lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <f5f60ab0-52c6-e8f2-4654-bc52658c93b0@linux.vnet.ibm.com> Date: Tue, 16 May 2017 17:04:00 +0200 From: Ursula Braun <ubraun@...ux.vnet.ibm.com> To: Leon Romanovsky <leon@...nel.org>, davem@...emloft.net Cc: netdev@...r.kernel.org, iinux-rdma@...r.kernel.org, Christoph Hellwig <hch@....de> Subject: Re: [PATCH net v1] net/smc: Add warning about remote memory exposure On 05/16/2017 08:51 AM, Leon Romanovsky wrote: > From: Christoph Hellwig <hch@....de> > > The driver explicitly bypasses APIs to register all memory once a > connection is made, and thus allows remote access to memory. > > Signed-off-by: Christoph Hellwig <hch@....de> > Signed-off-by: Leon Romanovsky <leon@...nel.org> > --- > Dave, > Can you please forward this patch to stable? > Thanks > --- > Changes from v0: > * Remove BROKEN Kconfig option as a followup of this discussion > https://patchwork.ozlabs.org/patch/760454/ > * Refine commit message > --- > net/smc/Kconfig | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/net/smc/Kconfig b/net/smc/Kconfig > index c717ef0896aa..33954852f3f8 100644 > --- a/net/smc/Kconfig > +++ b/net/smc/Kconfig > @@ -8,6 +8,10 @@ config SMC > The Linux implementation of the SMC-R solution is designed as > a separate socket family SMC. > > + Warning: SMC will expose all memory for remote reads and writes > + once a connection is established. Don't enable this option except > + for tightly controlled lab environment. > + > Select this option if you want to run SMC socket applications > > config SMC_DIAG > -- > 2.12.2 > Acked-by: Ursula Braun <ubraun@...ux.vnet.ibm.com>
Powered by blists - more mailing lists