On Tue, Nov 07, 2017 at 09:55:39AM -0700, Jason Gunthorpe wrote: > On Tue, Nov 07, 2017 at 10:52:11AM -0600, Daniel Jurgens wrote: > > On 11/7/2017 10:46 AM, Jason Gunthorpe wrote: > > > On Tue, Nov 07, 2017 at 06:33:26PM +0200, Leon Romanovsky wrote: > > > > > >> - bool special_qp = (qp->qp_type == IB_QPT_SMI || > > >> - qp->qp_type == IB_QPT_GSI || > > >> - qp->qp_type >= IB_QPT_RESERVED1); > > >> + struct ib_qp *real_qp = qp->real_qp; > > >> + bool special_qp = (real_qp->qp_type == IB_QPT_SMI || > > >> + real_qp->qp_type == IB_QPT_GSI || > > >> + real_qp->qp_type >= IB_QPT_RESERVED1); > > > This QPT_RESERVED stuff was not supposed to be visible to the core > > > layer, so why are we adding checks in security???? > > > > The checks exclude those QPs from security enforcement. They've > > been there the whole time, you reviewed this previously right? > > Nope > > .. and they shouldn't be there, those reserved QPTs are totally banned > from user space so it shouldn't matter for security We will send followup patch to clean it, but for this patch I prefer do not change the logic here because it is supposed to go to stable@. Thanks > > Jason >
Attachment:
signature.asc
Description: PGP signature
