From mboxrd@z Thu Jan 1 00:00:00 1970 From: Aleksey Senin Subject: [PATCH V2 2/3] Security check on QP type Date: Wed, 03 Nov 2010 16:35:49 +0200 Message-ID: <4CD17345.7040400@voltaire.com> References: <4CD171F0.8020506@voltaire.com> <4CD172C8.4010700@voltaire.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <4CD172C8.4010700-smomgflXvOZWk0Htik3J/w@public.gmane.org> Sender: linux-rdma-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org Cc: Roland Dreier , Moni Shoua , Alex Rosenbaum List-Id: linux-rdma@vger.kernel.org Check if user process has permission to create RAW_PACKET QP. In order to prevent regular user from creating malicious packets, at the time of QP creation, kernel will check if the process has necessary permissions. This examination areis done in uverbs layer and is general for all low level drivers. Signed-off-by: Aleksey Senin --- drivers/infiniband/core/uverbs_cmd.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c index 6fcfbeb..87025fc 100644 --- a/drivers/infiniband/core/uverbs_cmd.c +++ b/drivers/infiniband/core/uverbs_cmd.c @@ -1050,6 +1050,9 @@ ssize_t ib_uverbs_create_qp(struct ib_uverbs_file *file, if (copy_from_user(&cmd, buf, sizeof cmd)) return -EFAULT; + if (cmd.qp_type == IB_QPT_RAW_PACKET && !capable(CAP_NET_RAW)) + return -EPERM; + INIT_UDATA(&udata, buf + sizeof cmd, (unsigned long) cmd.response + sizeof resp, in_len - sizeof cmd, out_len - sizeof resp); -- 1.6.4.2 -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html