[ofa-general] [PATCH] management: Support separate SA and SM keys

Hal Rosenstock hrosenstock at xsigo.com
Fri May 23 06:47:12 PDT 2008


management: Support separate SA and SM keys as clarified in IBA 1.2.1

Signed-off-by: Hal Rosenstock <hal at xsigo.com>

diff --git a/infiniband-diags/src/saquery.c b/infiniband-diags/src/saquery.c
index ed61721..ccf7bdd 100644
--- a/infiniband-diags/src/saquery.c
+++ b/infiniband-diags/src/saquery.c
@@ -730,7 +730,7 @@ get_all_records(osm_bind_handle_t bind_handle,
 		int trusted)
 {
 	return get_any_records(bind_handle, query_id, 0, 0, NULL, attr_offset,
-			       trusted ? OSM_DEFAULT_SM_KEY : 0);
+			       trusted ? OSM_DEFAULT_SA_KEY : 0);
 }
 
 /**
@@ -1255,7 +1255,7 @@ print_pkey_tbl_records(const struct query_cmd *q, osm_bind_handle_t bind_handle,
 	status = get_any_records(bind_handle, IB_MAD_ATTR_PKEY_TBL_RECORD, 0,
 				 comp_mask, &pktr,
 				 ib_get_attr_offset(sizeof(pktr)),
-				 OSM_DEFAULT_SM_KEY);
+				 OSM_DEFAULT_SA_KEY);
 	if (status != IB_SUCCESS)
 		return status;
 
diff --git a/opensm/include/opensm/osm_base.h b/opensm/include/opensm/osm_base.h
index 62d472e..39f9057 100644
--- a/opensm/include/opensm/osm_base.h
+++ b/opensm/include/opensm/osm_base.h
@@ -119,6 +119,17 @@ BEGIN_C_DECLS
 */
 #define OSM_DEFAULT_SM_KEY 1
 /********/
+/****s* OpenSM: Base/OSM_DEFAULT_SA_KEY
+* NAME
+*	OSM_DEFAULT_SA_KEY
+*
+* DESCRIPTION
+*	Subnet Adminstration key value.
+*
+* SYNOPSIS
+*/
+#define OSM_DEFAULT_SA_KEY 1
+/********/
 /****s* OpenSM: Base/OSM_DEFAULT_LMC
 * NAME
 *	OSM_DEFAULT_LMC
diff --git a/opensm/include/opensm/osm_subnet.h b/opensm/include/opensm/osm_subnet.h
index 349ba79..171b5db 100644
--- a/opensm/include/opensm/osm_subnet.h
+++ b/opensm/include/opensm/osm_subnet.h
@@ -208,6 +208,7 @@ typedef struct _osm_subn_opt {
 	ib_net64_t guid;
 	ib_net64_t m_key;
 	ib_net64_t sm_key;
+	ib_net64_t sa_key;
 	ib_net64_t subnet_prefix;
 	ib_net16_t m_key_lease_period;
 	uint32_t sweep_interval;
@@ -291,7 +292,10 @@ typedef struct _osm_subn_opt {
 *		M_Key value sent to all ports qualifing all Set(PortInfo).
 *
 *	sm_key
-*		SM_Key value of the SM to qualify rcv SA queries as "trusted".
+*		SM_Key value of the SM used for SM authentication. 
+*
+*	sa_key
+*		SM_Key value to qualify rcv SA queries as "trusted".
 *
 *	subnet_prefix
 *		Subnet prefix used on this subnet.
diff --git a/opensm/opensm/osm_sa_mad_ctrl.c b/opensm/opensm/osm_sa_mad_ctrl.c
index 78fdec7..abd8d02 100644
--- a/opensm/opensm/osm_sa_mad_ctrl.c
+++ b/opensm/opensm/osm_sa_mad_ctrl.c
@@ -340,11 +340,11 @@ __osm_sa_mad_ctrl_rcv_callback(IN osm_madw_t * p_madw,
 	 * otherwise discard the MAD.
 	 */
 	if ((p_sa_mad->sm_key != 0) &&
-	    (p_sa_mad->sm_key != p_ctrl->p_subn->opt.sm_key)) {
+	    (p_sa_mad->sm_key != p_ctrl->p_subn->opt.sa_key)) {
 		OSM_LOG(p_ctrl->p_log, OSM_LOG_ERROR, "ERR 1A04: "
 			"Non-Zero SA MAD SM_Key: 0x%" PRIx64 " != SM_Key: 0x%"
 			PRIx64 "; MAD ignored\n", cl_ntoh64(p_sa_mad->sm_key),
-			cl_ntoh64(p_ctrl->p_subn->opt.sm_key)
+			cl_ntoh64(p_ctrl->p_subn->opt.sa_key)
 		    );
 		osm_mad_pool_put(p_ctrl->p_mad_pool, p_madw);
 		goto Exit;
diff --git a/opensm/opensm/osm_sa_pkey_record.c b/opensm/opensm/osm_sa_pkey_record.c
index 5cea525..4d19ed4 100644
--- a/opensm/opensm/osm_sa_pkey_record.c
+++ b/opensm/opensm/osm_sa_pkey_record.c
@@ -269,7 +269,7 @@ void osm_pkey_rec_rcv_process(IN void *ctx, IN void *data)
 	   to trusted requests.
 	   Check that the requester is a trusted one.
 	 */
-	if (p_rcvd_mad->sm_key != sa->p_subn->opt.sm_key) {
+	if (p_rcvd_mad->sm_key != sa->p_subn->opt.sa_key) {
 		/* This is not a trusted requester! */
 		OSM_LOG(sa->p_log, OSM_LOG_ERROR, "ERR 4608: "
 			"Request from non-trusted requester: "
diff --git a/opensm/opensm/osm_subnet.c b/opensm/opensm/osm_subnet.c
index 2dc0ca8..a5c9b02 100644
--- a/opensm/opensm/osm_subnet.c
+++ b/opensm/opensm/osm_subnet.c
@@ -395,6 +395,7 @@ void osm_subn_set_default_opt(IN osm_subn_opt_t * const p_opt)
 	p_opt->guid = 0;
 	p_opt->m_key = OSM_DEFAULT_M_KEY;
 	p_opt->sm_key = OSM_DEFAULT_SM_KEY;
+	p_opt->sa_key = OSM_DEFAULT_SA_KEY;
 	p_opt->subnet_prefix = IB_DEFAULT_SUBNET_PREFIX;
 	p_opt->m_key_lease_period = 0;
 	p_opt->sweep_interval = OSM_DEFAULT_SWEEP_INTERVAL_SECS;
@@ -1183,6 +1184,8 @@ ib_api_status_t osm_subn_parse_conf_file(IN osm_subn_opt_t * const p_opts)
 
