[Openib-windows] post_send/post_recv return values
Yossi Leybovich
sleybo at mellanox.co.il
Mon Mar 13 23:06:14 PST 2006
> -----Original Message-----
> From: ftillier.sst at gmail.com [mailto:ftillier.sst at gmail.com]
> On Behalf Of Fabian Tillier
> Sent: Monday, March 13, 2006 10:48 PM
> To: Tzachi Dar
> Cc: Yossi Leybovich; openib-windows at openib.org; Ami Perlmutter
> Subject: Re: [Openib-windows] post_send/post_recv return values
>
> On 3/13/06, Tzachi Dar <tzachid at mellanox.co.il> wrote:
> >
> > > If we transition some of these to assertions, we need to
> make sure
> > > to have runtime checks in the proxy or we'll have a security
> > > vulnerability.
> >
> > Please note that checking in the user mode is not enough.
> Even if we
> > do perfect work there people can still change our code and
> attack the
> > kernel. Therefor, the proxy must be secured in any case.
>
> That was exactly my point - if we take the checks out of the
> HCA driver, they can't be eliminated - they have to be
> relocated (to the proxy). Currently, the proxy doesn't have
> to check if a work request exceeds the limits of a QP (the
> proxy doesn't have that information), so adding these checks
> in the proxy would actually complicate things.
I was talking about data path verbs which bypass the kernel, the code
does not path through the proxy at all.
The HW is capable to handle any malformed WQE ,so the user can heart
only himself.
You are right about other control verbs.
>
> However, this is something that I think we should do in
> version 2, and the definitions of the QP structure (to expose
> its settings) would facilitate that.
>
> - Fab
>
>
>
More information about the ofw
mailing list