| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 May 2018 11:30:18 +0200
From: Håkon Bugge <Haakon.Bugge@...cle.com>
To: Doug Ledford <dledford@...hat.com>,
Don Hiatt <don.hiatt@...el.com>,
Ira Weiny <ira.weiny@...el.com>,
Sean Hefty <sean.hefty@...el.com>
Cc: linux-rdma@...r.kernel.org, linux-kernel@...r.kernel.org,
Håkon Bugge <haakon.bugge@...cle.com>
Subject: [PATCH IB/core 0/2] Do not form IB connections between limited partition members
Systems using IB partitions might be exposed to excessive pkey
violation traps which are sent to the OpenSM. This can be close to
a DoS attack, and in addition, the OpenSM logs are flooded with these
messages, hiding potential other log messages deemed important in
order to investigate important issues.
This series prohibit RDMA CM to establish connections between two
limited partition members. This avoids pkey violation traps stemming
from unicast messages to be sent to the OpenSM.
[If this patch series get accepted by the community, I ask if
the maintainer can update the reference to the first commit in the
second commit message with a correct 12 chars SHA]
Håkon Bugge (2):
IB/core: A full pkey is required to match a limited one
IB/cm: Send authentic pkey in REQ msg and check eligibility of the
pkeys
drivers/infiniband/core/cache.c | 32 +++++++++++++++++++++++++++-----
drivers/infiniband/core/cm.c | 39 ++++++++++++++++++++++++++++++++-------
include/rdma/ib_cache.h | 18 ++++++++++++++++++
include/rdma/ib_cm.h | 4 +++-
4 files changed, 80 insertions(+), 13 deletions(-)
--
2.13.6
Powered by blists - more mailing lists