[openib-general] uverbs security
Michael S. Tsirkin
mst at mellanox.co.il
Mon Mar 14 22:23:52 PST 2005
Hi, Roland!
Looking at uverbs kernel module, I notice that in some instances
it passes some parameters from userspace directly to ib core, without
verifying their sanity.
One example of this is qp attributes in create and modify qp.
For example, modify qp and alloc qp will simply copy the attributes.
This might create issues since the core may assume it works against a
trusted kernel client, so it may get confused if passed illegal
parameter values.
For example, qp type could be IB_QPT_SMI or IB_QPT_GSI. Will this create
a problem? Hard for me to tell ...
I think the best approach is to validate *all* user-given parameters
before passing them on to core. What do you think?
--
MST - Michael S. Tsirkin
More information about the general
mailing list