Received: by 10.192.165.148 with SMTP id m20csp5291234imm; Wed, 9 May 2018 02:34:03 -0700 (PDT) X-Google-Smtp-Source: AB8JxZr+an4giakOYSJtvCgf/fBSFJ3qAq+P6ijk4FP/CAv3gOo7mvREV7aIN8zL9fL0Z7q5NCt/ X-Received: by 2002:a63:744a:: with SMTP id e10-v6mr31265992pgn.275.1525858443300; Wed, 09 May 2018 02:34:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525858443; cv=none; d=google.com; s=arc-20160816; b=k7QxqQOYFI66aKYkd68QVfyXZ7+6GNw8T0MklBeURpjPb9MjYma/aGKmS6JyfBd44J sopHaEMCD+/z8JDfFxK6c3kMRVWz1a03jKZxdgY8Sc2BuRXfuOaXUomSrDwwJG7ceKHZ ZT3rKzxtIlUCm7gDTG7GMoCrY8eyLE7ASII7SyH497uaZ6m9IjGgycjdx6Q8Aoo5BMEY y57y+c9Hr6k/ushm3Fy20jKNDR+zRZCF+I4/QydWL7N5CJZBUmB9a3X8kjEAkfq3EyF0 myrxqGMlHmnBY3G2/ZjcKZzgnA+sY//VeJMHF/x/gIsVvFgkKzbrUhBRoMgxe3cFa5gC cmzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=gZDwTM+HaBNDOAsoGpKPmdCjoT9U1mU7SM2LzpP46Sc=; b=APh/9fAIv7lklu3/8C6kut8pfUxrg/3wrJ7UbNEI1WuA7kwsLRlgxxTM97S4gVbreL VGC7LI+guSDJptR6KUld6Jxvh1efaFs2l64SyJzvVOqhM/L9lTU9xEcJpN5YYksEUugg qGarNdByiFUjzL2/L/U2JnrCLI5PxgjIJ5kYNo3eyVOmEjtmFpcLB/yEeWLtWh2jQPbW FhRmLXOkwkpSMZVrhrChob/UUlkwFVkiIOXWtU9E7pMooc0RaQMPY/NBmspW9p0urVYM a5KSWGlq8v2/00mEkKsKa+o01FBs79gRKQcwvn2xfAwRe90fN3IyHxVjb/5QOOBqs2jA QEdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=hyABwIpQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s75-v6si3239704pgc.215.2018.05.09.02.33.48; Wed, 09 May 2018 02:34:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=hyABwIpQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933959AbeEIJaw (ORCPT + 99 others); Wed, 9 May 2018 05:30:52 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:49356 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933846AbeEIJat (ORCPT ); Wed, 9 May 2018 05:30:49 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w499PuKb091987; Wed, 9 May 2018 09:30:31 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : mime-version : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=gZDwTM+HaBNDOAsoGpKPmdCjoT9U1mU7SM2LzpP46Sc=; b=hyABwIpQm80GZJpJcSLoCpiF6icOeRLYBwiaHqucQfjSioWXseX2PvD2OFpf1+gs61Vw REhHWirBBQTRASWEHAYy7byHkvSC+ZU3u0ANlgjOei2jZv7KhmW9ThYZgCf1zaNGSVev h+9Zx57D2VHMPhlAB9k+QLH07ezlhMPKKdUH9UBU9PFKL4fa38xe/TFw2pfwTLBFuT+O qMJT5UYqYLPyqPA2M0/aW2sLzlTghUlrlDGrDOryfReo+FzJmXN6AyaDcMeBfMk3WsLM DaHLAayxcFiCpswlpEBxRpkEfr5vlXtVXJkrwDnsORFdTwDdyj9osaaIuvqVYiCKxiSc qA== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp2130.oracle.com with ESMTP id 2hs426mjg8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 09 May 2018 09:30:30 +0000 Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w499UTZI031262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 9 May 2018 09:30:30 GMT Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w499UTTI014992; Wed, 9 May 2018 09:30:29 GMT Received: from lab02.no.oracle.com (/10.172.144.56) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 09 May 2018 02:30:28 -0700 From: =?UTF-8?q?H=C3=A5kon=20Bugge?= To: Doug Ledford , Don Hiatt , Ira Weiny , Sean Hefty Cc: linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org, =?UTF-8?q?H=C3=A5kon=20Bugge?= Subject: [PATCH IB/core 0/2] Do not form IB connections between limited partition members Date: Wed, 9 May 2018 11:30:18 +0200 Message-Id: <20180509093020.24503-1-Haakon.Bugge@oracle.com> X-Mailer: git-send-email 2.13.6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8887 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=766 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805090090 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Systems using IB partitions might be exposed to excessive pkey violation traps which are sent to the OpenSM. This can be close to a DoS attack, and in addition, the OpenSM logs are flooded with these messages, hiding potential other log messages deemed important in order to investigate important issues. This series prohibit RDMA CM to establish connections between two limited partition members. This avoids pkey violation traps stemming from unicast messages to be sent to the OpenSM. [If this patch series get accepted by the community, I ask if the maintainer can update the reference to the first commit in the second commit message with a correct 12 chars SHA] HÃ¥kon Bugge (2): IB/core: A full pkey is required to match a limited one IB/cm: Send authentic pkey in REQ msg and check eligibility of the pkeys drivers/infiniband/core/cache.c | 32 +++++++++++++++++++++++++++----- drivers/infiniband/core/cm.c | 39 ++++++++++++++++++++++++++++++++------- include/rdma/ib_cache.h | 18 ++++++++++++++++++ include/rdma/ib_cm.h | 4 +++- 4 files changed, 80 insertions(+), 13 deletions(-) -- 2.13.6