kernel/drivers/infiniband/core/security.c, branch linux-5.1.yHosts the 0x221E linux distro kernel.https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-5.1.y2019-02-19T17:13:39ZRDMA/device: Consolidate ib_device per_port data into one place2019-02-19T17:13:39ZJason Gunthorpejgg@mellanox.com2019-02-13T04:12:48Zurn:sha1:8ceb1357b33790193e9d55d2d09bcfd6bd59dd6d
There is no reason to have three allocations of per-port data. Combine
them together and make the lifetime for all the per-port data match the
struct ib_device.
Following patches will require more port-specific data, now there is a
good place to put it.
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
RDMA: Add and use rdma_for_each_port2019-02-19T17:13:39ZJason Gunthorpejgg@mellanox.com2019-02-13T04:12:47Zurn:sha1:ea1075edcbab7d92f4e4ccf5490043f796bf78be
We have many loops iterating over all of the end port numbers on a struct
ib_device, simplify them with a for_each helper.
Reviewed-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
RDMA/device: Ensure that security memory is always freed2019-02-08T23:56:45ZJason Gunthorpejgg@mellanox.com2019-02-07T05:41:48Zurn:sha1:b34b269ad85d7dd4a512487f2395c3be3e40f76a
Since this only frees memory it should be done during the release
callback. Otherwise there are possible error flows where it might not get
called if registration aborts.
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
IB/core: Don't register each MAD agent for LSM notifier2019-02-08T23:24:44ZDaniel Jurgensdanielj@mellanox.com2019-02-02T09:09:45Zurn:sha1:c66f67414c1f88554485bb2a0abf8b5c0d741de7
When creating many MAD agents in a short period of time, receive packet
processing can be delayed long enough to cause timeouts while new agents
are being added to the atomic notifier chain with IRQs disabled. Notifier
chain registration and unregstration is an O(n) operation. With large
numbers of MAD agents being created and destroyed simultaneously the CPUs
spend too much time with interrupts disabled.
Instead of each MAD agent registering for it's own LSM notification,
maintain a list of agents internally and register once, this registration
already existed for handling the PKeys. This list is write mostly, so a
normal spin lock is used vs a read/write lock. All MAD agents must be
checked, so a single list is used instead of breaking them down per
device.
Notifier calls are done under rcu_read_lock, so there isn't a risk of
similar packet timeouts while checking the MAD agents security settings
when notified.
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
IB/core: Fix potential memory leak while creating MAD agents2019-02-08T23:24:44ZDaniel Jurgensdanielj@mellanox.com2019-02-02T09:09:43Zurn:sha1:6e88e672b69f0e627acdae74a527b730ea224b6b
If the MAD agents isn't allowed to manage the subnet, or fails to register
for the LSM notifier, the security context is leaked. Free the context in
these cases.
Fixes: 47a2b338fe63 ("IB/core: Enforce security on management datagrams")
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Reported-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
IB/core: Unregister notifier before freeing MAD security2019-02-08T23:24:44ZDaniel Jurgensdanielj@mellanox.com2019-02-02T09:09:42Zurn:sha1:d60667fc398ed34b3c7456b020481c55c760e503
If the notifier runs after the security context is freed an access of
freed memory can occur.
Fixes: 47a2b338fe63 ("IB/core: Enforce security on management datagrams")
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
RDMA: Start use ib_device_ops2018-12-12T14:40:16ZKamal Heibkamalheib1@gmail.com2018-12-10T19:09:48Zurn:sha1:3023a1e93656c02b8d6a3a46e712b815843fa514
Make all the required change to start use the ib_device_ops structure.
Signed-off-by: Kamal Heib <kamalheib1@gmail.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
RDMA/core: Use dev_name instead of ibdev->name2018-09-26T19:51:48ZJason Gunthorpejgg@mellanox.com2018-09-20T22:42:25Zurn:sha1:896de0090a85f4c3a2b37fc0f46215a73c5b5429
These return the same thing but dev_name is a more conventional use of the
kernel API.
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Reviewed-by: Steve Wise <swise@opengridcomputing.com>
Reviewed-by: Leon Romanovsky <leonro@mellanox.com>
Reviewed-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
IB/core: Use CONFIG_SECURITY_INFINIBAND to compile out security code2018-05-01T15:16:36ZParav Panditparav@mellanox.com2018-04-26T07:56:34Zurn:sha1:2f6e51365727a1428d281821ec928904c723e47d
Make security.c depends on CONFIG_SECURITY_INFINIBAND.
Reviewed-by: Daniel Jurgens <danielj@mellanox.com>
Signed-off-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Merge branch 'from-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git2017-12-28T04:50:46ZJason Gunthorpejgg@mellanox.com2017-12-28T04:50:46Zurn:sha1:76a895d9e1332ca3cfa3edff3dc04420dfd7d603
Patches for 4.16 that are dependent on patches sent to 4.15-rc.
These are small clean ups for the vmw_pvrdma and i40iw drivers.
* 'from-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git:
RDMA/vmw_pvrdma: Remove usage of BIT() from UAPI header
RDMA/vmw_pvrdma: Use refcount_t instead of atomic_t
RDMA/vmw_pvrdma: Use more specific sizeof in kcalloc
RDMA/vmw_pvrdma: Clarify QP and CQ is_kernel logic
RDMA/vmw_pvrdma: Add UAR SRQ macros in ABI header file
i40iw: Change accelerated flag to bool