On Wed, Feb 7, 2018 at 5:35 PM, Christopher Lameter <cl@xxxxxxxxx> wrote: > On Mon, 5 Feb 2018, Bart Van Assche wrote: > >> That approach may work well for your employer but sorry I don't think this is >> sufficient for an upstream driver. I think that most users who configure a >> network storage target expect full control over which storage devices are exported >> and also over which clients do have and do not have access. > > Well is that actually true for IPoIB? It seems that I can arbitrarily > attach to any partition I want without access control. In many ways some > of the RDMA layers and modules are loose with security since performance > is what matters mostly and deployments occur in separate production > environments. > > We have had security issues (that not fully resolved yet) with the RDMA > RPC API for years.. So maybe lets relax on the security requirements a > bit? > Frankly speaking I do not understand the "security" about this kind of block devices and RDMA in particular. I can admit that personally I do not see the whole picture, so can someone provide the real usecase/scenario? What we have in our datacenters is trusted environment (do others exist?). You need a volume, you create it. You need to map a volume remotely - you map it. Of course there are provisioning checks, rw/ro checks, etc. But in general any IP/key checks (is that client really a "good" guy or not?) are simply useless. So the question is: are there real life setups where some of the local IB network members can be untrusted? -- Roman
