This series moves dealing with the safe all physical mr: ib_get_dma_mr(pd,IB_ACCESS_LOCAL_WRITE); Into ib_alloc_pd, and in the process makes the global local_dma_lkey functionality broadly enabled for all ULPs. The remaining users of ib_get_dma_mr are all unsafe: drivers/infiniband/ulp/iser/iser_verbs.c: device->mr = ib_get_dma_mr(device->pd, IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_WRITE | IB_ACCESS_REMOTE_READ); drivers/infiniband/ulp/srp/ib_srp.c: srp_dev->mr = ib_get_dma_mr(srp_dev->pd, IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_READ | IB_ACCESS_REMOTE_WRITE); drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c: int acflags = IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_WRITE; mr = ib_get_dma_mr(hdev->ibh_pd, acflags); net/rds/iw.c: rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd, IB_ACCESS_REMOTE_READ | IB_ACCESS_REMOTE_WRITE | IB_ACCESS_LOCAL_WRITE); net/sunrpc/xprtrdma/svc_rdma_transport.c: if (rdma_protocol_iwarp(newxprt->sc_cm_id->device, newxprt->sc_cm_id->port_num) && !(newxprt->sc_dev_caps & SVCRDMA_DEVCAP_FAST_REG)) dma_mr_acc |= IB_ACCESS_REMOTE_WRITE; newxprt->sc_phys_mr = ib_get_dma_mr(newxprt->sc_pd, dma_mr_acc); net/sunrpc/xprtrdma/verbs.c: case RPCRDMA_ALLPHYSICAL: ia->ri_ops = &rpcrdma_physical_memreg_ops; mem_priv = IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_WRITE | IB_ACCESS_REMOTE_READ; ia->ri_bind_mem = ib_get_dma_mr(ia->ri_pd, mem_priv); Calling ib_get_dma_mr with IB_ACCESS_REMOTE_* flags is considered to be a serious security problem and should not be done without the user directly opting in to an off-by-default scheme. The call allows the peer on the QP unrestricted access to local physical memory if they can guess the rkey value. A future series will cause the kernel to be tainted by the above call sites to promote migrating away from this. To Migrate: * If ib_get_dma_mr was being used to get an lkey then use local_dma_lkey instead (I belive this series gets all of those cases). If the lkey is being used for RDMA_READ, and iWarp support is required then iWarp must be detected and FRMR must be used to create a limited temporary MR just for the RDMA_READ. (eg NFS, RDS) * If ib_get_dma_mr was being used to get an rkey then use FRMR to cerate limited temporary MR's (eg SRP, iSER, etc) Doug, this needs to be sequenced after the mlx5 patch: https://patchwork.kernel.org/patch/6829351/ All patches are compile tested. I've done basic testing up to and including the IPoIB patch, the rest required specialized setups I don't have access to, but are fairly straightforward. Feel free to take whatever subset of this gets tested/ack'd before the next cycle. Sagi, IB/iser should have special attention paid, as it is less clear to me if it got everything. Jason Gunthorpe (10): IB/core: Guarantee that a local_dma_lkey is available IB/mad: Remove ib_get_dma_mr calls IB/ipoib: Remove ib_get_dma_mr calls IB/mlx4: Remove ib_get_dma_mr calls IB/mlx5: Remove ib_get_dma_mr calls IB/iser: Use pd->local_dma_lkey iser-target: Remove ib_get_dma_mr calls IB/srp: Use pd->local_dma_lkey ib_srpt: Remove ib_get_dma_mr calls net/9p: Remove ib_get_dma_mr calls drivers/infiniband/core/mad.c | 26 +++--------------- drivers/infiniband/core/mad_priv.h | 1 - drivers/infiniband/core/verbs.c | 40 ++++++++++++++++++++++++---- drivers/infiniband/hw/mlx4/mad.c | 23 +++------------- drivers/infiniband/hw/mlx4/mlx4_ib.h | 1 - drivers/infiniband/hw/mlx5/main.c | 13 --------- drivers/infiniband/hw/mlx5/mlx5_ib.h | 1 - drivers/infiniband/hw/mlx5/mr.c | 5 ++-- drivers/infiniband/ulp/ipoib/ipoib.h | 1 - drivers/infiniband/ulp/ipoib/ipoib_cm.c | 2 +- drivers/infiniband/ulp/ipoib/ipoib_verbs.c | 18 +++---------- drivers/infiniband/ulp/iser/iscsi_iser.c | 2 +- drivers/infiniband/ulp/iser/iser_initiator.c | 8 +++--- drivers/infiniband/ulp/iser/iser_memory.c | 2 +- drivers/infiniband/ulp/iser/iser_verbs.c | 2 +- drivers/infiniband/ulp/isert/ib_isert.c | 33 ++++++++--------------- drivers/infiniband/ulp/isert/ib_isert.h | 1 - drivers/infiniband/ulp/srp/ib_srp.c | 2 +- drivers/infiniband/ulp/srpt/ib_srpt.c | 15 +++-------- drivers/infiniband/ulp/srpt/ib_srpt.h | 1 - include/rdma/ib_mad.h | 1 - include/rdma/ib_verbs.h | 2 ++ net/9p/trans_rdma.c | 26 ++---------------- 23 files changed, 75 insertions(+), 151 deletions(-) -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
