[ofa-general] will opensm respond to requests that do not originate from qp1
Hal Rosenstock
hal.rosenstock at gmail.com
Sat Aug 15 07:06:31 PDT 2009
On 8/13/09, Jason Gunthorpe <jgunthorpe at obsidianresearch.com> wrote:
>
> On Thu, Aug 13, 2009 at 01:14:19PM -0700, Sean Hefty wrote:
> > >Speaking of which, do we have an API to get the node's SM_Key for SA
> > >packet construction?
> >
> > Not that I'm aware of. The ib-diags take the smkey as a command line
> option.
>
> Hmm, and the kernel wires it to zero.
What are you referring to being wired by kernel to zero ? AFAIK neither use
(there are two) of SM_Key is wired to zero.
> That's uncool.
>
> So, any process that can create a QP can alter, say, the nodes
> multicast group membership.
>
> Thats a bit of a security problem.
>
> I admit though, I haven't been able to discern what the SM_Key should
> be set to from the spec..
It's a policy (SM admin) decision.
-- Hal
>
>
> --
> Jason Gunthorpe <jgunthorpe at obsidianresearch.com> (780)4406067x832
> Chief Technology Officer, Obsidian Research Corp Edmonton, Canada
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openfabrics.org/pipermail/general/attachments/20090815/599bb9b1/attachment.html>
More information about the general
mailing list