Return-Path: Received: from quartz.orcorp.ca ([184.70.90.242]:34438 "EHLO quartz.orcorp.ca" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932253AbbGJU5R (ORCPT ); Fri, 10 Jul 2015 16:57:17 -0400 Date: Fri, 10 Jul 2015 14:57:06 -0600 From: Jason Gunthorpe To: Doug Ledford Cc: Tom Talpey , "'Christoph Hellwig'" , Sagi Grimberg , Steve Wise , sagig@mellanox.com, ogerlitz@mellanox.com, roid@mellanox.com, linux-rdma@vger.kernel.org, eli@mellanox.com, target-devel@vger.kernel.org, linux-nfs@vger.kernel.org, trond.myklebust@primarydata.com, bfields@fieldses.org, Oren Duer Subject: Re: [PATCH V3 1/5] RDMA/core: Transport-independent access flags Message-ID: <20150710205706.GA7883@obsidianresearch.com> References: <20150707213628.GA5661@obsidianresearch.com> <559CD174.4040901@dev.mellanox.co.il> <20150708190842.GB11740@obsidianresearch.com> <20150708203205.GA21847@infradead.org> <20150709000337.GE16812@obsidianresearch.com> <559EF332.7060103@redhat.com> <20150709225306.GA30741@obsidianresearch.com> <559FC710.1050307@talpey.com> <20150710161108.GA19042@obsidianresearch.com> <55A00754.4010009@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <55A00754.4010009@redhat.com> Sender: linux-nfs-owner@vger.kernel.org List-ID: On Fri, Jul 10, 2015 at 01:56:36PM -0400, Doug Ledford wrote: > Are there security issues? Yes. Are we going to solve them in this > patch set? No. Especially since those security issues extend beyond > iSER + iWARP. I think my biggest concern is we don't inadvertently open a security hole on a machine that just happens to have an iwarp card installed, but has nothing to do with HPC. The clearest scary path I see is a server listening on a QP and using IB_ACCESS_REMOTE_WRITE. That sure looks easy to exploit. A client doing this.. It is alot harder to exploit.. iSER is client only, so less worrying. Can anyone else think of a way to attack the client? Jason