lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 24 Feb 2020 11:19:44 +0100
From:   Karsten Graul <kgraul@...ux.ibm.com>
To:     Hans Wippel <ndev@...pl.net>, ubraun@...ux.ibm.com,
        davem@...emloft.net
Cc:     netdev@...r.kernel.org
Subject: Re: [RFC net-next] net/smc: improve peer ID in CLC decline for SMC-R


Except for the other review comment: looks good to me. 
I successfully tested a few scenarios involving different SMC implementations.


On 21/02/2020 14:08, Hans Wippel wrote:
> According to RFC 7609, all CLC messages contain a peer ID that consists
> of a unique instance ID and the MAC address of one of the host's RoCE
> devices. But if a SMC-R connection cannot be established, e.g., because
> no matching pnet table entry is found, the current implementation uses a
> zero value in the CLC decline message although the host's peer ID is set
> to a proper value.
> 
> This patch changes the peer ID handling in two ways:
> 
> (1) If no RoCE and no ISM device is usable for a connection, there is no
> LGR and the LGR check in smc_clc_send_decline() prevents that the peer
> ID is copied into the CLC decline message for both SMC-D and SMC-R. So,
> this patch modifies the check to also accept the case of no LGR. Also,
> only a valid peer ID is copied into the decline message.
> 
> (2) The patch initializes the peer ID to a random instance ID and a zero
> MAC address. If a RoCE device is in the host, the MAC address part of
> the peer ID is overwritten with the respective address. Also, a function
> for checking if the peer ID is valid is added. A peer ID is considered
> valid if the MAC address part contains a non-zero MAC address.
> 
> Signed-off-by: Hans Wippel <ndev@...pl.net>
> ---
>  net/smc/smc_clc.c |  9 ++++++---
>  net/smc/smc_ib.c  | 19 ++++++++++++-------
>  net/smc/smc_ib.h  |  1 +
>  3 files changed, 19 insertions(+), 10 deletions(-)
> 
> diff --git a/net/smc/smc_clc.c b/net/smc/smc_clc.c
> index 3e16b887cfcf..e2d3b5b95632 100644
> --- a/net/smc/smc_clc.c
> +++ b/net/smc/smc_clc.c
> @@ -372,9 +372,12 @@ int smc_clc_send_decline(struct smc_sock *smc, u32 peer_diag_info)
>  	dclc.hdr.length = htons(sizeof(struct smc_clc_msg_decline));
>  	dclc.hdr.version = SMC_CLC_V1;
>  	dclc.hdr.flag = (peer_diag_info == SMC_CLC_DECL_SYNCERR) ? 1 : 0;
> -	if (smc->conn.lgr && !smc->conn.lgr->is_smcd)
> -		memcpy(dclc.id_for_peer, local_systemid,
> -		       sizeof(local_systemid));
> +	if (!smc->conn.lgr || !smc->conn.lgr->is_smcd) {
> +		if (smc_ib_is_valid_local_systemid()) {
> +			memcpy(dclc.id_for_peer, local_systemid,
> +			       sizeof(local_systemid));
> +		}
> +	}
>  	dclc.peer_diagnosis = htonl(peer_diag_info);
>  	memcpy(dclc.trl.eyecatcher, SMC_EYECATCHER, sizeof(SMC_EYECATCHER));
>  
> diff --git a/net/smc/smc_ib.c b/net/smc/smc_ib.c
> index 6756bd5a3fe4..203dd05d7113 100644
> --- a/net/smc/smc_ib.c
> +++ b/net/smc/smc_ib.c
> @@ -37,11 +37,7 @@ struct smc_ib_devices smc_ib_devices = {	/* smc-registered ib devices */
>  	.list = LIST_HEAD_INIT(smc_ib_devices.list),
>  };
>  
> -#define SMC_LOCAL_SYSTEMID_RESET	"%%%%%%%"
> -
> -u8 local_systemid[SMC_SYSTEMID_LEN] = SMC_LOCAL_SYSTEMID_RESET;	/* unique system
> -								 * identifier
> -								 */
> +u8 local_systemid[SMC_SYSTEMID_LEN] = {0};	/* unique system identifier */
>  
>  static int smc_ib_modify_qp_init(struct smc_link *lnk)
>  {
> @@ -168,6 +164,15 @@ static inline void smc_ib_define_local_systemid(struct smc_ib_device *smcibdev,
>  {
>  	memcpy(&local_systemid[2], &smcibdev->mac[ibport - 1],
>  	       sizeof(smcibdev->mac[ibport - 1]));
> +}
> +
> +bool smc_ib_is_valid_local_systemid(void)
> +{
> +	return !is_zero_ether_addr(&local_systemid[2]);
> +}
> +
> +static void smc_ib_init_local_systemid(void)
> +{
>  	get_random_bytes(&local_systemid[0], 2);
>  }
>  
> @@ -224,8 +229,7 @@ static int smc_ib_remember_port_attr(struct smc_ib_device *smcibdev, u8 ibport)
>  	rc = smc_ib_fill_mac(smcibdev, ibport);
>  	if (rc)
>  		goto out;
> -	if (!strncmp(local_systemid, SMC_LOCAL_SYSTEMID_RESET,
> -		     sizeof(local_systemid)) &&
> +	if (!smc_ib_is_valid_local_systemid() &&
>  	    smc_ib_port_active(smcibdev, ibport))
>  		/* create unique system identifier */
>  		smc_ib_define_local_systemid(smcibdev, ibport);
> @@ -605,6 +609,7 @@ static struct ib_client smc_ib_client = {
>  
>  int __init smc_ib_register_client(void)
>  {
> +	smc_ib_init_local_systemid();
>  	return ib_register_client(&smc_ib_client);
>  }
>  
> diff --git a/net/smc/smc_ib.h b/net/smc/smc_ib.h
> index 255db87547d3..5c2b115d36da 100644
> --- a/net/smc/smc_ib.h
> +++ b/net/smc/smc_ib.h
> @@ -84,4 +84,5 @@ void smc_ib_sync_sg_for_device(struct smc_ib_device *smcibdev,
>  			       enum dma_data_direction data_direction);
>  int smc_ib_determine_gid(struct smc_ib_device *smcibdev, u8 ibport,
>  			 unsigned short vlan_id, u8 gid[], u8 *sgid_index);
> +bool smc_ib_is_valid_local_systemid(void);
>  #endif
> 

-- 
Karsten

(I'm a dude)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