All of lore.kernel.org
 help / color / mirror / Atom feed
From: Or Gerlitz <ogerlitz-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
To: Roland Dreier <roland-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Jack Morgenstein
	<jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>,
	linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	liranl-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org
Subject: Re: [PATCH for-next V1 10/29] net/mlx4_core: Implement mechanism for reserved qkeys
Date: Sun, 8 Jul 2012 18:17:38 +0300	[thread overview]
Message-ID: <4FF9A492.6090803@mellanox.com> (raw)
In-Reply-To: <CAL1RGDVXTWs6Xi2JQ=7-RiZUePfc6SoUsCHHdbS9XLUQyim6UA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>

On 7/6/2012 2:26 AM, Roland Dreier wrote:
> Jack Morgenstein <jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org> wrote:
>> For security reasons (i.e., to prevent guests from sending MADs to tunnel QPs
>> belonging to other guests), each proxy-tunnel qp pair is assigned a unique,
>> reserved, qkey.  These qkeys are available only for proxy and tunnel qp's --
>> if the guest tries to use these qkeys with other qp's, it will fail.
>
> How does a guest OS know which Q_Key it's allowed to use?  I understand
> you stick the reserved Q_Keys in the privileged Q_Key area (MSB set) so
> it's not an issue for applications but I don't understand how you can avoid
> breaking unlucky guest OSes.
>
> Part of my problem is I don't see anywhere that
> MLX4_RESERVED_QKEY_MASK is actually used in this patch...
>

As you probably saw, the isolation mechanism chosen for the 
authentication of the
special QP proxy/tunnel protocol between the VFs and the master is based 
on these
special qkeys. The master ((in mlx4_get_parav_qkey)) makes sure that 
each VF actually
uses a different qkey for its proxy/tunnel qps, and that qkey is forced 
in the QPC,
such that the qkey used by the IB core in the VF is actually ignored on TX.

The reason for using qkeys and not pkeys originates from the limited amount
of pkeys which is supported by the HCA which made it non practical to 
dedicate
a pkey per VF special QP offloading.

So indeed there is a chance for unlucky guest to try and make use of 
qkey from
that range, but when they attempt to plug  that qkey into their QPC, the 
driver
running at the master will fail that out in the code section I pointed 
you to. So
this failure doesn't get unnoticed.


