git.samba.org / sfrench / cifs-2.6.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4cae8ff) | patch
IB/core: Don't enforce PKey security on SMI MADs
authorDaniel Jurgens <danielj@mellanox.com>
Tue, 5 Dec 2017 20:30:02 +0000 (22:30 +0200)
committerDoug Ledford <dledford@redhat.com>
Thu, 7 Dec 2017 20:28:06 +0000 (15:28 -0500)
commit0fbe8f575b15585eec3326e43708fbbc024e8486
tree23d4180b82f69452cfe13f2d3c7ddb7d339975a4tree
parent4cae8ff136782d77b108cb3a5ba53e60597ba3a6commit | diff
IB/core: Don't enforce PKey security on SMI MADs

Per the infiniband spec an SMI MAD can have any PKey. Checking the pkey
on SMI MADs is not necessary, and it seems that some older adapters
using the mthca driver don't follow the convention of using the default
PKey, resulting in false denials, or errors querying the PKey cache.

SMI MAD security is still enforced, only agents allowed to manage the
subnet are able to receive or send SMI MADs.

Reported-by: Chris Blake <chrisrblake93@gmail.com>
Cc: <stable@vger.kernel.org> # v4.12
Fixes: 47a2b338fe63 ("IB/core: Enforce security on management datagrams")
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leon@kernel.org>
Signed-off-by: Doug Ledford <dledford@redhat.com>
drivers/infiniband/core/security.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.