kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/net/sunrpc
History
Chuck Lever 2dc3a69de0 xprtrdma: Remove ALLPHYSICAL memory registration mode 
No HCA or RNIC in the kernel tree requires the use of ALLPHYSICAL.

ALLPHYSICAL advertises in the clear on the network fabric an R_key
that is good for all of the client's memory. No known exploit
exists, but theoretically any user on the server can use that R_key
on the client's QP to read or update any part of the client's memory.

ALLPHYSICAL exposes the client to server bugs, including:
 o base/bounds errors causing data outside the i/o buffer to be
   accessed
 o RDMA access after reply causing data corruption and/or integrity
   fail

ALLPHYSICAL can't protect application memory regions from server
update after a local signal or soft timeout has terminated an RPC.

ALLPHYSICAL chunks are no larger than a page. Special cases to
handle small chunks and long chunk lists have been a source of
implementation complexity and bugs.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Tested-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
2016-07-11 15:50:43 -04:00
..
auth_gss NFS client updates for Linux 4.7 2016-05-26 10:33:33 -07:00
xprtrdma xprtrdma: Remove ALLPHYSICAL memory registration mode 2016-07-11 15:50:43 -04:00
addr.c replace strict_strto calls 2014-07-12 18:45:49 -04:00
auth.c SUNRPC: Ensure get_rpccred() and put_rpccred() can take NULL arguments 2016-05-17 15:48:06 -04:00
auth_generic.c sunrpc: add rpc_lookup_generic_cred 2016-05-09 09:05:40 -04:00
auth_null.c nfsd: Lower NFSv4.1 callback message size limit 2016-03-01 13:06:35 -08:00
auth_unix.c sunrpc: plumb gfp_t parm into crcreate operation 2016-05-09 09:05:40 -04:00
backchannel_rqst.c SUNRPC: Fix callback channel 2015-12-07 13:04:59 -08:00
cache.c mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros 2016-04-04 10:41:08 -07:00
clnt.c rpc: share one xps between all backchannels 2016-06-15 10:32:25 -04:00
debugfs.c SUNRPC: Address kbuild warning in net/sunrpc/debugfs.c 2015-06-11 14:01:06 -04:00
Kconfig rpcrdma: Merge svcrdma and xprtrdma modules into one 2015-06-04 16:56:02 -04:00
Makefile SUNRPC: Add a structure to track multiple transports 2016-02-05 18:48:54 -05:00
netns.h Merge branch 'for-3.14' of git://linux-nfs.org/~bfields/linux 2014-01-30 10:18:43 -08:00
rpc_pipe.c mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros 2016-04-04 10:41:08 -07:00
rpcb_clnt.c SUNRPC: Use the multipath iterator to assign a transport to each task 2016-02-05 18:48:55 -05:00
sched.c SUNRPC: Allow caller to specify the transport to use 2016-02-05 18:48:55 -05:00
socklib.c sunrpc: do not pull udp headers on receive 2016-04-11 15:31:33 -04:00
stats.c sunrpc: add rpc_count_iostats_idx 2015-02-03 11:06:38 -08:00
sunrpc.h SUNRPC: track whether a request is coming from a loop-back interface. 2014-05-22 15:59:18 -04:00
sunrpc_syms.c sunrpc: make debugfs file creation failure non-fatal 2015-04-23 14:42:27 -04:00
svc.c SUNRPC: Fix callback channel 2015-12-07 13:04:59 -08:00
svc_xprt.c rpc: share one xps between all backchannels 2016-06-15 10:32:25 -04:00
svcauth.c svcrpc: move some initialization to common code 2015-11-24 10:39:16 -07:00
svcauth_unix.c svcrpc: move some initialization to common code 2015-11-24 10:39:16 -07:00
svcsock.c sock: tigthen lockdep checks for sock_owned_by_user 2016-04-13 22:37:20 -04:00
sysctl.c Sunrpc: Supports hexadecimal number for sysctl files of sunrpc debug 2015-11-03 15:56:49 -05:00
timer.c net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
xdr.c SUNRPC: init xdr_stream for zero iov_len, page_len 2016-05-09 09:05:40 -04:00
xprt.c SUNRPC: Use the multipath iterator to assign a transport to each task 2016-02-05 18:48:55 -05:00
xprtmultipath.c SUNRPC: Add a structure to track multiple transports 2016-02-05 18:48:54 -05:00
xprtsock.c rpc: share one xps between all backchannels 2016-06-15 10:32:25 -04:00