On Fri, May 05, 2017 at 07:06:56PM +0200, Ursula Braun wrote: > We do not see that just loading the smc module causes this issue.The security > risk starts with the first connection, that actually uses smc. This is only > possible if an AF_SMC socket connection is created while the so-called > pnet-table is available and offers a mapping between the used Ethernet > interface and RoCE device. Such a mapping has to be configured by a user > (via a netlink interface) and, thus, is a conscious decision by that user.
At a mimimum this escaltes any local root exploit to a full kernel exploit in the presense of RDMA hardware, so I do not think you should be so dimissive of the impact. I recommend immediately sending a kconfig patch cc'd to stable making SMC require CONFIG_BROKEN so that nobody inadvertantly turns it on. Jason
