On Tue, Nov 07, 2017 at 10:52:11AM -0600, Daniel Jurgens wrote: > On 11/7/2017 10:46 AM, Jason Gunthorpe wrote: > > On Tue, Nov 07, 2017 at 06:33:26PM +0200, Leon Romanovsky wrote: > > > >> - bool special_qp = (qp->qp_type == IB_QPT_SMI || > >> - qp->qp_type == IB_QPT_GSI || > >> - qp->qp_type >= IB_QPT_RESERVED1); > >> + struct ib_qp *real_qp = qp->real_qp; > >> + bool special_qp = (real_qp->qp_type == IB_QPT_SMI || > >> + real_qp->qp_type == IB_QPT_GSI || > >> + real_qp->qp_type >= IB_QPT_RESERVED1); > > This QPT_RESERVED stuff was not supposed to be visible to the core > > layer, so why are we adding checks in security???? > > The checks exclude those QPs from security enforcement. They've > been there the whole time, you reviewed this previously right? Nope .. and they shouldn't be there, those reserved QPTs are totally banned from user space so it shouldn't matter for security Jason