 		opts_unpack_net64("sm_key", p_key, p_val, &p_opts->sm_key);
 
+		opts_unpack_net64("sa_key", p_key, p_val, &p_opts->sa_key);
+
 		opts_unpack_net64("subnet_prefix",
 				  p_key, p_val, &p_opts->subnet_prefix);
 
@@ -1432,8 +1435,10 @@ ib_api_status_t osm_subn_write_conf_file(IN osm_subn_opt_t * const p_opts)
 		"m_key 0x%016" PRIx64 "\n\n"
 		"# The lease period used for the M_Key on this subnet in [sec]\n"
 		"m_key_lease_period %u\n\n"
-		"# SM_Key value of the SM to qualify rcv SA queries as 'trusted'\n"
+		"# SM_Key value of the SM used for SM authentication\n"
 		"sm_key 0x%016" PRIx64 "\n\n"
+		"# SM_Key value to qualify rcv SA queries as 'trusted'\n"
+		"sa_key 0x%016" PRIx64 "\n\n"
 		"# Subnet prefix used on this subnet\n"
 		"subnet_prefix 0x%016" PRIx64 "\n\n"
 		"# The LMC value used on this subnet\n"
@@ -1487,6 +1492,7 @@ ib_api_status_t osm_subn_write_conf_file(IN osm_subn_opt_t * const p_opts)
 		cl_ntoh64(p_opts->m_key),
 		cl_ntoh16(p_opts->m_key_lease_period),
 		cl_ntoh64(p_opts->sm_key),
+		cl_ntoh64(p_opts->sa_key),
 		cl_ntoh64(p_opts->subnet_prefix),
 		p_opts->lmc,
 		p_opts->lmc_esp0 ? "TRUE" : "FALSE",





More information about the general mailing list