From: Parav Pandit <parav-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
To: David Miller <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>,
"Bart.VanAssche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org"
<Bart.VanAssche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
Cc: "hch-jcswGhMUV9g@public.gmane.org"
<hch-jcswGhMUV9g@public.gmane.org>,
"netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"ubraun-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org"
<ubraun-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
Subject: RE: [PATCH] net/smc: mark as BROKEN due to remote memory exposure
Date: Mon, 15 May 2017 01:58:05 +0000 [thread overview]
Message-ID: <VI1PR0502MB3008AAFB2888EBB88F69DFEAD1E10@VI1PR0502MB3008.eurprd05.prod.outlook.com> (raw)
In-Reply-To: <20170514.204404.1844909849561204299.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
Hi Dave,
> -----Original Message-----
> From: linux-rdma-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org [mailto:linux-rdma-
> owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org] On Behalf Of David Miller
> Sent: Sunday, May 14, 2017 7:44 PM
> To: Bart.VanAssche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org
> Cc: hch-jcswGhMUV9g@public.gmane.org; netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org; linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org;
> stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org; ubraun-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
> Subject: Re: [PATCH] net/smc: mark as BROKEN due to remote memory
> exposure
>
> From: Bart Van Assche <Bart.VanAssche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
> Date: Sun, 14 May 2017 19:08:50 +0000
>
> > What is your plan to avoid that applications start using and depending
> > on AF_SMC?
>
status = socket(AF_SMC, field, IPPROT_TCP);
Here,
- AF_SMC actually means AF_INET IPv4 addresses!
- IPPROTO_TCP means TCP and RDMA both when socket is AF_SMC.
- When creating socket addresses, use AF_INET based addresses.
- When invoking bind(), listen(), connect() APIs, use AF_INET addresses instead.
- Supporting IPv6 is TBD with AF_SMC sockets.
- At user level get_addrinfo will continue to return AF_INET addresses.
Such explanation for socket APIs doesn't sound correct.
The primary motivation for SMC protocol was to simplify the applications and library to make use of RDMA.
This kind of API is against such simplicity and creates more confusion.
RFC only gives example and doesn't asks to create new socket family.
I can provide more data, but a simple grep in get_addrinfo() and friend functions in user space has heavy dependence on AF_INET and AF_INET6.
> The API is out there already so we are out of luck, and neither you nor I nor
> anyone else can "stop" this from happening.
I think it is still not too late to fix this API. SMC is released in v4.11 very recently.
v4.12 is still not out.
Given the limitation of protocol being RoCEv1 only, we might not have many users whose applications will stop functioning.
(Which will anyway won't work for RoCEv2, and IPv6 addresses).
I propose,
(a) AF_SMC socket 43 can be marked reserved in future kernel versions to avoid use.
(b) New protocol family that represents TCP and RDMA protocol, may be named IPPROTO_SMC even though it is not a protocol in IP header.
We can possibly target to have this fix in 4.13 kernel timeframe.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the
> body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info
> at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Parav Pandit <parav@mellanox.com>
To: David Miller <davem@davemloft.net>,
"Bart.VanAssche@sandisk.com" <Bart.VanAssche@sandisk.com>
Cc: "hch@lst.de" <hch@lst.de>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>,
"stable@vger.kernel.org" <stable@vger.kernel.org>,
"ubraun@linux.vnet.ibm.com" <ubraun@linux.vnet.ibm.com>
Subject: RE: [PATCH] net/smc: mark as BROKEN due to remote memory exposure
Date: Mon, 15 May 2017 01:58:05 +0000 [thread overview]
Message-ID: <VI1PR0502MB3008AAFB2888EBB88F69DFEAD1E10@VI1PR0502MB3008.eurprd05.prod.outlook.com> (raw)
In-Reply-To: <20170514.204404.1844909849561204299.davem@davemloft.net>
Hi Dave,
> -----Original Message-----
> From: linux-rdma-owner@vger.kernel.org [mailto:linux-rdma-
> owner@vger.kernel.org] On Behalf Of David Miller
> Sent: Sunday, May 14, 2017 7:44 PM
> To: Bart.VanAssche@sandisk.com
> Cc: hch@lst.de; netdev@vger.kernel.org; linux-rdma@vger.kernel.org;
> stable@vger.kernel.org; ubraun@linux.vnet.ibm.com
> Subject: Re: [PATCH] net/smc: mark as BROKEN due to remote memory
> exposure
>
> From: Bart Van Assche <Bart.VanAssche@sandisk.com>
> Date: Sun, 14 May 2017 19:08:50 +0000
>
> > What is your plan to avoid that applications start using and depending
> > on AF_SMC?
>
status = socket(AF_SMC, field, IPPROT_TCP);
Here,
- AF_SMC actually means AF_INET IPv4 addresses!
- IPPROTO_TCP means TCP and RDMA both when socket is AF_SMC.
