[openib-general] FMR and how they work
Fab Tillier
ftillier at infiniconsys.com
Wed May 4 12:17:17 PDT 2005
> From: Caitlin Bestler [mailto:caitlin.bestler at gmail.com]
> Sent: Wednesday, May 04, 2005 12:02 PM
>
> Generally I assume the entity on the other end of the wire is
> under the complete control of an attacker. So if I only want
> to expose a single 1MB buffer consisting of 256 scattered
> pages I should be able to do so, because I have designed
> my daemon so that it will not be damaged no matter what
> the remote peer puts in that 1MB. They can damage their
> content, but that's all.
In this case Mellanox FMRs don't help you since the mapping is still
potentially valid until the local system invalidates the whole TPT cache in
the HCA. Until the TPT cache is flushed, the remote entity can continue to
RDMA into a previous region causing who knows what damage. The memory from
that previous I/O might have been re-assigned for some other purpose.
Invalidating this cache after every I/O defeats the advantage of FMRs.
Mellanox FMRs require a level of trust for the performance advantage to be
achieved. If trust is out of the question, FMRs should be too and we're
back to using regular MRs.
- Fab
More information about the general
mailing list