[ofa-general] [PATCH] management: Support separate SA and SM keys
Hal Rosenstock
hrosenstock at xsigo.com
Fri May 23 06:47:12 PDT 2008
management: Support separate SA and SM keys as clarified in IBA 1.2.1
Signed-off-by: Hal Rosenstock <hal at xsigo.com>
diff --git a/infiniband-diags/src/saquery.c b/infiniband-diags/src/saquery.c
index ed61721..ccf7bdd 100644
--- a/infiniband-diags/src/saquery.c
+++ b/infiniband-diags/src/saquery.c
@@ -730,7 +730,7 @@ get_all_records(osm_bind_handle_t bind_handle,
int trusted)
{
return get_any_records(bind_handle, query_id, 0, 0, NULL, attr_offset,
- trusted ? OSM_DEFAULT_SM_KEY : 0);
+ trusted ? OSM_DEFAULT_SA_KEY : 0);
}
/**
@@ -1255,7 +1255,7 @@ print_pkey_tbl_records(const struct query_cmd *q, osm_bind_handle_t bind_handle,
status = get_any_records(bind_handle, IB_MAD_ATTR_PKEY_TBL_RECORD, 0,
comp_mask, &pktr,
ib_get_attr_offset(sizeof(pktr)),
- OSM_DEFAULT_SM_KEY);
+ OSM_DEFAULT_SA_KEY);
if (status != IB_SUCCESS)
return status;
diff --git a/opensm/include/opensm/osm_base.h b/opensm/include/opensm/osm_base.h
index 62d472e..39f9057 100644
--- a/opensm/include/opensm/osm_base.h
+++ b/opensm/include/opensm/osm_base.h
@@ -119,6 +119,17 @@ BEGIN_C_DECLS
*/
#define OSM_DEFAULT_SM_KEY 1
/********/
+/****s* OpenSM: Base/OSM_DEFAULT_SA_KEY
+* NAME
+* OSM_DEFAULT_SA_KEY
+*
+* DESCRIPTION
+* Subnet Adminstration key value.
+*
+* SYNOPSIS
+*/
+#define OSM_DEFAULT_SA_KEY 1
+/********/
/****s* OpenSM: Base/OSM_DEFAULT_LMC
* NAME
* OSM_DEFAULT_LMC
diff --git a/opensm/include/opensm/osm_subnet.h b/opensm/include/opensm/osm_subnet.h
index 349ba79..171b5db 100644
--- a/opensm/include/opensm/osm_subnet.h
+++ b/opensm/include/opensm/osm_subnet.h
@@ -208,6 +208,7 @@ typedef struct _osm_subn_opt {
ib_net64_t guid;
ib_net64_t m_key;
ib_net64_t sm_key;
+ ib_net64_t sa_key;
ib_net64_t subnet_prefix;
ib_net16_t m_key_lease_period;
uint32_t sweep_interval;
@@ -291,7 +292,10 @@ typedef struct _osm_subn_opt {
* M_Key value sent to all ports qualifing all Set(PortInfo).
*
* sm_key
-* SM_Key value of the SM to qualify rcv SA queries as "trusted".
+* SM_Key value of the SM used for SM authentication.
+*
+* sa_key
+* SM_Key value to qualify rcv SA queries as "trusted".
*
* subnet_prefix
* Subnet prefix used on this subnet.
diff --git a/opensm/opensm/osm_sa_mad_ctrl.c b/opensm/opensm/osm_sa_mad_ctrl.c
index 78fdec7..abd8d02 100644
--- a/opensm/opensm/osm_sa_mad_ctrl.c
+++ b/opensm/opensm/osm_sa_mad_ctrl.c
@@ -340,11 +340,11 @@ __osm_sa_mad_ctrl_rcv_callback(IN osm_madw_t * p_madw,
* otherwise discard the MAD.
