From: Gleb Natapov <gleb@cloudius-systems.com>
To: Greg Rose <gvrose8192@gmail.com>
Cc: Vlad Zolotarov <vladz@cloudius-systems.com>,
netdev@vger.kernel.org, Avi Kivity <avi@cloudius-systems.com>,
jeffrey.t.kirsher@intel.com, davem@davemloft.net
Subject: Re: [PATCH net-next v3 0/5]: ixgbevf: Allow querying VFs RSS indirection table and key
Date: Tue, 6 Jan 2015 20:44:14 +0200 [thread overview]
Message-ID: <20150106184414.GC29721@cloudius-systems.com> (raw)
In-Reply-To: <CALgkqUpsw3ZBi600tC5H-8LJKLrOgSAX=0+xU4V=aMAGacEEUQ@mail.gmail.com>
On Tue, Jan 06, 2015 at 10:30:59AM -0800, Greg Rose wrote:
> On Tue, Jan 6, 2015 at 10:04 AM, Gleb Natapov <gleb@cloudius-systems.com> wrote:
> > On Tue, Jan 06, 2015 at 08:59:41AM -0800, Greg Rose wrote:
> >> On Tue, Jan 6, 2015 at 2:58 AM, Vlad Zolotarov
> >> <vladz@cloudius-systems.com> wrote:
> >> >
> >> >
> >> > I agree with Gleb here: when we started with just thinking about the idea of
> >> > this patch the possible security issue was the first thing that came into
> >> > our minds.
> >> > But eventually we couldn't come up with any security risk or attack example
> >> > that is exclusively caused by the fact that VF knows the indirection table
> >> > and/or RSS hash key of the PF.
> >> >
> >> > So, Greg, if we have missed anything and your have such an example could you
> >> > share it here, please?
> >>
> >> I don't have any examples and that is not my area of expertise. But
> >> just because we can't think of a security risk or attack example
> >> doesn't mean there isn't one.
> >>
> > Is RSS hash security feature at all? Against what kind of attack? It
> > looks like some drivers (igb among them) use non random value for the key.
>
> I don't believe RSS hashing itself is a security feature - I don't
> know that sharing the RSS info with a VF is a security risk. I'm just
> asking that we preserve default behavior to avoid the possibility.
>
> >
> >> Just add a policy hook so that the system admin can decide whether
> >> this information should be shared with the VFs and then we're covered
> >> for cases of both known and unknown exploits, risks, etc.
> >>
> > Default off means that it will stay that way for most installations and
> > information will not be available for "cloud" users. It is hard to get
> > proper support on public cloud for less trivial issues than changing
> > host HW configuration.
>
> Someone in the host is configuring the VF HW to begin with. Someone
> had to create the VFs in the first place so I presume they could set
> the policy for this feature as well at the same time. To return to an
> example I provided to Vlad - anti-spoof checking is on by default but
> we allow system admins to turn it off so that other features, such as
> bonding, can be used. I just want to preserve current behavior while
> allowing the feature you want to add to be available for those who
> want it.
>
> If Dave and the rest of community feel that there is no risk to these
> patches and that they should be applied then I'll go away and shut up
> about it. But for now I'm just approaching this from a "better safe
> than sorry" viewpoint.
>
Thanks Greg for explaining your position clearly on this matter. I CCed
Dave to get his opinion. Vlad is going to work on adding this knob
anyway meanwhile, but we still have a hope that default could be "on".
--
Gleb.
next prev parent reply other threads:[~2015-01-06 18:44 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-05 14:15 [PATCH net-next v3 0/5]: ixgbevf: Allow querying VFs RSS indirection table and key Vlad Zolotarov
2015-01-05 14:15 ` [PATCH net-next v3 1/5] ixgbe: Add a RETA query command to VF-PF channel API Vlad Zolotarov
2015-01-05 14:15 ` [PATCH net-next v3 2/5] ixgbevf: Add a RETA query code Vlad Zolotarov
2015-01-05 14:15 ` [PATCH net-next v3 3/5] ixgbe: Add GET_RSS_KEY command to VF-PF channel commands set Vlad Zolotarov
2015-01-05 14:15 ` [PATCH net-next v3 4/5] ixgbevf: Add RSS Key query code Vlad Zolotarov
2015-01-05 14:15 ` [PATCH net-next v3 5/5] ixgbevf: Add the appropriate ethtool ops to query RSS indirection table and key Vlad Zolotarov
2015-01-05 14:47 ` [PATCH net-next v3 0/5]: ixgbevf: Allow querying VFs " Vlad Zolotarov
2015-01-05 23:54 ` Greg Rose
2015-01-06 6:55 ` Gleb Natapov
2015-01-06 10:58 ` Vlad Zolotarov
2015-01-06 16:59 ` Greg Rose
2015-01-06 17:30 ` Vlad Zolotarov
2015-01-06 18:22 ` Greg Rose
2015-01-06 20:13 ` Vlad Zolotarov
2015-01-06 21:13 ` Greg Rose
2015-01-06 18:04 ` Gleb Natapov
2015-01-06 18:30 ` Greg Rose
2015-01-06 18:44 ` Gleb Natapov [this message]
2015-01-06 18:59 ` Eric Dumazet
2015-01-06 19:15 ` Gleb Natapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150106184414.GC29721@cloudius-systems.com \
--to=gleb@cloudius-systems.com \
--cc=avi@cloudius-systems.com \
--cc=davem@davemloft.net \
--cc=gvrose8192@gmail.com \
--cc=jeffrey.t.kirsher@intel.com \
--cc=netdev@vger.kernel.org \
--cc=vladz@cloudius-systems.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).