From: Sagi Grimberg <sagi-NQWnxTmZq1alnMjI0IkVqw@public.gmane.org>
To: Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: protection domain question
Date: Sun, 10 Apr 2016 17:27:03 +0300 [thread overview]
Message-ID: <570A62B7.9020200@grimberg.me> (raw)
In-Reply-To: <20160409190331.GA23186-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
> As far as I can tell from reading the Verbs spec the raison d'êtrefor
> protection domains is to allow associating MRs with different address
> spaces in userspace programs.
The PD number is enforced when accessing the associated MRs (via the
associated QPs). So if someone is accessing a MR that is associated
with a PD via a queue-pair that is not it will fail (its a security
thing).
> Is there any good reason to have each kernel driver create it's own PDs
> instead of simply creating one per device and sticking it into the
> ib_device structure?
There is a theoretical breach here. Say you're connected with a srp
channel to a target, and you send out rkey X to your peer. In case
there is a man-in-the-middle who sniffs it, he can theoretically
read/write to your rkey by connecting to IPoIB in RC mode (which
will connect to anyone).
The fact that srp has it's own PD prevents this from happening.
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2016-04-10 14:27 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-09 19:03 protection domain question Christoph Hellwig
[not found] ` <20160409190331.GA23186-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2016-04-10 14:27 ` Sagi Grimberg [this message]
[not found] ` <570A62B7.9020200-NQWnxTmZq1alnMjI0IkVqw@public.gmane.org>
2016-04-10 14:55 ` Christoph Hellwig
[not found] ` <20160410145511.GB2409-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2016-04-10 19:10 ` santosh.shilimkar-QHcLZuEGTsvQT0dZR+AlfA
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=570A62B7.9020200@grimberg.me \
--to=sagi-nqwnxtmzq1alnmji0ikvqw@public.gmane.org \
--cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.