- When creating socket addresses, use AF_INET based addresses.
- When invoking bind(), listen(), connect() APIs, use AF_INET addresses instead.
- Supporting IPv6 is TBD with AF_SMC sockets.
- At user level get_addrinfo will continue to return AF_INET addresses.
Such explanation for socket APIs doesn't sound correct.
The primary motivation for SMC protocol was to simplify the applications and library to make use of RDMA.
This kind of API is against such simplicity and creates more confusion.
RFC only gives example and doesn't asks to create new socket family.
I can provide more data, but a simple grep in get_addrinfo() and friend functions in user space has heavy dependence on AF_INET and AF_INET6.
> The API is out there already so we are out of luck, and neither you nor I nor
> anyone else can "stop" this from happening.
I think it is still not too late to fix this API. SMC is released in v4.11 very recently.
v4.12 is still not out.
Given the limitation of protocol being RoCEv1 only, we might not have many users whose applications will stop functioning.
(Which will anyway won't work for RoCEv2, and IPv6 addresses).
I propose,
(a) AF_SMC socket 43 can be marked reserved in future kernel versions to avoid use.
(b) New protocol family that represents TCP and RDMA protocol, may be named IPPROTO_SMC even though it is not a protocol in IP header.
We can possibly target to have this fix in 4.13 kernel timeframe.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the
> body of a message to majordomo@vger.kernel.org More majordomo info
> at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-05-15 1:58 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-10 7:26 [PATCH] net/smc: mark as BROKEN due to remote memory exposure Christoph Hellwig
2017-05-11 14:57 ` Bart Van Assche
[not found] ` <1494514662.2489.1.camel-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org>
2017-05-14 5:58 ` Christoph Hellwig
2017-05-14 5:58 ` Christoph Hellwig
2017-05-14 5:58 ` Christoph Hellwig
2017-05-14 15:51 ` David Miller
2017-05-14 19:08 ` Bart Van Assche
2017-05-15 0:44 ` David Miller
[not found] ` <20170514.204404.1844909849561204299.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-15 1:58 ` Parav Pandit [this message]
2017-05-15 1:58 ` Parav Pandit
2017-05-16 15:57 ` Doug Ledford
2017-05-16 15:57 ` Doug Ledford
2017-05-16 16:29 ` David Miller
2017-05-16 16:29 ` David Miller
[not found] ` <20170516.122923.869994491617365845.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-16 16:30 ` Christoph Hellwig
2017-05-16 16:30 ` Christoph Hellwig
[not found] ` <20170516163041.GA5132-jcswGhMUV9g@public.gmane.org>
2017-05-16 16:33 ` David Miller
2017-05-16 16:33 ` David Miller
2017-05-16 16:35 ` Christoph Hellwig
2017-05-16 16:36 ` Doug Ledford
2017-05-16 16:36 ` Doug Ledford
2017-05-16 16:41 ` David Miller
2017-05-16 16:41 ` David Miller
2017-05-16 17:12 ` Doug Ledford
2017-05-16 16:42 ` Doug Ledford
2017-05-16 16:49 ` David Miller
2017-05-16 16:49 ` David Miller
[not found] ` <20170516.124945.386235742645153398.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-16 17:20 ` Doug Ledford
2017-05-16 17:20 ` Doug Ledford
[not found] ` <1494955244.3259.130.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-05-16 17:36 ` David Miller
2017-05-16 17:36 ` David Miller
[not found] ` <20170516.133644.850927380166261577.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-16 18:03 ` Doug Ledford
2017-05-16 18:03 ` Doug Ledford
2017-05-16 18:52 ` David Miller
2017-05-16 18:52 ` David Miller
[not found] ` <20170516.145249.871010194359061722.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-16 19:28 ` Doug Ledford
2017-05-16 19:28 ` Doug Ledford
2017-05-17 20:37 ` Doug Ledford
2017-05-17 22:37 ` Parav Pandit
[not found] ` <VI1PR0502MB3008604A216B388A440A8B53D1E70-o1MPJYiShExKsLr+rGaxW8DSnupUy6xnnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-18 0:07 ` Doug Ledford
2017-05-18 0:07 ` Doug Ledford
2017-05-18 4:22 ` Leon Romanovsky
[not found] ` <20170514.115116.499149210596634881.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2017-05-15 6:41 ` Sagi Grimberg
2017-05-15 6:41 ` Sagi Grimberg
2017-05-15 7:18 ` Leon Romanovsky
2017-05-15 7:18 ` Leon Romanovsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR0502MB3008AAFB2888EBB88F69DFEAD1E10@VI1PR0502MB3008.eurprd05.prod.outlook.com \
--to=parav-vpraknaxozvwk0htik3j/w@public.gmane.org \
--cc=Bart.VanAssche-XdAiOPVOjttBDgjK7y7TUQ@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=hch-jcswGhMUV9g@public.gmane.org \
--cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=ubraun-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.