From: Leon Romanovsky <leon@kernel.org>
To: Daniel Jurgens <danielj@mellanox.com>
Cc: Don Dutile <ddutile@redhat.com>,
Doug Ledford <dledford@redhat.com>,
Jason Gunthorpe <jgg@mellanox.com>,
linux-rdma@vger.kernel.org, Paul Moore <paul@paul-moore.com>,
stable@vger.kernel.org
Subject: Re: [PATCH rdma-rc v2] IB/core: Only enforce security for InfiniBand
Date: Wed, 29 Nov 2017 07:11:15 +0200 [thread overview]
Message-ID: <20171129051115.GS29104@mtr-leonro.local> (raw)
In-Reply-To: <69c9bc09-7d95-3fef-f1c9-487b34af8300@mellanox.com>
[-- Attachment #1: Type: text/plain, Size: 3738 bytes --]
On Tue, Nov 28, 2017 at 03:03:39PM -0600, Daniel Jurgens wrote:
> On 11/28/2017 2:38 PM, Don Dutile wrote:
> > On 11/27/2017 06:28 PM, Don Dutile wrote:
> >> On 11/27/2017 05:58 PM, Daniel Jurgens wrote:
> >>> On 11/27/2017 4:03 PM, Don Dutile wrote:
> >>>> On 11/27/2017 06:25 AM, Leon Romanovsky wrote:
> >>>>> From: Daniel Jurgens <danielj@mellanox.com>
> >>>>>
> >>>>>
> >>>>> - if (pps_change && !special_qp) {
> >>>>> + if (pps_change && !special_qp && real_qp->qp_sec) {
> >>>>> mutex_lock(&real_qp->qp_sec->mutex);
> >>>>> new_pps = get_new_pps(real_qp,
> >>>>> qp_attr,
> >>>>> @@ -600,7 +627,7 @@ int ib_security_modify_qp(struct ib_qp *qp,
> >>>>> qp_attr_mask,
> >>>>> udata);
> >>>>>
> >>>>> - if (pps_change && !special_qp) {
> >>>>> + if (pps_change && !special_qp && real_qp->qp_sec) {
> >>>>> /* Clean up the lists and free the appropriate
> >>>>> * ports_pkeys structure.
> >>>>> */
> >>>>>
> >>>> This patch breaks the kernel build on RHEL b/c it generates
> >>>> a warning in the second if (pps_change && !special_qp && real_qp->qp_sec) {}
> >>>> that new_pps may not be assigned. ... build warnings in RHEL kernel == build failure (on x86).
> >>>>
> >>>> That's b/c the patch adds real_qp->qp_sec to if's conditions,
> >>>> and the compiler cannot determine if real_qp->qp_sec cannot be modified
> >>>> between the first check like it, above, which sets the value of new_pps,
> >>>> and the second check that uses it, because real_qp is passed into the device->modify()
> >>>> function call btwn those two if() check's.
> >>>>
> >>>> The code needs to do something like this in the first if-check:
> >>>> .....
> >>>> bool new_pps_gotten = false;
> >>>> ....
> >>>>
> >>>> if (pps_change && !special_qp && real_qp->qp_sec) {
> >>>> mutex_lock(&real_qp->qp_sec->mutex);
> >>>> new_pps = get_new_pps(real_qp,
> >>>> qp_attr,
> >>>> qp_attr_mask);
> >>>> new_pps_gotten = true;
> >>>> ....
> >>>> }
> >>>> ....
> >>>>
> >>>> and change the second if check to be:
> >>>>
> >>>> if (new_pps_gotten) {
> >>>> * Clean up the lists and free the appropriate
> >>>> .....
> >>>>
> >>>
> >>> Thanks Don, I think it's better to initialize new_pps to NULL, vs introducing a new variable. Also, there needs to be a check of new_pps after getting it.
> >>>
> >> yup, I considered that as well.
> >> wasn't sure if lockdep checking code would not like the fact that a mutex_lock() could be taken,
> >> but if new_pps == NULL after the get call(it may always succeed, but an analyzer may not conclude the same),
> >> that the mutex_unlock() wouldn't be called.
> >>
> >> the double, same-condition if-check with the fcn call in btwn seems like it ought to be
> >> restructured differently so the mutex lock/unlock pairs are contained neatly in a single if-clause,
> >> and the new_pps alloc & use would be similarly containted.
> >>
> >> -dd
> >>
> >> -
> > Is someone doing a v3? I didn't see an email today w/another patch version.
> > ... at least I wasn't directly cc'd on one anyhow... off to check linux-rdma folder...
> > nothing there... and I don't find a v3 in Leon's tree either.
> >
> >
> I sent a fix-up patch to Leon, but it seems he didn't get to it today. I'll resend this afternoon.
Thanks Daniel for handling this.
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
prev parent reply other threads:[~2017-11-29 5:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-27 11:25 [PATCH rdma-rc v2] IB/core: Only enforce security for InfiniBand Leon Romanovsky
2017-11-27 11:25 ` Leon Romanovsky
2017-11-27 22:03 ` Don Dutile
2017-11-27 22:58 ` Daniel Jurgens
2017-11-27 22:58 ` Daniel Jurgens
[not found] ` <47653af5-68af-0aa1-e811-0d6d42935648-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2017-11-27 23:28 ` Don Dutile
2017-11-27 23:28 ` Don Dutile
[not found] ` <16d5d4c2-ea9e-765a-b0b7-a867c6a757d6-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-11-28 20:38 ` Don Dutile
2017-11-28 20:38 ` Don Dutile
2017-11-28 21:03 ` Daniel Jurgens
2017-11-28 21:03 ` Daniel Jurgens
2017-11-29 5:11 ` Leon Romanovsky [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171129051115.GS29104@mtr-leonro.local \
--to=leon@kernel.org \
--cc=danielj@mellanox.com \
--cc=ddutile@redhat.com \
--cc=dledford@redhat.com \
--cc=jgg@mellanox.com \
--cc=linux-rdma@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.