Or.
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

  parent reply	other threads:[~2012-07-08 15:17 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-06-19  8:21 [PATCH for-next V1 00/29] Add SRIOV support for IB interfaces Jack Morgenstein
     [not found] ` <1340094121-14858-1-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-06-19  8:21   ` [PATCH for-next V1 01/29] net/mlx4_core: Pass an invalid PCI id number to VFs Jack Morgenstein
     [not found]     ` <1340094121-14858-2-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-05 20:50       ` Roland Dreier
2012-06-19  8:21   ` [PATCH for-next V1 02/29] IB/core: Reserve bits in enum ib_qp_create_flags for low-level driver use Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 03/29] IB/mlx4: Add debug printouts Jack Morgenstein
     [not found]     ` <1340094121-14858-4-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-05 22:59       ` Roland Dreier
2012-06-19  8:21   ` [PATCH for-next V1 04/29] IB/core: change pkey table lookups to support full and partial membership for the same pkey Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 05/29] IB/core: Add ib_find_exact_cached_pkey() to search for 16-bit pkey match Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 06/29] IB/sa: Add GuidInfoRecord query support Jack Morgenstein
     [not found]     ` <1340094121-14858-7-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-05 23:00       ` Roland Dreier
2012-06-19  8:21   ` [PATCH for-next V1 07/29] IB/core: move macros from cm_msgs.h to ib_cm.h Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 08/29] {NET,IB}/mlx4: Use port management change event instead of smp_snoop Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 09/29] net/mlx4_core: For SRIOV, initialize ib port-capabilities for all slaves Jack Morgenstein
     [not found]     ` <1340094121-14858-10-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-10 16:57       ` Roland Dreier
     [not found]         ` <CAL1RGDXOwkxQ4TXO7-KG-Eq3bLUx4r3OZ8GQqHd9YSzHsNsXbA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-11 13:33           ` Or Gerlitz
2012-06-19  8:21   ` [PATCH for-next V1 10/29] net/mlx4_core: Implement mechanism for reserved qkeys Jack Morgenstein
     [not found]     ` <1340094121-14858-11-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-05 23:26       ` Roland Dreier
     [not found]         ` <CAL1RGDVXTWs6Xi2JQ=7-RiZUePfc6SoUsCHHdbS9XLUQyim6UA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-06  2:51           ` Or Gerlitz
2012-07-08 15:17           ` Or Gerlitz [this message]
2012-07-11 18:37       ` Roland Dreier
     [not found]         ` <CAL1RGDXU+Btt+r=AsqcTXiiFV5f1Ourau77AVbw68Ekf80W0tg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-13 13:40           ` Or Gerlitz
2012-06-19  8:21   ` [PATCH for-next V1 11/29] net/mlx4_core: Allow guests to support IB ports Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 12/29] {NET,IB}/mlx4_core: place phys gid and pkey tbl sizes in mlx4_phys_caps struct and paravirtualize them Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 13/29] IB/mlx4: SRIOV IB context objects and proxy/tunnel sqp support Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 14/29] net/mlx4_core: Add proxy and tunnel QPs to the reserved QP area Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 15/29] IB/mlx4: Initialize SRIOV IB support for slaves in master context Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 16/29] {NET,IB}/mlx4: Implement QP paravirtualization and maintain phys_pkey_cache for smp_snoop Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 17/29] IB/mlx4: SRIOV multiplex and demultiplex MADs Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 18/29] {NET,IB}/mlx4: MAD_IFC paravirtualization Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 19/29] IB/mlx4: Added Multicast Groups (MCG) para-virtualization for SRIOV Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 20/29] IB/mlx4: Add CM paravirtualization Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 21/29] net/mlx4_core: Add IB port-state machine, and port mgmt event propagation infrastructure Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 22/29] {NET,IB}/mlx4: Add alias_guid mechanism Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 23/29] IB/mlx4: Propagate pkey and guid change port management events to slaves Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 24/29] IB/mlx4: Add iov directory in sysfs under the ib device Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 25/29] net/mlx4_core: Adjustments to SET_PORT for SRIOV-IB Jack Morgenstein
     [not found]     ` <1340094121-14858-26-git-send-email-jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org>
2012-07-06  0:09       ` Roland Dreier
     [not found]         ` <CAL1RGDW093B0p1caO2CHKQiAGtxLGR97h1tFd7W4QY8_31MfTg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-06  2:43           ` Or Gerlitz
     [not found]             ` <CAJZOPZKhV=rcGF0duJLkGFBhD3_tG-JgW+hkVH51KX6uokVEiA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-06  3:09               ` Roland Dreier
     [not found]                 ` <CAL1RGDUg+fhPDHBfXywaW2AaPfarM3vcx-UV0648hLSmT9s1Fw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-07-09  3:02                   ` Or Gerlitz
2012-07-06  3:01           ` Or Gerlitz
2012-06-19  8:21   ` [PATCH for-next V1 26/29] net/mlx4_core: INIT/CLOSE port logic for IB ports in SRIOV mode Jack Morgenstein
2012-06-19  8:21   ` [PATCH for-next V1 27/29] IB/mlx4: Miscellaneous adjustments to SRIOV IB support Jack Morgenstein
2012-06-19  8:22   ` [PATCH for-next V1 28/29] {NET,IB}/mlx4: Activate SRIOV mode for IB Jack Morgenstein
2012-06-19  8:22   ` [PATCH for-next V1 29/29] {NET,IB}/mlx4: Paravirtualize Node Guids for slaves Jack Morgenstein

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4FF9A492.6090803@mellanox.com \
    --to=ogerlitz-vpraknaxozvwk0htik3j/w@public.gmane.org \
    --cc=jackm-LDSdmyG8hGV8YrgS2mwiifqBs+8SCbDb@public.gmane.org \
    --cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=liranl-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org \
    --cc=roland-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.