Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp2122400imm; Wed, 16 May 2018 08:12:41 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqvE1ssh5ey5DXtJfqiZJ8jD/7hY/qzbGfD8vtExttMMurWSH+kO5vN1zhxGX5ZHyhIr7M8 X-Received: by 2002:a63:6e8c:: with SMTP id j134-v6mr1054445pgc.218.1526483561291; Wed, 16 May 2018 08:12:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526483561; cv=none; d=google.com; s=arc-20160816; b=wkmniEf7WOe0jUH42I1P9RmdE3jDt2HDZYtRrbma9QaMqm0KakOrdD4MhuEpbtFgkA h1Z42Lxg2hB/On/MDB9I83dTi4AoirHBu4cXY9cumNcwALPPz/6iKqoeTxjc6ZmV04p8 JgXK9mlfgqBd9PyuHIfl2LEl7SNUqRLszJR+O3rn8PkoRaPMOmzKKpX7HM3n6X4FFcVz Ton8DiWbL6fjx70xFtDHGr8ckfsKI3ZtrQpkwAEMeOhNaEjfDKX2vUESuR9CAKmbwdhl wueDRJP8up0wauBMFB5Oc9++3Ububop4p6pWlBH4tqVTZfWpr0BGQksQE+shqGaBOlMK 0ivQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=hNZ6lVTdajM42hZ7KfwqPW42OP/OTB88L+ryQfAfvD0=; b=Tza9iUFKBW267tYFOMsyHufJIrDnVzv9j+XG9HSgGDVzH1VhoujXCk/F6BrACWyRaV CT/8Sygtn0ogSGyb+BUojWp3gQ81WokKl14Q7xOGbdQ/ZKdSAM2DyX7oXeSfgYZsnU32 xLLOUGrxL1SNYv2EdbIruEfLbFqQ0N3bLM6IAbcSE+u4qHU+BPjxtBYOi+1rjEuWSB/D zfXe/00EaA34Shmo2XHiC+FJxO/pqNCJj0s3m0AVxN1piXxMO9F1kad1K2lc+OGEX829 ZsNw6OlMKjvTMqzqDR3Otnbkh0cyo3TX/p6d4Af7oBdoJcKzUg8n5wfkB+6B1CwJin/H qbFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ziepe.ca header.s=google header.b=fBAYj/+v; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 11-v6si2709651plc.466.2018.05.16.08.12.26; Wed, 16 May 2018 08:12:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ziepe.ca header.s=google header.b=fBAYj/+v; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751290AbeEPPMG (ORCPT + 99 others); Wed, 16 May 2018 11:12:06 -0400 Received: from mail-pg0-f68.google.com ([74.125.83.68]:33437 "EHLO mail-pg0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750759AbeEPPME (ORCPT ); Wed, 16 May 2018 11:12:04 -0400 Received: by mail-pg0-f68.google.com with SMTP id v7-v6so442025pgs.0 for ; Wed, 16 May 2018 08:12:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ziepe.ca; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=hNZ6lVTdajM42hZ7KfwqPW42OP/OTB88L+ryQfAfvD0=; b=fBAYj/+v0a7VBgPY1lE0RdVn3QLAK4j3Q5/w6zh1W8pAg2UEM7zz31Y2X6xE6N2iP8 KiWmwXReEk2mpXQiWTnJ7QpaLpqbiIpg+tqLep40RJfHmmz6gFeftLlKbo5JjwtNRfwM 9+LLCiZkOSS0c7CESMHgeO6vGjNwuO3M3PPYGy6zHuhyPKgvr0ws9LdoVOYiYQoyQD8Z e9q2xfEer3sQQegbNPzqDGNxgNoELYoUP1ULGCC+Fe4bk5Q4NkR816WFCTdEoY7Fclu3 AIt7YSJ48e7C3+4OJtIWgVqdJwYIm/TJyIt5K1xm5urIYIMj7cpRXKaZZoB6Sko0U61t n6xw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=hNZ6lVTdajM42hZ7KfwqPW42OP/OTB88L+ryQfAfvD0=; b=olnRdvPQwWX/ajQuMstG7TGjxrnjYEg8pi8j/axjh6/lfPrLByVI+GY++SwIc4BMu6 StdH5Q0ToYO/Tt9K2LWnomtmhOq27Y+J/fbEvn4+utYMxqLqC3p9dhAI8Qfwy98e7H/G fTIAiC7x8J/IpgnGgthHDL3vJygvTqDQkV+ey4sVpzyt9aL3VubYwy+ReFcBgBgSspDy Kbmb7o8Xt/zHso3ImAT8j/TBzb9/BVHN7HCxQvylyTyWryOox2L4D5Gxx/ySGoJ2Y48H IPG5+1e8fIpuOujBqEL1OP6MbubhEhpKzVHL+Z6lbJroNybtDA+hgKPW05q+C5RHNiw4 dEwg== X-Gm-Message-State: ALKqPwdkHJCNf4qjxJ32TJqgLf0eNG9DaABNN9MGHWr7z4y/BftQlECy I+G/wRrf5ApIYEYCRmHjUAoacA== X-Received: by 2002:a62:6c87:: with SMTP id h129-v6mr1323029pfc.179.1526483524061; Wed, 16 May 2018 08:12:04 -0700 (PDT) Received: from ziepe.ca (S010614cc2056d97f.ed.shawcable.net. [174.3.196.123]) by smtp.gmail.com with ESMTPSA id r90-v6sm7189812pfg.122.2018.05.16.08.12.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 May 2018 08:12:02 -0700 (PDT) Received: from jgg by mlx.ziepe.ca with local (Exim 4.86_2) (envelope-from ) id 1fIy5x-0006nD-6G; Wed, 16 May 2018 09:12:01 -0600 Date: Wed, 16 May 2018 09:12:01 -0600 From: Jason Gunthorpe To: =?utf-8?B?SMOla29u?