAP
Message-ID: <20260410154327.GA2551565@ziepe.ca>
References: <20260312181642.989735-1-ernis@linux.microsoft.com>
 <20260316194929.GI61385@unreal>
 <SA1PR21MB66832D25A93394735624F454CE40A@SA1PR21MB6683.namprd21.prod.outlook.com>
 <20260317094408.GR61385@unreal>
 <SA1PR21MB66833EBAF447BA0B102862FCCE4DA@SA1PR21MB6683.namprd21.prod.outlook.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <SA1PR21MB66833EBAF447BA0B102862FCCE4DA@SA1PR21MB6683.namprd21.prod.outlook.com>

On Sat, Mar 21, 2026 at 12:56:39AM +0000, Long Li wrote:

> How we rephrase this in this way: the driver should not corrupt or
> overflow other parts of the kernel if its device is misbehaving (or
> has a bug).

If we are going to do this CC hardening stuff I think I want to see a
more comphrensive approach, like if we detect an attack then the
kernel instantly crashes or something. Or at least an approach in
general agreed to by the CC and kernel community.

Igoring the issue and continuing seems just wrong.

This sprinkling of random checks in this series doesn't feel
comprehensive or cohesive to me.

Jason