This is a note to let you know that I've just added the patch titled
net/smc: Add warning about remote memory exposure
to the 4.11-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
net-smc-add-warning-about-remote-memory-exposure.patch
and it can be found in the queue-4.11 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Wed May 31 09:13:10 JST 2017
From: Christoph Hellwig <hch@xxxxxx>
Date: Tue, 16 May 2017 09:51:38 +0300
Subject: net/smc: Add warning about remote memory exposure
From: Christoph Hellwig <hch@xxxxxx>
[ Upstream commit 19a0f7e37c0761a0a1cbf550705a6063c9675223 ]
The driver explicitly bypasses APIs to register all memory once a
connection is made, and thus allows remote access to memory.
Signed-off-by: Christoph Hellwig <hch@xxxxxx>
Signed-off-by: Leon Romanovsky <leon@xxxxxxxxxx>
Acked-by: Ursula Braun <ubraun@xxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/smc/Kconfig | 4 ++++
1 file changed, 4 insertions(+)
--- a/net/smc/Kconfig
+++ b/net/smc/Kconfig
@@ -8,6 +8,10 @@ config SMC
The Linux implementation of the SMC-R solution is designed as
a separate socket family SMC.
+ Warning: SMC will expose all memory for remote reads and writes
+ once a connection is established. Don't enable this option except
+ for tightly controlled lab environment.
+
Select this option if you want to run SMC socket applications
config SMC_DIAG
Patches currently in stable-queue which might be from hch@xxxxxx are
queue-4.11/net-smc-add-warning-about-remote-memory-exposure.patch