*/
if ((p_sa_mad->sm_key != 0) &&
- (p_sa_mad->sm_key != p_ctrl->p_subn->opt.sm_key)) {
+ (p_sa_mad->sm_key != p_ctrl->p_subn->opt.sa_key)) {
OSM_LOG(p_ctrl->p_log, OSM_LOG_ERROR, "ERR 1A04: "
"Non-Zero SA MAD SM_Key: 0x%" PRIx64 " != SM_Key: 0x%"
PRIx64 "; MAD ignored\n", cl_ntoh64(p_sa_mad->sm_key),
- cl_ntoh64(p_ctrl->p_subn->opt.sm_key)
+ cl_ntoh64(p_ctrl->p_subn->opt.sa_key)
);
osm_mad_pool_put(p_ctrl->p_mad_pool, p_madw);
goto Exit;
diff --git a/opensm/opensm/osm_sa_pkey_record.c b/opensm/opensm/osm_sa_pkey_record.c
index 5cea525..4d19ed4 100644
--- a/opensm/opensm/osm_sa_pkey_record.c
+++ b/opensm/opensm/osm_sa_pkey_record.c
@@ -269,7 +269,7 @@ void osm_pkey_rec_rcv_process(IN void *ctx, IN void *data)
to trusted requests.
Check that the requester is a trusted one.
*/
- if (p_rcvd_mad->sm_key != sa->p_subn->opt.sm_key) {
+ if (p_rcvd_mad->sm_key != sa->p_subn->opt.sa_key) {
/* This is not a trusted requester! */
OSM_LOG(sa->p_log, OSM_LOG_ERROR, "ERR 4608: "
"Request from non-trusted requester: "
diff --git a/opensm/opensm/osm_subnet.c b/opensm/opensm/osm_subnet.c
index 2dc0ca8..a5c9b02 100644
--- a/opensm/opensm/osm_subnet.c
+++ b/opensm/opensm/osm_subnet.c
@@ -395,6 +395,7 @@ void osm_subn_set_default_opt(IN osm_subn_opt_t * const p_opt)
p_opt->guid = 0;
p_opt->m_key = OSM_DEFAULT_M_KEY;
p_opt->sm_key = OSM_DEFAULT_SM_KEY;
+ p_opt->sa_key = OSM_DEFAULT_SA_KEY;
p_opt->subnet_prefix = IB_DEFAULT_SUBNET_PREFIX;
p_opt->m_key_lease_period = 0;
p_opt->sweep_interval = OSM_DEFAULT_SWEEP_INTERVAL_SECS;
@@ -1183,6 +1184,8 @@ ib_api_status_t osm_subn_parse_conf_file(IN osm_subn_opt_t * const p_opts)
opts_unpack_net64("sm_key", p_key, p_val, &p_opts->sm_key);
+ opts_unpack_net64("sa_key", p_key, p_val, &p_opts->sa_key);
+
opts_unpack_net64("subnet_prefix",
p_key, p_val, &p_opts->subnet_prefix);
@@ -1432,8 +1435,10 @@ ib_api_status_t osm_subn_write_conf_file(IN osm_subn_opt_t * const p_opts)
"m_key 0x%016" PRIx64 "\n\n"
"# The lease period used for the M_Key on this subnet in [sec]\n"
"m_key_lease_period %u\n\n"
- "# SM_Key value of the SM to qualify rcv SA queries as 'trusted'\n"
+ "# SM_Key value of the SM used for SM authentication\n"
"sm_key 0x%016" PRIx64 "\n\n"
+ "# SM_Key value to qualify rcv SA queries as 'trusted'\n"
+ "sa_key 0x%016" PRIx64 "\n\n"
"# Subnet prefix used on this subnet\n"
"subnet_prefix 0x%016" PRIx64 "\n\n"
"# The LMC value used on this subnet\n"
@@ -1487,6 +1492,7 @@ ib_api_status_t osm_subn_write_conf_file(IN osm_subn_opt_t * const p_opts)
cl_ntoh64(p_opts->m_key),
cl_ntoh16(p_opts->m_key_lease_period),
cl_ntoh64(p_opts->sm_key),
+ cl_ntoh64(p_opts->sa_key),
cl_ntoh64(p_opts->subnet_prefix),
p_opts->lmc,
p_opts->lmc_esp0 ? "TRUE" : "FALSE",
More information about the general
mailing list