Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2039836imm; Mon, 16 Jul 2018 00:40:59 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdum9aEqnOSeOnRHvbtcsXUrE3AxopPkubuafow+O1Hd6B1KpXpnw37TpvX6G23X2Nr+3pL X-Received: by 2002:a17:902:6bc7:: with SMTP id m7-v6mr16044424plt.162.1531726859756; Mon, 16 Jul 2018 00:40:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531726859; cv=none; d=google.com; s=arc-20160816; b=Vhj99PcBlcYXFp3Qv4PmeG5neKU73IUwosXhZQHsEu+PhDfRC2/4QXmFiUXIJpBmJb NhnwMAQoZjwHkSCtOGTzcbl+NHIekXvRWJSk1qBKnnRlhQQMkAnzOg1QLSYuWA+2AK8l N58sEcfkK4zunwUy2KW73v22EvVEQgq6D4mlwcAP6Fqx9TjRsTeRyHuADKBXjGhDK1rj nv7zKJvGTtGAdfXuzAysmPrzNiAG3W2sZu0/sRVZspw0Xg+3IWRFG118wY7JdbTAr5Nq 2pi7YRPsJEuDpAD4A278hgMrmTLw+6BbFQ8IANhPCB8/LSPvt3WrVoT6aeHcUpvMh4lH 4lyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=CExLBhUlNJsygcEg71gEURas7m6bPU7QhD9GSQ3db+I=; b=U4f6LO9omWP1ORLzaHopVNWD6HGTV6X+Jxw+ufHXsdaBi9cVfi+HXwwi+4lFOF4ox8 RVyV/g+est29IHAitICTvCVstZt4SymbOvSZMYgBJZhGB0YEt7PlZyoTOj8N8z0dXnb4 Zv3CyUUiRJuEmyeiPrbMHYRy2jVprYq3cmRaz2gTxHIeliSZ1petOBCjupHqKk2RbQru VcWDIn9XdaSChmH1uIe0VZ1CpHS7Y6eq7WDRHbQMVRkFxU7ZoU0RvGGOWl2lQxWCzHXr yxHmHrKXbMQZB/lFBK5I06W0C+LHerYmvi+Y5NpzdPTRY/kmSJO+MabWRAFCf6JyP75f xA2Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q7-v6si28798259pll.445.2018.07.16.00.40.44; Mon, 16 Jul 2018 00:40:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387818AbeGPIE7 (ORCPT + 99 others); Mon, 16 Jul 2018 04:04:59 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:47032 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726898AbeGPIE6 (ORCPT ); Mon, 16 Jul 2018 04:04:58 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 00442C03; Mon, 16 Jul 2018 07:38:56 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Leon Romanovsky , Jason Gunthorpe Subject: [PATCH 4.17 60/67] RDMA/ucm: Mark UCM interface as BROKEN Date: Mon, 16 Jul 2018 09:35:29 +0200 Message-Id: <20180716073453.332828986@linuxfoundation.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180716073443.294323458@linuxfoundation.org> References: <20180716073443.294323458@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.17-stable review patch. If anyone has any objections, please let me know. ------------------ From: Leon Romanovsky commit 7a8690ed6f5346f6738971892205e91d39b6b901 upstream. In commit 357d23c811a7 ("Remove the obsolete libibcm library") in rdma-core [1], we removed obsolete library which used the /dev/infiniband/ucmX interface. Following multiple syzkaller reports about non-sanitized user input in the UCMA module, the short audit reveals the same issues in UCM module too. It is better to disable this interface in the kernel, before syzkaller team invests time and energy to harden this unused interface. [1] https://github.com/linux-rdma/rdma-core/pull/279 Signed-off-by: Leon Romanovsky Signed-off-by: Jason Gunthorpe Signed-off-by: Greg Kroah-Hartman --- drivers/infiniband/Kconfig | 11 +++++++++++ drivers/infiniband/core/Makefile | 4 ++-- 2 files changed, 13 insertions(+), 2 deletions(-) --- a/drivers/infiniband/Kconfig +++ b/drivers/infiniband/Kconfig @@ -35,6 +35,17 @@ config INFINIBAND_USER_ACCESS libibverbs, libibcm and a hardware driver library from rdma-core . +config INFINIBAND_USER_ACCESS_UCM + bool "Userspace CM (UCM, DEPRECATED)" + depends on BROKEN + depends on INFINIBAND_USER_ACCESS + help + The UCM module has known security flaws, which no one is + interested to fix. The user-space part of this code was + dropped from the upstream a long time ago. + + This option is DEPRECATED and planned to be removed. + config INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI bool "Allow experimental legacy verbs in new ioctl uAPI (EXPERIMENTAL)" depends on INFINIBAND_USER_ACCESS --- a/drivers/infiniband/core/Makefile +++ b/drivers/infiniband/core/Makefile @@ -5,8 +5,8 @@ user_access-$(CONFIG_INFINIBAND_ADDR_TRA obj-$(CONFIG_INFINIBAND) += ib_core.o ib_cm.o iw_cm.o \ $(infiniband-y) obj-$(CONFIG_INFINIBAND_USER_MAD) += ib_umad.o -obj-$(CONFIG_INFINIBAND_USER_ACCESS) += ib_uverbs.o ib_ucm.o \ - $(user_access-y) +obj-$(CONFIG_INFINIBAND_USER_ACCESS) += ib_uverbs.o $(user_access-y) +obj-$(CONFIG_INFINIBAND_USER_ACCESS_UCM) += ib_ucm.o $(user_access-y) ib_core-y := packer.o ud_header.o verbs.o cq.o rw.o sysfs.o \ device.o fmr_pool.o cache.o netlink.o \