[openib-general] mthca FMR correctness (and memory windows)

Talpey, Thomas Thomas.Talpey at netapp.com
Mon Mar 20 16:59:48 PST 2006


At 07:50 PM 3/20/2006, Roland Dreier wrote:
>    Thomas> Yes, I know about binding on a separate queue. That
>    Thomas> doesn't work, because windows are semantically not
>    Thomas> fungible (for security reasons).
>
>Can you elaborate on the issue of fungibility?  If one entity has two
>QPs, one of which it's using for traffic and one of which it's using
>for MW binds, I don't see any security issue (beyond the fact that
>you've now given up ordering of operations between the QPs).

If I can snoop or guess rkeys (not a huge challenge with 32 bits), and
if I can use them on an arbitrary queuepair, then I can handily peek and
poke at memory that does not belong to me.

For this reason, iWARP requires its steering tags to be scoped to a single
connection. This leverages the IP security model and provides correctness.

It is true that IB implementations generally don't do this. They should.

Tom.




More information about the general mailing list