Systems using IB partitions might be exposed to excessive pkey
violation traps which are sent to the OpenSM. This can be close to
a DoS attack, and in addition, the OpenSM logs are flooded with these
messages, hiding potential other log messages deemed important in
order to investigate important issues.
This series prohibit RDMA CM to establish connections between two
limited partition members. This avoids pkey violation traps stemming
from unicast messages to be sent to the OpenSM.
[If this patch series get accepted by the community, I ask if
the maintainer can update the reference to the first commit in the
second commit message with a correct 12 chars SHA]
Håkon Bugge (2):
IB/core: A full pkey is required to match a limited one
IB/cm: Send authentic pkey in REQ msg and check eligibility of the
pkeys
drivers/infiniband/core/cache.c | 32 +++++++++++++++++++++++++++-----
drivers/infiniband/core/cm.c | 39 ++++++++++++++++++++++++++++++++-------
include/rdma/ib_cache.h | 18 ++++++++++++++++++
include/rdma/ib_cm.h | 4 +++-
4 files changed, 80 insertions(+), 13 deletions(-)
--
2.13.6
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
