Re: [PATCH rdma-next] IB/core: Only maintain real QPs in the security lists

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/7/2017 10:55 AM, Jason Gunthorpe wrote:
> On Tue, Nov 07, 2017 at 10:52:11AM -0600, Daniel Jurgens wrote:
>> On 11/7/2017 10:46 AM, Jason Gunthorpe wrote:
>>> On Tue, Nov 07, 2017 at 06:33:26PM +0200, Leon Romanovsky wrote:
>>>
>>>> -	bool special_qp = (qp->qp_type == IB_QPT_SMI ||
>>>> -			   qp->qp_type == IB_QPT_GSI ||
>>>> -			   qp->qp_type >= IB_QPT_RESERVED1);
>>>> +	struct ib_qp *real_qp = qp->real_qp;
>>>> +	bool special_qp = (real_qp->qp_type == IB_QPT_SMI ||
>>>> +			   real_qp->qp_type == IB_QPT_GSI ||
>>>> +			   real_qp->qp_type >= IB_QPT_RESERVED1);
>>> This QPT_RESERVED stuff was not supposed to be visible to the core
>>> layer, so why are we adding checks in security????
>> The checks exclude those QPs from security enforcement.  They've
>> been there the whole time, you reviewed this previously right?
> Nope
>
> .. and they shouldn't be there, those reserved QPTs are totally banned
> from user space so it shouldn't matter for security
>
> Jason
>
This flow is through ib_modify_qp, it's not user space specific.  If it really pains you that much it can be changed an inclusive compare instead of exclusive. This discussion isn't relevant  to the content of the patch in question though.




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]