= Bugge Cc: Hal Rosenstock , Doug Ledford , Don Hiatt , Ira Weiny , Sean Hefty , OFED mailing list , linux-kernel@vger.kernel.org Subject: Re: [PATCH IB/core 2/2] IB/cm: Send authentic pkey in REQ msg and check eligibility of the pkeys Message-ID: <20180516151201.GA25661@ziepe.ca> References: <20180509093020.24503-3-Haakon.Bugge@oracle.com> <3bee76df-49a6-cf3c-6df4-749a6309358e@dev.mellanox.co.il> <20180514210200.GN21531@ziepe.ca> <20180515190424.GL5615@ziepe.ca> <3E15B62F-E705-43BD-8A72-9E74F784D40E@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <3E15B62F-E705-43BD-8A72-9E74F784D40E@oracle.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 16, 2018 at 08:47:21AM +0200, Håkon Bugge wrote: > > This is not a difficult issue. > > > > If the GMP is properly tagged with the right PKey then it will never > > be delivered to the VM if the VM does not have the PKey in the > > table. > > Not quite right. For the shared port model, a GMP will (most > probably) be accepted by the physical port, due to: Sure, but I am talking about the VM's 'virtual port'. > So, if the GMP is destined to VM1, which is a limited member, but we > have another VM2 which is a full member of the same partition, the > GMP will pass the HCA’s PKey check. Sure. > > It is up to the hypervisor to block GMPs that have Pkeys not in > > the virtual PKey table of the VF. > > The packet is received by the HCA and stripped from IB headers, in > particular the BTH. How can the "hypervisor" block it when its > doesn’t have access to the GMP’s BTH.PKey? This is wrong too, in Linux the WC's for GMP packets include the pkey index that was used to RX the packet. This is a Linux extension matching the one on the sending side. The hypervisor *must* block these GMPs, it is a hard requirement of the pkey security model for VMs. AFAIK the Mellanox drivers do this right - do you know differently? > > The only time you could need a new REJ code is if the GMP is using a > > PKey different from the REQ - which is a pretty goofy thing to do > > considering this VM case. > > Its goofy. In the CX-3 shared port model, the BTH.PKey is the > default one and the REQ.PKey is the full one even if the sending > VM’s port only is a limited member. This patch series fixes the last > issue. Again, this is wrong, the BTH.Pkey and REQ.Pkey should be the same - please fix that first before trying to change anything else. > > Remember the SM doesn't know what Pkeys are in the VM, so it is > > basically impossible for the REQ side to reliably select two different > > pkeys and know that they will bothmake it to the VM. > > The active side should use the "authentic" PKey in the REQ > message. That is the one that would be used in BTH.PKey when > communication has been established. This is implemented by this > patch series. > > Not sure what you mean by "reliably select two different pkeys". The > CM REQ message contains one PKey. If BTH.Pkey != REQ.PKey then the requestor side has to obviously select two PKeys, which is basically impossible. The VM should not be part of the default partition, for instance. > See above, not sure how that could be implemented. And if it is > solved by the HCA trapping the GMP due to the PKey check, it doesn’t > help me, as the purpose of the series is to avoid (excessive) PKey > traps sent to the SM. It might not help you, but is shows this fix for the pkey trap issue is wrong. You must fix the pkey traps on the sending side, not on the responder side.. > > If I recall there were bugs here in mlx drivers, where the driver > > sent with the wrong Pkey. I think this has actually been fixed > > now, so please check the upstream kernel to be sure the Pkey is > > not what it is supposed to be. > > Let me get back to you with some ibdumps here. Upstream kernel (eg 4.16) and newish Mellanox firmware please. And it would be fantastic if you could ID why this is happening, AFAIK it should be OK in the kernel. Jason