[openib-general] Re: CM patch for 2.6.17 merge
Michael S. Tsirkin
mst at mellanox.co.il
Tue Apr 4 14:53:44 PDT 2006
Quoting r. Roland Dreier <rdreier at cisco.com>:
> Subject: Re: CM patch for 2.6.17 merge
>
> Roland> Not sure I understand this. What's the exploit?
>
> Michael> Connecting from userspace to an SDP socket. People expect
> Michael> sockets to be kernel-level.
>
> Without SDP upstream I don't see the security issue.
We are protecting the remote system here.
Think about time when SDP/CMA are upstream, or about a non-linux
system with SDP/CMA listening, connected over IB to a 2.6.17 linux.
> Even with SDP
> upstream it's dubious: everything coming in from the network should be
> untrusted.
Yes, but e.g. in linux sending e.g. arp packets i slimited for priviledged
users. I agree its weak but ...
> I don't see how you can prevent userspace from sending CM
> messages on an arbitrary UD QP.
Does IB spec require me to accept them?
Maybe we should validate the source QP ...
--
Michael S. Tsirkin
Staff Engineer, Mellanox Technologies
More information about the general
mailing list