Received: by 10.192.165.148 with SMTP id m20csp5292358imm; Wed, 9 May 2018 02:35:22 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpPHSxUO7kD+qJAHpQCVFjzRAtFCD5WfVoQPMA53F8pqa4+FUNmW15imzrc7+vgmCwWsN7Q X-Received: by 2002:a17:902:ab8d:: with SMTP id f13-v6mr44489868plr.81.1525858522788; Wed, 09 May 2018 02:35:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525858522; cv=none; d=google.com; s=arc-20160816; b=ZytmpaPHg+sSN76xOtufhfS3llD41Rvy/N6N9KYm9bYAYdlE0rqXpOXziQbGCFb0Dk OoyZiMFcBt9ytlIWrN/aGFUIqaJ+06gioQviUGVEEnfXecEhQzBzNLGOinvxVvi+QTC3 poYJdgsvI84zQvvFJXagxqSXkLGS0/JEV7pLNjUIcgoosXVD7FYc5hA8AtjrNGp2TRBo Rd5Vrq1kMJh20oC7THxKftbaxNdPfq6h+fesRkVcdiWG5L9mHZyUnobanxgBxFDTva93 NvQ7bqss0tQ0rqDU5FRqS6h7JoTTIVJ5MH7iyh9HMB9yeb7eXQB4EL/F0Xnl8p/uARjS lmSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=BoQT559xuUY5UYlDwfmxEwEQETN61duJ8znrh941AlI=; b=YMdsvFezwbGbtbOCA7TWE3pKWZQe3EeRmnO6bhvoqayhUFTEGxBUAB+2kAGiXf710n 2N1Ur0yVzt+qQEMf4wIILrJwZWEhKqktGuMmj08q47pxYdHAKgSRrgPryLE1iamyNh8H 2YD36orW6g6NndtGa+vvb5UZXdA+aWTMvN46OdX6dbUvJlogyzYahNTebPKGYUHSl2i1 4fCw9mTYYypRTsCPuJnvITjgWmdV7Kvl6ZiFzBr0TdA60QlaF+QID73UvXptaSurgRrh q+NjknjfJBUVfBc8QRyQSPa46XeP+BGTQ4ARZnajs2pOFgkSgbPy093BNX8Mqo8pKJao MOaA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=aNTrxexE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u198-v6si21580847pgc.203.2018.05.09.02.35.08; Wed, 09 May 2018 02:35:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=aNTrxexE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934026AbeEIJbI (ORCPT + 99 others); Wed, 9 May 2018 05:31:08 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:45048 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933869AbeEIJau (ORCPT ); Wed, 9 May 2018 05:30:50 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w499PkFf182403; Wed, 9 May 2018 09:30:32 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=BoQT559xuUY5UYlDwfmxEwEQETN61duJ8znrh941AlI=; b=aNTrxexEKrOnhkoDy50j7buKCCsRW8IIdPtv5xlQGirnjhqdR9oQhpJr3kv3HZiVADNd bowHlhhqjSA0ATiDJUXddBeb4h4B7E+4VVUDawQ4SpVkycQfmB5pukyNp25ygfwrXRrN LN5RH0bJhp565Uraxh/2ObNop0UdI1kwBNlB6eIcg5nERy/ewXMbC9qdu8CIfVtovwA+ gvC9E5E49hKsbklCd47V3mr5XjOv38TTpC6W+lS1f4FEJHfb6tM22ipQkjeUp4kDcaQP pfumeAItqyfFek/ba+bQCwj7GiVCUTS/HkZDgZGlO1wmjDOtdevlEu2+SHZhBcEe9cCK XQ== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by aserp2120.oracle.com with ESMTP id 2hs4k2cge7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 09 May 2018 09:30:32 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w499UWOt031358 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 9 May 2018 09:30:32 GMT Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w499UWkV004388; Wed, 9 May 2018 09:30:32 GMT Received: from lab02.no.oracle.com (/10.172.144.56) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 09 May 2018 02:30:32 -0700 From: =?UTF-8?q?H=C3=A5kon=20Bugge?= To: Doug Ledford , Don Hiatt , Ira Weiny , Sean Hefty Cc: linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org, =?UTF-8?q?H=C3=A5kon=20Bugge?= Subject: [PATCH IB/core 2/2] IB/cm: Send authentic pkey in REQ msg and check eligibility of the pkeys Date: Wed, 9 May 2018 11:30:20 +0200 Message-Id: <20180509093020.24503-3-Haakon.Bugge@oracle.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20180509093020.24503-1-Haakon.Bugge@oracle.com> References: <20180509093020.24503-1-Haakon.Bugge@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8887 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805090090 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org There is no point in using RDMA CM to establish a connection between two QPs that cannot possible communicate. Particularly, if both the active and passive side use limited pkeys, they are not able to communicate. In order to detect this situation, the authentic pkey is used in the CM REQ message. The authentic pkey is the one that the HCA inserts into the BTH in the IB packets. When the passive side receives the REQ, commit ("ib_core: A full pkey is required to match a limited one") ensures that ib_find_matched_cached_pkey() fails unless at least one of the pkeys compared has the full-member bit. In the limited-to-limited case, this will prohibit the connection to be formed, and thus, Pkey Violation Traps will not be sent to the SM. Signed-off-by: HÃ¥kon Bugge --- drivers/infiniband/core/cm.c | 39 ++++++++++++++++++++++++++++++++------- include/rdma/ib_cm.h | 4 +++- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c index a92e1a5c202b..52ed51d5bd2a 100644 --- a/drivers/infiniband/core/cm.c +++ b/drivers/infiniband/core/cm.c @@ -3,6 +3,7 @@ * Copyright (c) 2004 Topspin Corporation. All rights reserved. * Copyright (c) 2004, 2005 Voltaire Corporation. All rights reserved. * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved. * * This software is available to you under a choice of one of two * licenses. You may choose to be licensed under the terms of the GNU @@ -91,6 +92,7 @@ static const char * const ibcm_rej_reason_strs[] = { [IB_CM_REJ_INVALID_CLASS_VERSION] = "invalid class version", [IB_CM_REJ_INVALID_FLOW_LABEL] = "invalid flow label", [IB_CM_REJ_INVALID_ALT_FLOW_LABEL] = "invalid alt flow label", + [IB_CM_REJ_INVALID_PKEY] = "invalid PKey", }; const char *__attribute_const__ ibcm_reject_msg(int reason) @@ -518,8 +520,8 @@ static int cm_init_av_by_path(struct sa_path_rec *path, struct cm_av *av, return -EINVAL; cm_dev = port->cm_dev; - ret = ib_find_cached_pkey(cm_dev->ib_device, port->port_num, - be16_to_cpu(path->pkey), &av->pkey_index); + ret = ib_find_matched_cached_pkey(cm_dev->ib_device, port->port_num, + be16_to_cpu(path->pkey), &av->pkey_index); if (ret) return ret; @@ -1241,7 +1243,7 @@ static void cm_format_req(struct cm_req_msg *req_msg, cm_req_set_starting_psn(req_msg, cpu_to_be32(param->starting_psn)); cm_req_set_local_resp_timeout(req_msg, param->local_cm_response_timeout); - req_msg->pkey = param->primary_path->pkey; + req_msg->pkey = cpu_to_be16(cm_id_priv->pkey); cm_req_set_path_mtu(req_msg, param->primary_path->mtu); cm_req_set_max_cm_retries(req_msg, param->max_cm_retries); @@ -1396,7 +1398,23 @@ int ib_send_cm_req(struct ib_cm_id *cm_id, cm_id_priv->responder_resources = param->responder_resources; cm_id_priv->retry_count = param->retry_count; cm_id_priv->path_mtu = param->primary_path->mtu; - cm_id_priv->pkey = param->primary_path->pkey; + + /* + * We want to send the pkey used in the BTH in packets + * sent. This, in order for the passive side to determine if + * communication is permitted by the respective pkeys. + * + * The pkey in the paths are derived from the MGID, which has + * the full membership bit set. Hence, we retrieve the pkey by + * using the address vector's pkey_index. + */ + ret = ib_get_cached_pkey(cm_id_priv->id.device, + cm_id_priv->av.port->port_num, + cm_id_priv->av.pkey_index, + &cm_id_priv->pkey); + if (ret) + goto error1; + cm_id_priv->qp_type = param->qp_type; ret = cm_alloc_msg(cm_id_priv, &cm_id_priv->msg); @@ -1956,16 +1974,19 @@ static int cm_req_handler(struct cm_work *work) cm_id_priv); if (ret) { int err; + int rej_reason = (ret == -ENOENT ? + IB_CM_REJ_INVALID_PKEY : + IB_CM_REJ_INVALID_GID); err = ib_get_cached_gid(work->port->cm_dev->ib_device, work->port->port_num, 0, &work->path[0].sgid, NULL); if (err) - ib_send_cm_rej(cm_id, IB_CM_REJ_INVALID_GID, + ib_send_cm_rej(cm_id, rej_reason, NULL, 0, NULL, 0); else - ib_send_cm_rej(cm_id, IB_CM_REJ_INVALID_GID, + ib_send_cm_rej(cm_id, rej_reason, &work->path[0].sgid, sizeof(work->path[0].sgid), NULL, 0); @@ -1975,7 +1996,11 @@ static int cm_req_handler(struct cm_work *work) ret = cm_init_av_by_path(&work->path[1], &cm_id_priv->alt_av, cm_id_priv); if (ret) { - ib_send_cm_rej(cm_id, IB_CM_REJ_INVALID_ALT_GID, + int rej_reason = (ret == -ENOENT ? + IB_CM_REJ_INVALID_PKEY : + IB_CM_REJ_INVALID_ALT_GID); + + ib_send_cm_rej(cm_id, rej_reason, &work->path[0].sgid, sizeof(work->path[0].sgid), NULL, 0); goto rejected; diff --git a/include/rdma/ib_cm.h b/include/rdma/ib_cm.h index 7979cb04f529..56b62303946a 100644 --- a/include/rdma/ib_cm.h +++ b/include/rdma/ib_cm.h @@ -3,6 +3,7 @@ * Copyright (c) 2004 Topspin Corporation. All rights reserved. * Copyright (c) 2004 Voltaire Corporation. All rights reserved. * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved. * * This software is available to you under a choice of one of two * licenses. You may choose to be licensed under the terms of the GNU @@ -183,7 +184,8 @@ enum ib_cm_rej_reason { IB_CM_REJ_DUPLICATE_LOCAL_COMM_ID = 30, IB_CM_REJ_INVALID_CLASS_VERSION = 31, IB_CM_REJ_INVALID_FLOW_LABEL = 32, - IB_CM_REJ_INVALID_ALT_FLOW_LABEL = 33 + IB_CM_REJ_INVALID_ALT_FLOW_LABEL = 33, + IB_CM_REJ_INVALID_PKEY = 34, }; struct ib_cm_rej_event_param { -- 2.13.6